From 8922d4bc4a8b8893d72a48deb2cdf58215f98505 Mon Sep 17 00:00:00 2001 From: djm <> Date: Fri, 1 Oct 2010 22:59:01 +0000 Subject: resolve conflicts, fix local changes --- src/lib/libcrypto/Makefile.ssl | 218 -- src/lib/libcrypto/aes/Makefile.ssl | 103 - src/lib/libcrypto/aes/aes.h | 28 +- src/lib/libcrypto/aes/aes_cbc.c | 82 +- src/lib/libcrypto/aes/aes_cfb.c | 160 +- src/lib/libcrypto/aes/aes_core.c | 209 +- src/lib/libcrypto/aes/aes_ctr.c | 90 +- src/lib/libcrypto/aes/aes_ofb.c | 94 +- src/lib/libcrypto/aes/asm/aes-586.pl | 2447 ++++++++++++--- src/lib/libcrypto/aes/asm/aes-x86_64.pl | 2 +- src/lib/libcrypto/asn1/Makefile.ssl | 1152 ------- src/lib/libcrypto/asn1/a_bitstr.c | 23 + src/lib/libcrypto/asn1/a_dup.c | 2 +- src/lib/libcrypto/asn1/a_gentm.c | 23 +- src/lib/libcrypto/asn1/a_hdr.c | 119 - src/lib/libcrypto/asn1/a_int.c | 10 +- src/lib/libcrypto/asn1/a_mbstr.c | 2 +- src/lib/libcrypto/asn1/a_meth.c | 84 - src/lib/libcrypto/asn1/a_object.c | 35 +- src/lib/libcrypto/asn1/a_octet.c | 4 +- src/lib/libcrypto/asn1/a_set.c | 45 +- src/lib/libcrypto/asn1/a_sign.c | 78 +- src/lib/libcrypto/asn1/a_strnid.c | 18 +- src/lib/libcrypto/asn1/a_time.c | 40 +- src/lib/libcrypto/asn1/a_type.c | 53 +- src/lib/libcrypto/asn1/a_utctm.c | 21 +- src/lib/libcrypto/asn1/a_verify.c | 31 +- src/lib/libcrypto/asn1/asn1.h | 247 +- src/lib/libcrypto/asn1/asn1_err.c | 22 +- src/lib/libcrypto/asn1/asn1_lib.c | 36 +- src/lib/libcrypto/asn1/asn1_mac.h | 7 + src/lib/libcrypto/asn1/asn1_par.c | 17 +- src/lib/libcrypto/asn1/asn1t.h | 71 +- src/lib/libcrypto/asn1/asn_mime.c | 88 +- src/lib/libcrypto/asn1/asn_pack.c | 8 +- src/lib/libcrypto/asn1/charmap.h | 2 +- src/lib/libcrypto/asn1/d2i_pr.c | 97 +- src/lib/libcrypto/asn1/d2i_pu.c | 10 +- src/lib/libcrypto/asn1/f.c | 80 - src/lib/libcrypto/asn1/i2d_pr.c | 39 +- src/lib/libcrypto/asn1/nsseq.c | 5 +- src/lib/libcrypto/asn1/p5_pbe.c | 105 +- src/lib/libcrypto/asn1/p5_pbev2.c | 54 +- src/lib/libcrypto/asn1/p8_key.c | 131 - src/lib/libcrypto/asn1/p8_pkey.c | 75 +- src/lib/libcrypto/asn1/t_pkey.c | 729 +---- src/lib/libcrypto/asn1/t_req.c | 28 +- src/lib/libcrypto/asn1/t_spki.c | 31 +- src/lib/libcrypto/asn1/t_x509.c | 64 +- src/lib/libcrypto/asn1/tasn_dec.c | 24 +- src/lib/libcrypto/asn1/tasn_enc.c | 11 +- src/lib/libcrypto/asn1/tasn_fre.c | 8 +- src/lib/libcrypto/asn1/tasn_new.c | 23 +- src/lib/libcrypto/asn1/tasn_prn.c | 625 +++- src/lib/libcrypto/asn1/tasn_typ.c | 11 + src/lib/libcrypto/asn1/x_cinf.c | 201 -- src/lib/libcrypto/asn1/x_crl.c | 391 ++- src/lib/libcrypto/asn1/x_long.c | 10 +- src/lib/libcrypto/asn1/x_name.c | 298 +- src/lib/libcrypto/asn1/x_pubkey.c | 304 +- src/lib/libcrypto/asn1/x_req.c | 3 +- src/lib/libcrypto/asn1/x_x509.c | 20 +- src/lib/libcrypto/bf/Makefile.ssl | 115 - src/lib/libcrypto/bf/asm/bf-586.pl | 3 +- src/lib/libcrypto/bf/bf_skey.c | 7 +- src/lib/libcrypto/bf/blowfish.h | 6 +- src/lib/libcrypto/bio/Makefile.ssl | 216 -- src/lib/libcrypto/bio/b_print.c | 9 +- src/lib/libcrypto/bio/b_sock.c | 242 +- src/lib/libcrypto/bio/bio.h | 64 +- src/lib/libcrypto/bio/bio_cb.c | 24 +- src/lib/libcrypto/bio/bio_err.c | 2 +- src/lib/libcrypto/bio/bio_lib.c | 4 +- src/lib/libcrypto/bio/bss_acpt.c | 8 +- src/lib/libcrypto/bio/bss_dgram.c | 380 ++- src/lib/libcrypto/bio/bss_fd.c | 27 +- src/lib/libcrypto/bio/bss_file.c | 67 +- src/lib/libcrypto/bio/bss_log.c | 55 +- src/lib/libcrypto/bio/bss_mem.c | 18 +- src/lib/libcrypto/bio/bss_sock.c | 13 - src/lib/libcrypto/bn/Makefile | 79 +- src/lib/libcrypto/bn/Makefile.ssl | 326 -- src/lib/libcrypto/bn/asm/alpha.s | 3199 -------------------- src/lib/libcrypto/bn/asm/alpha.s.works | 533 ---- src/lib/libcrypto/bn/asm/alpha.works/add.pl | 119 - src/lib/libcrypto/bn/asm/alpha.works/div.pl | 144 - src/lib/libcrypto/bn/asm/alpha.works/mul.pl | 116 - src/lib/libcrypto/bn/asm/alpha.works/mul_add.pl | 120 - src/lib/libcrypto/bn/asm/alpha.works/mul_c4.pl | 213 -- .../libcrypto/bn/asm/alpha.works/mul_c4.works.pl | 98 - src/lib/libcrypto/bn/asm/alpha.works/mul_c8.pl | 177 -- src/lib/libcrypto/bn/asm/alpha.works/sqr.pl | 113 - src/lib/libcrypto/bn/asm/alpha.works/sqr_c4.pl | 109 - src/lib/libcrypto/bn/asm/alpha.works/sqr_c8.pl | 132 - src/lib/libcrypto/bn/asm/alpha.works/sub.pl | 108 - src/lib/libcrypto/bn/asm/alpha/add.pl | 118 - src/lib/libcrypto/bn/asm/alpha/div.pl | 144 - src/lib/libcrypto/bn/asm/alpha/mul.pl | 104 - src/lib/libcrypto/bn/asm/alpha/mul_add.pl | 123 - src/lib/libcrypto/bn/asm/alpha/mul_c4.pl | 215 -- src/lib/libcrypto/bn/asm/alpha/mul_c4.works.pl | 98 - src/lib/libcrypto/bn/asm/alpha/mul_c8.pl | 177 -- src/lib/libcrypto/bn/asm/alpha/sqr.pl | 113 - src/lib/libcrypto/bn/asm/alpha/sqr_c4.pl | 109 - src/lib/libcrypto/bn/asm/alpha/sqr_c8.pl | 132 - src/lib/libcrypto/bn/asm/alpha/sub.pl | 108 - src/lib/libcrypto/bn/asm/bn-586.pl | 203 +- src/lib/libcrypto/bn/asm/bn-alpha.pl | 571 ---- src/lib/libcrypto/bn/asm/ca.pl | 33 - src/lib/libcrypto/bn/asm/co-586.pl | 3 +- src/lib/libcrypto/bn/asm/co-alpha.pl | 116 - src/lib/libcrypto/bn/asm/mips1.s | 539 ---- src/lib/libcrypto/bn/asm/mo-586.pl | 603 ---- src/lib/libcrypto/bn/asm/pa-risc.s | 710 ----- src/lib/libcrypto/bn/asm/r3000.s | 646 ---- src/lib/libcrypto/bn/asm/sparcv8plus.S | 15 +- src/lib/libcrypto/bn/bn.h | 181 +- src/lib/libcrypto/bn/bn_asm.c | 322 +- src/lib/libcrypto/bn/bn_blind.c | 17 +- src/lib/libcrypto/bn/bn_ctx.c | 6 +- src/lib/libcrypto/bn/bn_div.c | 13 +- src/lib/libcrypto/bn/bn_exp.c | 3 +- src/lib/libcrypto/bn/bn_gf2m.c | 142 +- src/lib/libcrypto/bn/bn_lcl.h | 3 +- src/lib/libcrypto/bn/bn_lib.c | 29 +- src/lib/libcrypto/bn/bn_mont.c | 269 +- src/lib/libcrypto/bn/bn_mul.c | 10 +- src/lib/libcrypto/bn/bn_opt.c | 87 - src/lib/libcrypto/bn/bn_print.c | 21 + src/lib/libcrypto/bn/bn_x931p.c | 272 -- src/lib/libcrypto/bn/bntest.c | 38 +- src/lib/libcrypto/bn/exptest.c | 4 +- src/lib/libcrypto/buffer/Makefile.ssl | 94 - src/lib/libcrypto/buffer/buf_err.c | 2 +- src/lib/libcrypto/buffer/buf_str.c | 116 - src/lib/libcrypto/buffer/buffer.c | 89 +- src/lib/libcrypto/buffer/buffer.h | 9 +- src/lib/libcrypto/cast/Makefile.ssl | 120 - src/lib/libcrypto/cast/asm/cast-586.pl | 3 +- src/lib/libcrypto/cast/c_cfb64.c | 3 +- src/lib/libcrypto/cast/c_ecb.c | 3 +- src/lib/libcrypto/cast/c_enc.c | 13 +- src/lib/libcrypto/cast/c_ofb64.c | 3 +- src/lib/libcrypto/cast/c_skey.c | 7 +- src/lib/libcrypto/cast/cast.h | 18 +- src/lib/libcrypto/cms/cms_smime.c | 22 +- src/lib/libcrypto/comp/Makefile.ssl | 114 - src/lib/libcrypto/comp/c_zlib.c | 1 + src/lib/libcrypto/comp/comp_err.c | 2 +- src/lib/libcrypto/conf/Makefile.ssl | 183 -- src/lib/libcrypto/conf/README | 47 +- src/lib/libcrypto/conf/conf.h | 35 +- src/lib/libcrypto/conf/conf_api.c | 134 +- src/lib/libcrypto/conf/conf_def.c | 11 +- src/lib/libcrypto/conf/conf_err.c | 4 +- src/lib/libcrypto/conf/conf_lib.c | 30 +- src/lib/libcrypto/conf/conf_mall.c | 2 - src/lib/libcrypto/conf/conf_mod.c | 8 +- src/lib/libcrypto/cpt_err.c | 2 +- src/lib/libcrypto/cryptlib.c | 508 +++- src/lib/libcrypto/crypto-lib.com | 184 +- src/lib/libcrypto/crypto.h | 104 +- src/lib/libcrypto/des/Makefile.ssl | 316 -- src/lib/libcrypto/des/asm/crypt586.pl | 5 +- src/lib/libcrypto/des/asm/des-586.pl | 282 +- src/lib/libcrypto/des/asm/des686.pl | 230 -- src/lib/libcrypto/des/des-lib.com | 66 +- src/lib/libcrypto/des/des_enc.c | 21 +- src/lib/libcrypto/des/des_lib.c | 106 - src/lib/libcrypto/des/des_locl.h | 6 +- src/lib/libcrypto/des/ecb_enc.c | 48 +- src/lib/libcrypto/des/enc_read.c | 12 +- src/lib/libcrypto/des/enc_writ.c | 4 + src/lib/libcrypto/des/fcrypt_b.c | 4 +- src/lib/libcrypto/des/rpc_des.h | 4 +- src/lib/libcrypto/des/set_key.c | 13 +- src/lib/libcrypto/des/times/aix.cc | 4 +- src/lib/libcrypto/des/xcbc_enc.c | 2 +- src/lib/libcrypto/dh/Makefile | 63 +- src/lib/libcrypto/dh/Makefile.ssl | 133 - src/lib/libcrypto/dh/dh.h | 41 +- src/lib/libcrypto/dh/dh_asn1.c | 10 +- src/lib/libcrypto/dh/dh_check.c | 8 +- src/lib/libcrypto/dh/dh_err.c | 21 +- src/lib/libcrypto/dh/dh_gen.c | 4 - src/lib/libcrypto/dh/dh_key.c | 4 - src/lib/libcrypto/doc/DSA_get_ex_new_index.pod | 2 +- src/lib/libcrypto/doc/EVP_DigestInit.pod | 23 +- src/lib/libcrypto/doc/EVP_SignInit.pod | 9 + src/lib/libcrypto/doc/EVP_VerifyInit.pod | 9 + src/lib/libcrypto/doc/d2i_RSAPublicKey.pod | 8 +- src/lib/libcrypto/doc/evp.pod | 22 +- src/lib/libcrypto/dsa/Makefile | 133 +- src/lib/libcrypto/dsa/Makefile.ssl | 171 -- src/lib/libcrypto/dsa/dsa.h | 69 +- src/lib/libcrypto/dsa/dsa_asn1.c | 96 +- src/lib/libcrypto/dsa/dsa_err.c | 26 +- src/lib/libcrypto/dsa/dsa_gen.c | 124 +- src/lib/libcrypto/dsa/dsa_key.c | 4 - src/lib/libcrypto/dsa/dsa_lib.c | 49 +- src/lib/libcrypto/dsa/dsa_ossl.c | 48 +- src/lib/libcrypto/dsa/dsa_sign.c | 35 +- src/lib/libcrypto/dsa/dsa_utl.c | 95 - src/lib/libcrypto/dsa/dsa_vrf.c | 37 +- src/lib/libcrypto/dsa/dsatest.c | 3 +- src/lib/libcrypto/dso/Makefile.ssl | 142 - src/lib/libcrypto/dso/dso.h | 43 +- src/lib/libcrypto/dso/dso_dl.c | 56 +- src/lib/libcrypto/dso/dso_dlfcn.c | 157 +- src/lib/libcrypto/dso/dso_err.c | 14 +- src/lib/libcrypto/dso/dso_lib.c | 35 +- src/lib/libcrypto/dso/dso_null.c | 4 +- src/lib/libcrypto/dso/dso_openssl.c | 2 + src/lib/libcrypto/dso/dso_vms.c | 12 +- src/lib/libcrypto/dso/dso_win32.c | 228 +- src/lib/libcrypto/dyn_lck.c | 428 --- src/lib/libcrypto/ec/Makefile.ssl | 128 - src/lib/libcrypto/ec/ec.h | 814 ++++- src/lib/libcrypto/ec/ec2_smpl.c | 112 +- src/lib/libcrypto/ec/ec2_smpt.c | 74 - src/lib/libcrypto/ec/ec_err.c | 21 +- src/lib/libcrypto/ec/ec_lcl.h | 13 +- src/lib/libcrypto/ec/ec_lib.c | 4 +- src/lib/libcrypto/ec/ec_mult.c | 22 +- src/lib/libcrypto/ec/ecp_nist.c | 26 - src/lib/libcrypto/ec/ecp_recp.c | 133 - src/lib/libcrypto/ec/ectest.c | 14 +- src/lib/libcrypto/ecdh/Makefile | 33 +- src/lib/libcrypto/ecdsa/Makefile | 46 +- src/lib/libcrypto/engine/Makefile | 297 +- src/lib/libcrypto/engine/Makefile.ssl | 538 ---- src/lib/libcrypto/engine/eng_all.c | 19 +- src/lib/libcrypto/engine/eng_cnf.c | 17 +- src/lib/libcrypto/engine/eng_cryptodev.c | 2 +- src/lib/libcrypto/engine/eng_ctrl.c | 8 +- src/lib/libcrypto/engine/eng_dyn.c | 14 +- src/lib/libcrypto/engine/eng_err.c | 6 +- src/lib/libcrypto/engine/eng_fat.c | 14 + src/lib/libcrypto/engine/eng_int.h | 12 +- src/lib/libcrypto/engine/eng_lib.c | 3 + src/lib/libcrypto/engine/eng_list.c | 2 + src/lib/libcrypto/engine/eng_openssl.c | 2 +- src/lib/libcrypto/engine/eng_table.c | 72 +- src/lib/libcrypto/engine/engine.h | 55 +- src/lib/libcrypto/engine/enginetest.c | 2 +- src/lib/libcrypto/engine/hw.ec | 8 - src/lib/libcrypto/engine/hw_4758_cca.c | 969 ------ src/lib/libcrypto/engine/hw_4758_cca_err.c | 149 - src/lib/libcrypto/engine/hw_4758_cca_err.h | 93 - src/lib/libcrypto/engine/hw_aep.c | 1120 ------- src/lib/libcrypto/engine/hw_aep_err.c | 157 - src/lib/libcrypto/engine/hw_aep_err.h | 101 - src/lib/libcrypto/engine/hw_atalla.c | 595 ---- src/lib/libcrypto/engine/hw_atalla_err.c | 145 - src/lib/libcrypto/engine/hw_atalla_err.h | 89 - src/lib/libcrypto/engine/hw_cswift.c | 1109 ------- src/lib/libcrypto/engine/hw_cswift_err.c | 149 - src/lib/libcrypto/engine/hw_cswift_err.h | 93 - src/lib/libcrypto/engine/hw_ncipher.c | 1388 --------- src/lib/libcrypto/engine/hw_ncipher_err.c | 157 - src/lib/libcrypto/engine/hw_ncipher_err.h | 101 - src/lib/libcrypto/engine/hw_nuron.c | 418 --- src/lib/libcrypto/engine/hw_nuron_err.c | 142 - src/lib/libcrypto/engine/hw_nuron_err.h | 86 - src/lib/libcrypto/engine/hw_sureware.c | 1039 ------- src/lib/libcrypto/engine/hw_sureware_err.c | 150 - src/lib/libcrypto/engine/hw_sureware_err.h | 94 - src/lib/libcrypto/engine/hw_ubsec.c | 1061 ------- src/lib/libcrypto/engine/hw_ubsec_err.c | 151 - src/lib/libcrypto/engine/hw_ubsec_err.h | 95 - src/lib/libcrypto/engine/vendor_defns/aep.h | 178 -- src/lib/libcrypto/engine/vendor_defns/atalla.h | 48 - src/lib/libcrypto/engine/vendor_defns/cswift.h | 234 -- .../libcrypto/engine/vendor_defns/hw_4758_cca.h | 149 - src/lib/libcrypto/engine/vendor_defns/hw_ubsec.h | 100 - .../libcrypto/engine/vendor_defns/hwcryptohook.h | 486 --- src/lib/libcrypto/engine/vendor_defns/sureware.h | 239 -- src/lib/libcrypto/err/Makefile.ssl | 119 - src/lib/libcrypto/err/err.c | 789 ++++- src/lib/libcrypto/err/err.h | 77 +- src/lib/libcrypto/err/err_all.c | 13 +- src/lib/libcrypto/err/err_bio.c | 75 - src/lib/libcrypto/err/err_def.c | 665 ---- src/lib/libcrypto/err/err_prn.c | 77 +- src/lib/libcrypto/err/err_str.c | 295 -- src/lib/libcrypto/err/openssl.ec | 9 +- src/lib/libcrypto/evp/Makefile | 782 ++--- src/lib/libcrypto/evp/Makefile.ssl | 1059 ------- src/lib/libcrypto/evp/bio_b64.c | 77 +- src/lib/libcrypto/evp/bio_enc.c | 6 +- src/lib/libcrypto/evp/bio_md.c | 16 +- src/lib/libcrypto/evp/c_all.c | 2 +- src/lib/libcrypto/evp/c_allc.c | 5 +- src/lib/libcrypto/evp/c_alld.c | 8 +- src/lib/libcrypto/evp/dig_eng.c | 180 -- src/lib/libcrypto/evp/digest.c | 211 +- src/lib/libcrypto/evp/e_aes.c | 35 +- src/lib/libcrypto/evp/e_des.c | 91 +- src/lib/libcrypto/evp/e_des3.c | 95 +- src/lib/libcrypto/evp/e_idea.c | 2 +- src/lib/libcrypto/evp/e_null.c | 8 +- src/lib/libcrypto/evp/e_rc2.c | 5 + src/lib/libcrypto/evp/e_rc4.c | 5 +- src/lib/libcrypto/evp/e_xcbc_d.c | 19 +- src/lib/libcrypto/evp/enc_min.c | 390 --- src/lib/libcrypto/evp/encode.c | 4 +- src/lib/libcrypto/evp/evp.h | 539 +++- src/lib/libcrypto/evp/evp_cnf.c | 125 - src/lib/libcrypto/evp/evp_enc.c | 267 +- src/lib/libcrypto/evp/evp_err.c | 60 +- src/lib/libcrypto/evp/evp_key.c | 9 +- src/lib/libcrypto/evp/evp_lib.c | 44 +- src/lib/libcrypto/evp/evp_locl.h | 155 +- src/lib/libcrypto/evp/evp_pbe.c | 266 +- src/lib/libcrypto/evp/evp_pkey.c | 646 +--- src/lib/libcrypto/evp/evp_test.c | 6 +- src/lib/libcrypto/evp/m_dss.c | 2 +- src/lib/libcrypto/evp/m_dss1.c | 5 +- src/lib/libcrypto/evp/m_md2.c | 1 - src/lib/libcrypto/evp/m_md4.c | 1 - src/lib/libcrypto/evp/m_md5.c | 1 - src/lib/libcrypto/evp/m_mdc2.c | 3 +- src/lib/libcrypto/evp/m_sha.c | 1 - src/lib/libcrypto/evp/m_sha1.c | 17 +- src/lib/libcrypto/evp/names.c | 87 +- src/lib/libcrypto/evp/p5_crpt.c | 39 +- src/lib/libcrypto/evp/p5_crpt2.c | 86 +- src/lib/libcrypto/evp/p_dec.c | 4 +- src/lib/libcrypto/evp/p_enc.c | 4 +- src/lib/libcrypto/evp/p_lib.c | 394 ++- src/lib/libcrypto/evp/p_open.c | 2 +- src/lib/libcrypto/evp/p_seal.c | 2 +- src/lib/libcrypto/evp/p_sign.c | 47 +- src/lib/libcrypto/evp/p_verify.c | 44 +- src/lib/libcrypto/ex_data.c | 42 +- src/lib/libcrypto/fips_err.c | 7 - src/lib/libcrypto/fips_err.h | 137 - src/lib/libcrypto/hmac/Makefile.ssl | 101 - src/lib/libcrypto/hmac/hmac.c | 90 +- src/lib/libcrypto/hmac/hmac.h | 9 +- src/lib/libcrypto/idea/Makefile.ssl | 91 - src/lib/libcrypto/idea/idea.h | 5 +- src/lib/libcrypto/install.com | 70 +- src/lib/libcrypto/krb5/Makefile.ssl | 90 - src/lib/libcrypto/lhash/Makefile.ssl | 93 - src/lib/libcrypto/lhash/lh_stats.c | 12 +- src/lib/libcrypto/lhash/lhash.c | 41 +- src/lib/libcrypto/lhash/lhash.h | 131 +- src/lib/libcrypto/md2/Makefile.ssl | 93 - src/lib/libcrypto/md2/md2.h | 3 - src/lib/libcrypto/md2/md2_dgst.c | 9 +- src/lib/libcrypto/md32_common.h | 12 +- src/lib/libcrypto/md4/Makefile.ssl | 91 - src/lib/libcrypto/md4/md4.h | 5 +- src/lib/libcrypto/md4/md4_dgst.c | 11 +- src/lib/libcrypto/md5/Makefile.ssl | 127 - src/lib/libcrypto/md5/asm/md5-586.pl | 3 +- src/lib/libcrypto/md5/asm/md5-sparcv9.S | 1031 ------- src/lib/libcrypto/md5/md5.h | 5 +- src/lib/libcrypto/md5/md5_dgst.c | 11 +- src/lib/libcrypto/md5/md5_locl.h | 2 + src/lib/libcrypto/mdc2/Makefile | 2 +- src/lib/libcrypto/mdc2/Makefile.ssl | 98 - src/lib/libcrypto/mdc2/mdc2.h | 4 +- src/lib/libcrypto/mem.c | 65 +- src/lib/libcrypto/mem_dbg.c | 258 +- src/lib/libcrypto/o_init.c | 86 - src/lib/libcrypto/o_time.c | 153 +- src/lib/libcrypto/o_time.h | 1 + src/lib/libcrypto/objects/Makefile.ssl | 123 - src/lib/libcrypto/objects/o_names.c | 47 +- src/lib/libcrypto/objects/obj_dat.c | 180 +- src/lib/libcrypto/objects/obj_dat.pl | 20 +- src/lib/libcrypto/objects/obj_err.c | 2 +- src/lib/libcrypto/objects/obj_lib.c | 35 +- src/lib/libcrypto/objects/obj_mac.num | 34 + src/lib/libcrypto/objects/objects.h | 97 +- src/lib/libcrypto/objects/objects.pl | 3 + src/lib/libcrypto/objects/objects.txt | 44 +- src/lib/libcrypto/ocsp/Makefile.ssl | 293 -- src/lib/libcrypto/ocsp/ocsp.h | 22 +- src/lib/libcrypto/ocsp/ocsp_cl.c | 1 - src/lib/libcrypto/ocsp/ocsp_err.c | 3 +- src/lib/libcrypto/ocsp/ocsp_ext.c | 47 +- src/lib/libcrypto/ocsp/ocsp_ht.c | 56 +- src/lib/libcrypto/ocsp/ocsp_lib.c | 3 + src/lib/libcrypto/ocsp/ocsp_prn.c | 23 +- src/lib/libcrypto/ocsp/ocsp_vfy.c | 4 +- src/lib/libcrypto/opensslconf.h.in | 20 - src/lib/libcrypto/opensslv.h | 10 +- src/lib/libcrypto/ossl_typ.h | 21 +- src/lib/libcrypto/pem/Makefile.ssl | 336 -- src/lib/libcrypto/pem/pem.h | 255 +- src/lib/libcrypto/pem/pem_all.c | 194 +- src/lib/libcrypto/pem/pem_err.c | 28 +- src/lib/libcrypto/pem/pem_info.c | 40 +- src/lib/libcrypto/pem/pem_lib.c | 100 +- src/lib/libcrypto/pem/pem_pkey.c | 109 +- src/lib/libcrypto/pem/pem_seal.c | 2 +- src/lib/libcrypto/pem/pem_x509.c | 1 - src/lib/libcrypto/pem/pem_xaux.c | 1 - src/lib/libcrypto/perlasm/alpha.pl | 434 --- src/lib/libcrypto/perlasm/x86_64-xlate.pl | 625 +++- src/lib/libcrypto/perlasm/x86asm.pl | 333 +- src/lib/libcrypto/perlasm/x86gas.pl | 24 +- src/lib/libcrypto/perlasm/x86ms.pl | 472 --- src/lib/libcrypto/perlasm/x86nasm.pl | 559 +--- src/lib/libcrypto/perlasm/x86unix.pl | 808 ----- src/lib/libcrypto/pkcs12/Makefile.ssl | 417 --- src/lib/libcrypto/pkcs12/p12_add.c | 20 +- src/lib/libcrypto/pkcs12/p12_attr.c | 2 +- src/lib/libcrypto/pkcs12/p12_crpt.c | 20 +- src/lib/libcrypto/pkcs12/p12_crt.c | 11 - src/lib/libcrypto/pkcs12/p12_key.c | 7 +- src/lib/libcrypto/pkcs12/p12_kiss.c | 163 +- src/lib/libcrypto/pkcs12/p12_mutl.c | 8 +- src/lib/libcrypto/pkcs12/p12_npas.c | 17 +- src/lib/libcrypto/pkcs12/p12_utl.c | 4 +- src/lib/libcrypto/pkcs12/pk12err.c | 2 +- src/lib/libcrypto/pkcs12/pkcs12.h | 6 +- src/lib/libcrypto/pkcs7/Makefile.ssl | 243 -- src/lib/libcrypto/pkcs7/pk7_asn1.c | 43 +- src/lib/libcrypto/pkcs7/pk7_attr.c | 66 +- src/lib/libcrypto/pkcs7/pk7_doit.c | 486 +-- src/lib/libcrypto/pkcs7/pk7_lib.c | 192 +- src/lib/libcrypto/pkcs7/pk7_mime.c | 669 +--- src/lib/libcrypto/pkcs7/pk7_smime.c | 263 +- src/lib/libcrypto/pkcs7/pkcs7.h | 59 +- src/lib/libcrypto/pkcs7/pkcs7err.c | 22 +- src/lib/libcrypto/pqueue/pq_compat.h | 152 - src/lib/libcrypto/rand/Makefile | 71 +- src/lib/libcrypto/rand/Makefile.ssl | 196 -- src/lib/libcrypto/rand/md_rand.c | 46 +- src/lib/libcrypto/rand/rand.h | 29 +- src/lib/libcrypto/rand/rand_egd.c | 2 +- src/lib/libcrypto/rand/rand_eng.c | 152 - src/lib/libcrypto/rand/rand_err.c | 20 +- src/lib/libcrypto/rand/rand_lcl.h | 11 - src/lib/libcrypto/rand/rand_lib.c | 71 +- src/lib/libcrypto/rand/rand_os2.c | 6 + src/lib/libcrypto/rand/rand_unix.c | 71 +- src/lib/libcrypto/rand/rand_win.c | 71 +- src/lib/libcrypto/rand/randfile.c | 33 +- src/lib/libcrypto/rc2/Makefile.ssl | 91 - src/lib/libcrypto/rc2/rc2.h | 4 +- src/lib/libcrypto/rc2/rc2_skey.c | 19 +- src/lib/libcrypto/rc4/Makefile.ssl | 110 - src/lib/libcrypto/rc4/asm/rc4-586.pl | 448 +-- src/lib/libcrypto/rc4/asm/rc4-amd64.pl | 227 -- src/lib/libcrypto/rc4/asm/rc4-ia64.S | 159 - src/lib/libcrypto/rc4/asm/rc4-x86_64.pl | 177 +- src/lib/libcrypto/rc4/rc4.h | 7 +- src/lib/libcrypto/rc4/rc4_enc.c | 16 +- src/lib/libcrypto/rc4/rc4_fblk.c | 75 - src/lib/libcrypto/rc4/rc4_skey.c | 21 +- src/lib/libcrypto/rc4/rc4test.c | 16 +- src/lib/libcrypto/rc5/Makefile.ssl | 108 - src/lib/libcrypto/rc5/rc5.h | 5 +- src/lib/libcrypto/ripemd/Makefile.ssl | 108 - src/lib/libcrypto/ripemd/asm/rmd-586.pl | 3 +- src/lib/libcrypto/ripemd/ripemd.h | 6 +- src/lib/libcrypto/ripemd/rmd_dgst.c | 11 +- src/lib/libcrypto/ripemd/rmd_locl.h | 2 +- src/lib/libcrypto/rsa/Makefile | 123 +- src/lib/libcrypto/rsa/Makefile.ssl | 241 -- src/lib/libcrypto/rsa/rsa.h | 89 +- src/lib/libcrypto/rsa/rsa_asn1.c | 16 +- src/lib/libcrypto/rsa/rsa_eay.c | 28 +- src/lib/libcrypto/rsa/rsa_eng.c | 348 --- src/lib/libcrypto/rsa/rsa_err.c | 29 +- src/lib/libcrypto/rsa/rsa_gen.c | 3 - src/lib/libcrypto/rsa/rsa_lib.c | 283 +- src/lib/libcrypto/rsa/rsa_oaep.c | 35 +- src/lib/libcrypto/rsa/rsa_sign.c | 88 +- src/lib/libcrypto/rsa/rsa_test.c | 2 +- src/lib/libcrypto/rsa/rsa_x931g.c | 255 -- src/lib/libcrypto/sha/Makefile.ssl | 116 - src/lib/libcrypto/sha/asm/sha1-586.pl | 1 + src/lib/libcrypto/sha/asm/sha512-sse2.pl | 404 --- src/lib/libcrypto/sha/sha.h | 5 +- src/lib/libcrypto/sha/sha1_one.c | 2 +- src/lib/libcrypto/sha/sha1dgst.c | 4 - src/lib/libcrypto/sha/sha1s.cpp | 82 - src/lib/libcrypto/sha/sha_dgst.c | 6 - src/lib/libcrypto/sha/sha_locl.h | 11 +- src/lib/libcrypto/sha/shatest.c | 4 +- src/lib/libcrypto/stack/Makefile.ssl | 88 - src/lib/libcrypto/stack/safestack.h | 1008 ++++-- src/lib/libcrypto/stack/stack.c | 85 +- src/lib/libcrypto/stack/stack.h | 49 +- src/lib/libcrypto/symhacks.h | 106 +- src/lib/libcrypto/threads/mttest.c | 99 + src/lib/libcrypto/threads/pthreads-vms.com | 9 +- src/lib/libcrypto/tmdiff.c | 260 -- src/lib/libcrypto/tmdiff.h | 93 - src/lib/libcrypto/ts/ts_rsp_verify.c | 8 +- src/lib/libcrypto/txt_db/Makefile.ssl | 88 - src/lib/libcrypto/txt_db/txt_db.c | 76 +- src/lib/libcrypto/txt_db/txt_db.h | 19 +- src/lib/libcrypto/ui/Makefile.ssl | 117 - src/lib/libcrypto/ui/ui.h | 4 +- src/lib/libcrypto/ui/ui_err.c | 2 +- src/lib/libcrypto/ui/ui_lib.c | 19 + src/lib/libcrypto/ui/ui_openssl.c | 14 +- src/lib/libcrypto/util/arx.pl | 15 - src/lib/libcrypto/util/checkhash.pl | 222 -- src/lib/libcrypto/util/ck_errf.pl | 22 +- src/lib/libcrypto/util/clean-depend.pl | 1 + src/lib/libcrypto/util/copy.pl | 11 + src/lib/libcrypto/util/cygwin.sh | 4 +- src/lib/libcrypto/util/domd | 10 +- src/lib/libcrypto/util/fipslink.pl | 78 - src/lib/libcrypto/util/libeay.num | 987 ++++-- src/lib/libcrypto/util/mk1mf.pl | 561 +--- src/lib/libcrypto/util/mkdef.pl | 76 +- src/lib/libcrypto/util/mkerr.pl | 113 +- src/lib/libcrypto/util/mkfiles.pl | 32 +- src/lib/libcrypto/util/mklink.pl | 13 +- src/lib/libcrypto/util/mksdef.pl | 87 - src/lib/libcrypto/util/mkstack.pl | 74 +- src/lib/libcrypto/util/pl/BC-16.pl | 151 - src/lib/libcrypto/util/pl/BC-32.pl | 2 +- src/lib/libcrypto/util/pl/Mingw32.pl | 6 +- src/lib/libcrypto/util/pl/VC-16.pl | 177 -- src/lib/libcrypto/util/pl/VC-32-GMAKE.pl | 222 -- src/lib/libcrypto/util/pl/VC-32.pl | 341 +-- src/lib/libcrypto/util/pl/VC-CE.pl | 116 - src/lib/libcrypto/util/pod2man.pl | 2 +- src/lib/libcrypto/util/point.sh | 2 +- src/lib/libcrypto/util/selftest.pl | 4 +- src/lib/libcrypto/util/ssleay.num | 27 +- src/lib/libcrypto/x509/Makefile.ssl | 594 ---- src/lib/libcrypto/x509/by_dir.c | 226 +- src/lib/libcrypto/x509/by_file.c | 2 +- src/lib/libcrypto/x509/x509.h | 258 +- src/lib/libcrypto/x509/x509_cmp.c | 237 +- src/lib/libcrypto/x509/x509_err.c | 5 +- src/lib/libcrypto/x509/x509_lu.c | 215 +- src/lib/libcrypto/x509/x509_obj.c | 2 +- src/lib/libcrypto/x509/x509_req.c | 24 +- src/lib/libcrypto/x509/x509_set.c | 4 +- src/lib/libcrypto/x509/x509_trs.c | 3 +- src/lib/libcrypto/x509/x509_txt.c | 24 +- src/lib/libcrypto/x509/x509_vfy.c | 951 +++++- src/lib/libcrypto/x509/x509_vfy.h | 38 +- src/lib/libcrypto/x509/x509cset.c | 4 +- src/lib/libcrypto/x509/x509name.c | 2 +- src/lib/libcrypto/x509/x509type.c | 4 + src/lib/libcrypto/x509/x_all.c | 7 - src/lib/libcrypto/x509v3/Makefile.ssl | 603 ---- src/lib/libcrypto/x509v3/ext_dat.h | 13 +- src/lib/libcrypto/x509v3/pcy_data.c | 12 +- src/lib/libcrypto/x509v3/pcy_tree.c | 235 +- src/lib/libcrypto/x509v3/v3_addr.c | 25 +- src/lib/libcrypto/x509v3/v3_alt.c | 140 +- src/lib/libcrypto/x509v3/v3_asid.c | 10 +- src/lib/libcrypto/x509v3/v3_conf.c | 51 +- src/lib/libcrypto/x509v3/v3_cpols.c | 5 +- src/lib/libcrypto/x509v3/v3_crld.c | 552 +++- src/lib/libcrypto/x509v3/v3_enum.c | 19 +- src/lib/libcrypto/x509v3/v3_extku.c | 16 +- src/lib/libcrypto/x509v3/v3_genn.c | 153 +- src/lib/libcrypto/x509v3/v3_lib.c | 24 +- src/lib/libcrypto/x509v3/v3_ocsp.c | 62 +- src/lib/libcrypto/x509v3/v3_prn.c | 2 +- src/lib/libcrypto/x509v3/v3_purp.c | 194 +- src/lib/libcrypto/x509v3/v3_utl.c | 47 +- src/lib/libcrypto/x509v3/v3err.c | 13 +- src/lib/libcrypto/x509v3/x509v3.h | 173 +- src/lib/libcrypto/x86_64cpuid.pl | 256 +- 570 files changed, 21793 insertions(+), 53874 deletions(-) delete mode 100644 src/lib/libcrypto/Makefile.ssl delete mode 100644 src/lib/libcrypto/aes/Makefile.ssl delete mode 100644 src/lib/libcrypto/asn1/Makefile.ssl delete mode 100644 src/lib/libcrypto/asn1/a_hdr.c delete mode 100644 src/lib/libcrypto/asn1/a_meth.c delete mode 100644 src/lib/libcrypto/asn1/f.c delete mode 100644 src/lib/libcrypto/asn1/p8_key.c delete mode 100644 src/lib/libcrypto/asn1/x_cinf.c delete mode 100644 src/lib/libcrypto/bf/Makefile.ssl delete mode 100644 src/lib/libcrypto/bio/Makefile.ssl delete mode 100644 src/lib/libcrypto/bn/Makefile.ssl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.s delete mode 100644 src/lib/libcrypto/bn/asm/alpha.s.works delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/add.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/div.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/mul.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/mul_add.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/mul_c4.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/mul_c4.works.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/mul_c8.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/sqr.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/sqr_c4.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/sqr_c8.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha.works/sub.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/add.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/div.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/mul.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/mul_add.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/mul_c4.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/mul_c4.works.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/mul_c8.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/sqr.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/sqr_c4.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/sqr_c8.pl delete mode 100644 src/lib/libcrypto/bn/asm/alpha/sub.pl delete mode 100644 src/lib/libcrypto/bn/asm/bn-alpha.pl delete mode 100644 src/lib/libcrypto/bn/asm/ca.pl delete mode 100644 src/lib/libcrypto/bn/asm/co-alpha.pl delete mode 100644 src/lib/libcrypto/bn/asm/mips1.s delete mode 100644 src/lib/libcrypto/bn/asm/mo-586.pl delete mode 100644 src/lib/libcrypto/bn/asm/pa-risc.s delete mode 100644 src/lib/libcrypto/bn/asm/r3000.s delete mode 100644 src/lib/libcrypto/bn/bn_opt.c delete mode 100644 src/lib/libcrypto/bn/bn_x931p.c delete mode 100644 src/lib/libcrypto/buffer/Makefile.ssl delete mode 100644 src/lib/libcrypto/buffer/buf_str.c delete mode 100644 src/lib/libcrypto/cast/Makefile.ssl delete mode 100644 src/lib/libcrypto/comp/Makefile.ssl delete mode 100644 src/lib/libcrypto/conf/Makefile.ssl delete mode 100644 src/lib/libcrypto/des/Makefile.ssl delete mode 100644 src/lib/libcrypto/des/asm/des686.pl delete mode 100644 src/lib/libcrypto/des/des_lib.c delete mode 100644 src/lib/libcrypto/dh/Makefile.ssl delete mode 100644 src/lib/libcrypto/dsa/Makefile.ssl delete mode 100644 src/lib/libcrypto/dsa/dsa_utl.c delete mode 100644 src/lib/libcrypto/dso/Makefile.ssl delete mode 100644 src/lib/libcrypto/dyn_lck.c delete mode 100644 src/lib/libcrypto/ec/Makefile.ssl delete mode 100644 src/lib/libcrypto/ec/ec2_smpt.c delete mode 100644 src/lib/libcrypto/ec/ecp_recp.c delete mode 100644 src/lib/libcrypto/engine/Makefile.ssl delete mode 100644 src/lib/libcrypto/engine/hw.ec delete mode 100644 src/lib/libcrypto/engine/hw_4758_cca.c delete mode 100644 src/lib/libcrypto/engine/hw_4758_cca_err.c delete mode 100644 src/lib/libcrypto/engine/hw_4758_cca_err.h delete mode 100644 src/lib/libcrypto/engine/hw_aep.c delete mode 100644 src/lib/libcrypto/engine/hw_aep_err.c delete mode 100644 src/lib/libcrypto/engine/hw_aep_err.h delete mode 100644 src/lib/libcrypto/engine/hw_atalla.c delete mode 100644 src/lib/libcrypto/engine/hw_atalla_err.c delete mode 100644 src/lib/libcrypto/engine/hw_atalla_err.h delete mode 100644 src/lib/libcrypto/engine/hw_cswift.c delete mode 100644 src/lib/libcrypto/engine/hw_cswift_err.c delete mode 100644 src/lib/libcrypto/engine/hw_cswift_err.h delete mode 100644 src/lib/libcrypto/engine/hw_ncipher.c delete mode 100644 src/lib/libcrypto/engine/hw_ncipher_err.c delete mode 100644 src/lib/libcrypto/engine/hw_ncipher_err.h delete mode 100644 src/lib/libcrypto/engine/hw_nuron.c delete mode 100644 src/lib/libcrypto/engine/hw_nuron_err.c delete mode 100644 src/lib/libcrypto/engine/hw_nuron_err.h delete mode 100644 src/lib/libcrypto/engine/hw_sureware.c delete mode 100644 src/lib/libcrypto/engine/hw_sureware_err.c delete mode 100644 src/lib/libcrypto/engine/hw_sureware_err.h delete mode 100644 src/lib/libcrypto/engine/hw_ubsec.c delete mode 100644 src/lib/libcrypto/engine/hw_ubsec_err.c delete mode 100644 src/lib/libcrypto/engine/hw_ubsec_err.h delete mode 100644 src/lib/libcrypto/engine/vendor_defns/aep.h delete mode 100644 src/lib/libcrypto/engine/vendor_defns/atalla.h delete mode 100644 src/lib/libcrypto/engine/vendor_defns/cswift.h delete mode 100644 src/lib/libcrypto/engine/vendor_defns/hw_4758_cca.h delete mode 100644 src/lib/libcrypto/engine/vendor_defns/hw_ubsec.h delete mode 100644 src/lib/libcrypto/engine/vendor_defns/hwcryptohook.h delete mode 100644 src/lib/libcrypto/engine/vendor_defns/sureware.h delete mode 100644 src/lib/libcrypto/err/Makefile.ssl delete mode 100644 src/lib/libcrypto/err/err_bio.c delete mode 100644 src/lib/libcrypto/err/err_def.c delete mode 100644 src/lib/libcrypto/err/err_str.c delete mode 100644 src/lib/libcrypto/evp/Makefile.ssl delete mode 100644 src/lib/libcrypto/evp/dig_eng.c delete mode 100644 src/lib/libcrypto/evp/enc_min.c delete mode 100644 src/lib/libcrypto/evp/evp_cnf.c delete mode 100644 src/lib/libcrypto/fips_err.c delete mode 100644 src/lib/libcrypto/fips_err.h delete mode 100644 src/lib/libcrypto/hmac/Makefile.ssl delete mode 100644 src/lib/libcrypto/idea/Makefile.ssl delete mode 100644 src/lib/libcrypto/krb5/Makefile.ssl delete mode 100644 src/lib/libcrypto/lhash/Makefile.ssl delete mode 100644 src/lib/libcrypto/md2/Makefile.ssl delete mode 100644 src/lib/libcrypto/md4/Makefile.ssl delete mode 100644 src/lib/libcrypto/md5/Makefile.ssl delete mode 100644 src/lib/libcrypto/md5/asm/md5-sparcv9.S delete mode 100644 src/lib/libcrypto/mdc2/Makefile.ssl delete mode 100644 src/lib/libcrypto/o_init.c delete mode 100644 src/lib/libcrypto/objects/Makefile.ssl delete mode 100644 src/lib/libcrypto/ocsp/Makefile.ssl delete mode 100644 src/lib/libcrypto/pem/Makefile.ssl delete mode 100644 src/lib/libcrypto/perlasm/alpha.pl delete mode 100644 src/lib/libcrypto/perlasm/x86ms.pl delete mode 100644 src/lib/libcrypto/perlasm/x86unix.pl delete mode 100644 src/lib/libcrypto/pkcs12/Makefile.ssl delete mode 100644 src/lib/libcrypto/pkcs7/Makefile.ssl delete mode 100644 src/lib/libcrypto/pqueue/pq_compat.h delete mode 100644 src/lib/libcrypto/rand/Makefile.ssl delete mode 100644 src/lib/libcrypto/rand/rand_eng.c delete mode 100644 src/lib/libcrypto/rc2/Makefile.ssl delete mode 100644 src/lib/libcrypto/rc4/Makefile.ssl delete mode 100755 src/lib/libcrypto/rc4/asm/rc4-amd64.pl delete mode 100644 src/lib/libcrypto/rc4/asm/rc4-ia64.S delete mode 100644 src/lib/libcrypto/rc4/rc4_fblk.c delete mode 100644 src/lib/libcrypto/rc5/Makefile.ssl delete mode 100644 src/lib/libcrypto/ripemd/Makefile.ssl delete mode 100644 src/lib/libcrypto/rsa/Makefile.ssl delete mode 100644 src/lib/libcrypto/rsa/rsa_eng.c delete mode 100644 src/lib/libcrypto/rsa/rsa_x931g.c delete mode 100644 src/lib/libcrypto/sha/Makefile.ssl delete mode 100644 src/lib/libcrypto/sha/asm/sha512-sse2.pl delete mode 100644 src/lib/libcrypto/sha/sha1s.cpp delete mode 100644 src/lib/libcrypto/stack/Makefile.ssl delete mode 100644 src/lib/libcrypto/tmdiff.c delete mode 100644 src/lib/libcrypto/tmdiff.h delete mode 100644 src/lib/libcrypto/txt_db/Makefile.ssl delete mode 100644 src/lib/libcrypto/ui/Makefile.ssl delete mode 100644 src/lib/libcrypto/util/arx.pl delete mode 100644 src/lib/libcrypto/util/checkhash.pl delete mode 100644 src/lib/libcrypto/util/fipslink.pl delete mode 100644 src/lib/libcrypto/util/mksdef.pl delete mode 100644 src/lib/libcrypto/util/pl/BC-16.pl delete mode 100644 src/lib/libcrypto/util/pl/VC-16.pl delete mode 100644 src/lib/libcrypto/util/pl/VC-32-GMAKE.pl delete mode 100644 src/lib/libcrypto/util/pl/VC-CE.pl delete mode 100644 src/lib/libcrypto/x509/Makefile.ssl delete mode 100644 src/lib/libcrypto/x509v3/Makefile.ssl (limited to 'src/lib/libcrypto') diff --git a/src/lib/libcrypto/Makefile.ssl b/src/lib/libcrypto/Makefile.ssl deleted file mode 100644 index b9951a4600..0000000000 --- a/src/lib/libcrypto/Makefile.ssl +++ /dev/null @@ -1,218 +0,0 @@ -# -# SSLeay/crypto/Makefile -# - -DIR= crypto -TOP= .. -CC= cc -INCLUDE= -I. -I$(TOP) -I../include -INCLUDES= -I.. -I../.. -I../../include -CFLAG= -g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP= /usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -RM= rm -f -AR= ar r - -PEX_LIBS= -EX_LIBS= - -CFLAGS= $(INCLUDE) $(CFLAG) - - -LIBS= - -SDIRS= md2 md5 sha mdc2 hmac ripemd \ - des rc2 rc4 rc5 idea bf cast \ - bn ec rsa dsa dh dso engine aes \ - buffer bio stack lhash rand err objects \ - evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 - -GENERAL=Makefile README crypto-lib.com install.com - -LIB= $(TOP)/libcrypto.a -SHARED_LIB= libcrypto$(SHLIB_EXT) -LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c -LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o - -SRC= $(LIBSRC) - -EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h symhacks.h \ - ossl_typ.h -HEADER= cryptlib.h buildinf.h md32_common.h o_time.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - @(cd ..; $(MAKE) DIRS=$(DIR) all) - -all: shared - -buildinf.h: ../Makefile.ssl - ( echo "#ifndef MK1MF_BUILD"; \ - echo ' /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */'; \ - echo ' #define CFLAGS "$(CC) $(CFLAG)"'; \ - echo ' #define PLATFORM "$(PLATFORM)"'; \ - echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \ - echo '#endif' ) >buildinf.h - -testapps: - if echo ${SDIRS} | fgrep ' des '; \ - then cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des; fi - cd pkcs7 && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' testapps - -subdirs: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making all in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \ - done; - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making 'files' in crypto/$$i..." && \ - $(MAKE) PERL='${PERL}' files ); \ - done; - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS) - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @for i in $(SDIRS); do \ - (cd $$i && echo "making links in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \ - done; - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -shared: buildinf.h lib subdirs - if [ -n "$(SHARED_LIBS)" ]; then \ - (cd ..; $(MAKE) $(SHARED_LIB)); \ - fi - -libs: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making libs in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \ - done; - -tests: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making tests in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \ - done; - -install: - @for i in $(EXHEADER) ;\ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making install in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \ - done; - -lint: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making lint in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \ - done; - -depend: - if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - if [ ! -s buildinf.h ]; then rm buildinf.h; fi - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making depend in crypto/$$i..." && \ - $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \ - done; - -clean: - rm -f buildinf.h *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making clean in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \ - done; - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making dclean in crypto/$$i..." && \ - $(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \ - done; - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -cpt_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h -cpt_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h -cpt_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h -cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -cpt_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cpt_err.c -cryptlib.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h -cryptlib.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h -cryptlib.o: ../include/openssl/err.h ../include/openssl/lhash.h -cryptlib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -cryptlib.o: ../include/openssl/safestack.h ../include/openssl/stack.h -cryptlib.o: ../include/openssl/symhacks.h cryptlib.c cryptlib.h -cversion.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h -cversion.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h -cversion.o: ../include/openssl/err.h ../include/openssl/lhash.h -cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -cversion.o: ../include/openssl/safestack.h ../include/openssl/stack.h -cversion.o: ../include/openssl/symhacks.h buildinf.h cryptlib.h cversion.c -ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c -ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h -ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h -ex_data.o: ../include/openssl/err.h ../include/openssl/lhash.h -ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ex_data.o: ../include/openssl/safestack.h ../include/openssl/stack.h -ex_data.o: ../include/openssl/symhacks.h cryptlib.h ex_data.c -mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h -mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h -mem.o: ../include/openssl/err.h ../include/openssl/lhash.h -mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h -mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c -mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h -mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h -mem_clr.o: ../include/openssl/symhacks.h mem_clr.c -mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h -mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h -mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h -mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -mem_dbg.o: ../include/openssl/safestack.h ../include/openssl/stack.h -mem_dbg.o: ../include/openssl/symhacks.h cryptlib.h mem_dbg.c -o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c -o_time.o: o_time.h -tmdiff.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h -tmdiff.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h -tmdiff.o: ../include/openssl/err.h ../include/openssl/lhash.h -tmdiff.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -tmdiff.o: ../include/openssl/safestack.h ../include/openssl/stack.h -tmdiff.o: ../include/openssl/symhacks.h ../include/openssl/tmdiff.h cryptlib.h -tmdiff.o: tmdiff.c -uid.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h -uid.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -uid.o: ../include/openssl/safestack.h ../include/openssl/stack.h -uid.o: ../include/openssl/symhacks.h uid.c diff --git a/src/lib/libcrypto/aes/Makefile.ssl b/src/lib/libcrypto/aes/Makefile.ssl deleted file mode 100644 index f353aeb697..0000000000 --- a/src/lib/libcrypto/aes/Makefile.ssl +++ /dev/null @@ -1,103 +0,0 @@ -# -# crypto/aes/Makefile -# - -DIR= aes -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP= /usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -# CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -#TEST=aestest.c -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c -LIBOBJ=aes_core.o aes_misc.o aes_ecb.o aes_cbc.o aes_cfb.o aes_ofb.o aes_ctr.o - -SRC= $(LIBSRC) - -EXHEADER= aes.h -HEADER= aes_locl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -$(LIBOBJ): $(LIBSRC) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: installs - -installs: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h -aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c aes_locl.h -aes_cfb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h -aes_cfb.o: ../../include/openssl/opensslconf.h aes_cfb.c aes_locl.h -aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h -aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h -aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h -aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h -aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h -aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h -aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h -aes_misc.o: ../../include/openssl/opensslconf.h -aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c -aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h -aes_ofb.o: ../../include/openssl/opensslconf.h aes_locl.h aes_ofb.c diff --git a/src/lib/libcrypto/aes/aes.h b/src/lib/libcrypto/aes/aes.h index 450f2b4051..d2c99730fe 100644 --- a/src/lib/libcrypto/aes/aes.h +++ b/src/lib/libcrypto/aes/aes.h @@ -58,6 +58,8 @@ #error AES is disabled. #endif +#include + #define AES_ENCRYPT 1 #define AES_DECRYPT 0 @@ -66,10 +68,6 @@ #define AES_MAXNR 14 #define AES_BLOCK_SIZE 16 -#ifdef OPENSSL_FIPS -#define FIPS_AES_SIZE_T int -#endif - #ifdef __cplusplus extern "C" { #endif @@ -100,37 +98,32 @@ void AES_decrypt(const unsigned char *in, unsigned char *out, void AES_ecb_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key, const int enc); void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, unsigned char *ivec, const int enc); void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, unsigned char *ivec, int *num, const int enc); void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, unsigned char *ivec, int *num, const int enc); void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, unsigned char *ivec, int *num, const int enc); -void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out, - const int nbits,const AES_KEY *key, - unsigned char *ivec,const int enc); void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, unsigned char *ivec, int *num); void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE], unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num); - -/* For IGE, see also http://www.links.org/files/openssl-ige.pdf */ /* NB: the IV is _two_ blocks long */ void AES_ige_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, unsigned char *ivec, const int enc); /* NB: the IV is _four_ blocks long */ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, const AES_KEY *key2, const unsigned char *ivec, const int enc); @@ -141,6 +134,7 @@ int AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out, const unsigned char *in, unsigned int inlen); + #ifdef __cplusplus } #endif diff --git a/src/lib/libcrypto/aes/aes_cbc.c b/src/lib/libcrypto/aes/aes_cbc.c index 373864cd4b..227f75625d 100644 --- a/src/lib/libcrypto/aes/aes_cbc.c +++ b/src/lib/libcrypto/aes/aes_cbc.c @@ -49,85 +49,15 @@ * */ -#ifndef AES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif -#include - #include -#include "aes_locl.h" +#include -#if !defined(OPENSSL_FIPS_AES_ASM) void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t len, const AES_KEY *key, unsigned char *ivec, const int enc) { - unsigned long n; - unsigned long len = length; - unsigned char tmp[AES_BLOCK_SIZE]; - const unsigned char *iv = ivec; - - assert(in && out && key && ivec); - assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); - - if (AES_ENCRYPT == enc) { - while (len >= AES_BLOCK_SIZE) { - for(n=0; n < AES_BLOCK_SIZE; ++n) - out[n] = in[n] ^ iv[n]; - AES_encrypt(out, out, key); - iv = out; - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - if (len) { - for(n=0; n < len; ++n) - out[n] = in[n] ^ iv[n]; - for(n=len; n < AES_BLOCK_SIZE; ++n) - out[n] = iv[n]; - AES_encrypt(out, out, key); - iv = out; - } - memcpy(ivec,iv,AES_BLOCK_SIZE); - } else if (in != out) { - while (len >= AES_BLOCK_SIZE) { - AES_decrypt(in, out, key); - for(n=0; n < AES_BLOCK_SIZE; ++n) - out[n] ^= iv[n]; - iv = in; - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - if (len) { - AES_decrypt(in,tmp,key); - for(n=0; n < len; ++n) - out[n] = tmp[n] ^ iv[n]; - iv = in; - } - memcpy(ivec,iv,AES_BLOCK_SIZE); - } else { - while (len >= AES_BLOCK_SIZE) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(in, out, key); - for(n=0; n < AES_BLOCK_SIZE; ++n) - out[n] ^= ivec[n]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - if (len) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(tmp, out, key); - for(n=0; n < len; ++n) - out[n] ^= ivec[n]; - for(n=len; n < AES_BLOCK_SIZE; ++n) - out[n] = tmp[n]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } - } + if (enc) + CRYPTO_cbc128_encrypt(in,out,len,key,ivec,(block128_f)AES_encrypt); + else + CRYPTO_cbc128_decrypt(in,out,len,key,ivec,(block128_f)AES_decrypt); } -#endif diff --git a/src/lib/libcrypto/aes/aes_cfb.c b/src/lib/libcrypto/aes/aes_cfb.c index 49f0411010..0c6d058ce7 100644 --- a/src/lib/libcrypto/aes/aes_cfb.c +++ b/src/lib/libcrypto/aes/aes_cfb.c @@ -1,6 +1,6 @@ /* crypto/aes/aes_cfb.c -*- mode:C; c-file-style: "eay" -*- */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -48,73 +48,9 @@ * ==================================================================== * */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef AES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif -#include #include -#include "aes_locl.h" -#include "e_os.h" +#include /* The input and output encrypted as though 128bit cfb mode is being * used. The extra state information to record how much of the @@ -122,104 +58,24 @@ */ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, unsigned char *ivec, int *num, const int enc) { - unsigned int n; - unsigned long l = length; - unsigned char c; - - assert(in && out && key && ivec && num); - - n = *num; - - if (enc) { - while (l--) { - if (n == 0) { - AES_encrypt(ivec, ivec, key); - } - ivec[n] = *(out++) = *(in++) ^ ivec[n]; - n = (n+1) % AES_BLOCK_SIZE; - } - } else { - while (l--) { - if (n == 0) { - AES_encrypt(ivec, ivec, key); - } - c = *(in); - *(out++) = *(in++) ^ ivec[n]; - ivec[n] = c; - n = (n+1) % AES_BLOCK_SIZE; - } - } - - *num=n; + CRYPTO_cfb128_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt); } -/* This expects a single block of size nbits for both in and out. Note that - it corrupts any extra bits in the last byte of out */ -void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out, - const int nbits,const AES_KEY *key, - unsigned char *ivec,const int enc) - { - int n,rem,num; - unsigned char ovec[AES_BLOCK_SIZE*2]; - - if (nbits<=0 || nbits>128) return; - - /* fill in the first half of the new IV with the current IV */ - memcpy(ovec,ivec,AES_BLOCK_SIZE); - /* construct the new IV */ - AES_encrypt(ivec,ivec,key); - num = (nbits+7)/8; - if (enc) /* encrypt the input */ - for(n=0 ; n < num ; ++n) - out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n] ^ ivec[n]); - else /* decrypt the input */ - for(n=0 ; n < num ; ++n) - out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n]) ^ ivec[n]; - /* shift ovec left... */ - rem = nbits%8; - num = nbits/8; - if(rem==0) - memcpy(ivec,ovec+num,AES_BLOCK_SIZE); - else - for(n=0 ; n < AES_BLOCK_SIZE ; ++n) - ivec[n] = ovec[n+num]<>(8-rem); - - /* it is not necessary to cleanse ovec, since the IV is not secret */ - } - /* N.B. This expects the input to be packed, MS bit first */ void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, unsigned char *ivec, int *num, const int enc) { - unsigned int n; - unsigned char c[1],d[1]; - - assert(in && out && key && ivec && num); - assert(*num == 0); - - memset(out,0,(length+7)/8); - for(n=0 ; n < length ; ++n) - { - c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0; - AES_cfbr_encrypt_block(c,d,1,key,ivec,enc); - out[n/8]=(out[n/8]&~(1 << (7-n%8)))|((d[0]&0x80) >> (n%8)); - } + CRYPTO_cfb128_1_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt); } void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, + size_t length, const AES_KEY *key, unsigned char *ivec, int *num, const int enc) { - unsigned int n; - - assert(in && out && key && ivec && num); - assert(*num == 0); - - for(n=0 ; n < length ; ++n) - AES_cfbr_encrypt_block(&in[n],&out[n],8,key,ivec,enc); + CRYPTO_cfb128_8_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt); } diff --git a/src/lib/libcrypto/aes/aes_core.c b/src/lib/libcrypto/aes/aes_core.c index cffdd4daec..a7ec54f4da 100644 --- a/src/lib/libcrypto/aes/aes_core.c +++ b/src/lib/libcrypto/aes/aes_core.c @@ -37,12 +37,9 @@ #include #include -#ifdef OPENSSL_FIPS -#include -#endif - #include "aes_locl.h" +#ifndef AES_ASM /* Te0[x] = S [x].[02, 01, 01, 03]; Te1[x] = S [x].[03, 02, 01, 01]; @@ -635,10 +632,6 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, int i = 0; u32 temp; -#ifdef OPENSSL_FIPS - FIPS_selftest_check(); -#endif - if (!userKey || !key) return -1; if (bits != 128 && bits != 192 && bits != 256) @@ -781,7 +774,6 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits, return 0; } -#ifndef AES_ASM /* * Encrypt a single block * in and out can overlap @@ -1164,4 +1156,203 @@ void AES_decrypt(const unsigned char *in, unsigned char *out, PUTU32(out + 12, s3); } +#else /* AES_ASM */ + +static const u8 Te4[256] = { + 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U, + 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U, + 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U, + 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U, + 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU, + 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U, + 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU, + 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U, + 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U, + 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U, + 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU, + 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU, + 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U, + 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U, + 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U, + 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U, + 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U, + 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U, + 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U, + 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU, + 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU, + 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U, + 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U, + 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U, + 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U, + 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU, + 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU, + 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU, + 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U, + 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU, + 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U, + 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U +}; +static const u32 rcon[] = { + 0x01000000, 0x02000000, 0x04000000, 0x08000000, + 0x10000000, 0x20000000, 0x40000000, 0x80000000, + 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ +}; + +/** + * Expand the cipher key into the encryption key schedule. + */ +int AES_set_encrypt_key(const unsigned char *userKey, const int bits, + AES_KEY *key) { + u32 *rk; + int i = 0; + u32 temp; + + if (!userKey || !key) + return -1; + if (bits != 128 && bits != 192 && bits != 256) + return -2; + + rk = key->rd_key; + + if (bits==128) + key->rounds = 10; + else if (bits==192) + key->rounds = 12; + else + key->rounds = 14; + + rk[0] = GETU32(userKey ); + rk[1] = GETU32(userKey + 4); + rk[2] = GETU32(userKey + 8); + rk[3] = GETU32(userKey + 12); + if (bits == 128) { + while (1) { + temp = rk[3]; + rk[4] = rk[0] ^ + (Te4[(temp >> 16) & 0xff] << 24) ^ + (Te4[(temp >> 8) & 0xff] << 16) ^ + (Te4[(temp ) & 0xff] << 8) ^ + (Te4[(temp >> 24) ]) ^ + rcon[i]; + rk[5] = rk[1] ^ rk[4]; + rk[6] = rk[2] ^ rk[5]; + rk[7] = rk[3] ^ rk[6]; + if (++i == 10) { + return 0; + } + rk += 4; + } + } + rk[4] = GETU32(userKey + 16); + rk[5] = GETU32(userKey + 20); + if (bits == 192) { + while (1) { + temp = rk[ 5]; + rk[ 6] = rk[ 0] ^ + (Te4[(temp >> 16) & 0xff] << 24) ^ + (Te4[(temp >> 8) & 0xff] << 16) ^ + (Te4[(temp ) & 0xff] << 8) ^ + (Te4[(temp >> 24) ]) ^ + rcon[i]; + rk[ 7] = rk[ 1] ^ rk[ 6]; + rk[ 8] = rk[ 2] ^ rk[ 7]; + rk[ 9] = rk[ 3] ^ rk[ 8]; + if (++i == 8) { + return 0; + } + rk[10] = rk[ 4] ^ rk[ 9]; + rk[11] = rk[ 5] ^ rk[10]; + rk += 6; + } + } + rk[6] = GETU32(userKey + 24); + rk[7] = GETU32(userKey + 28); + if (bits == 256) { + while (1) { + temp = rk[ 7]; + rk[ 8] = rk[ 0] ^ + (Te4[(temp >> 16) & 0xff] << 24) ^ + (Te4[(temp >> 8) & 0xff] << 16) ^ + (Te4[(temp ) & 0xff] << 8) ^ + (Te4[(temp >> 24) ]) ^ + rcon[i]; + rk[ 9] = rk[ 1] ^ rk[ 8]; + rk[10] = rk[ 2] ^ rk[ 9]; + rk[11] = rk[ 3] ^ rk[10]; + if (++i == 7) { + return 0; + } + temp = rk[11]; + rk[12] = rk[ 4] ^ + (Te4[(temp >> 24) ] << 24) ^ + (Te4[(temp >> 16) & 0xff] << 16) ^ + (Te4[(temp >> 8) & 0xff] << 8) ^ + (Te4[(temp ) & 0xff]); + rk[13] = rk[ 5] ^ rk[12]; + rk[14] = rk[ 6] ^ rk[13]; + rk[15] = rk[ 7] ^ rk[14]; + + rk += 8; + } + } + return 0; +} + +/** + * Expand the cipher key into the decryption key schedule. + */ +int AES_set_decrypt_key(const unsigned char *userKey, const int bits, + AES_KEY *key) { + + u32 *rk; + int i, j, status; + u32 temp; + + /* first, start with an encryption schedule */ + status = AES_set_encrypt_key(userKey, bits, key); + if (status < 0) + return status; + + rk = key->rd_key; + + /* invert the order of the round keys: */ + for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) { + temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; + temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; + temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; + temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; + } + /* apply the inverse MixColumn transform to all round keys but the first and the last: */ + for (i = 1; i < (key->rounds); i++) { + rk += 4; + for (j = 0; j < 4; j++) { + u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m; + + tp1 = rk[j]; + m = tp1 & 0x80808080; + tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ + ((m - (m >> 7)) & 0x1b1b1b1b); + m = tp2 & 0x80808080; + tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ + ((m - (m >> 7)) & 0x1b1b1b1b); + m = tp4 & 0x80808080; + tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ + ((m - (m >> 7)) & 0x1b1b1b1b); + tp9 = tp8 ^ tp1; + tpb = tp9 ^ tp2; + tpd = tp9 ^ tp4; + tpe = tp8 ^ tp4 ^ tp2; +#if defined(ROTATE) + rk[j] = tpe ^ ROTATE(tpd,16) ^ + ROTATE(tp9,24) ^ ROTATE(tpb,8); +#else + rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ + (tp9 >> 8) ^ (tp9 << 24) ^ + (tpb >> 24) ^ (tpb << 8); +#endif + } + } + return 0; +} + #endif /* AES_ASM */ diff --git a/src/lib/libcrypto/aes/aes_ctr.c b/src/lib/libcrypto/aes/aes_ctr.c index f36982be1e..7c9d165d8a 100644 --- a/src/lib/libcrypto/aes/aes_ctr.c +++ b/src/lib/libcrypto/aes/aes_ctr.c @@ -49,91 +49,13 @@ * */ -#ifndef AES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif -#include - #include -#include "aes_locl.h" - -/* NOTE: the IV/counter CTR mode is big-endian. The rest of the AES code - * is endian-neutral. */ - -/* increment counter (128-bit int) by 1 */ -static void AES_ctr128_inc(unsigned char *counter) { - unsigned long c; - - /* Grab bottom dword of counter and increment */ - c = GETU32(counter + 12); - c++; c &= 0xFFFFFFFF; - PUTU32(counter + 12, c); - - /* if no overflow, we're done */ - if (c) - return; - - /* Grab 1st dword of counter and increment */ - c = GETU32(counter + 8); - c++; c &= 0xFFFFFFFF; - PUTU32(counter + 8, c); - - /* if no overflow, we're done */ - if (c) - return; - - /* Grab 2nd dword of counter and increment */ - c = GETU32(counter + 4); - c++; c &= 0xFFFFFFFF; - PUTU32(counter + 4, c); - - /* if no overflow, we're done */ - if (c) - return; +#include - /* Grab top dword of counter and increment */ - c = GETU32(counter + 0); - c++; c &= 0xFFFFFFFF; - PUTU32(counter + 0, c); -} - -/* The input encrypted as though 128bit counter mode is being - * used. The extra state information to record how much of the - * 128bit block we have used is contained in *num, and the - * encrypted counter is kept in ecount_buf. Both *num and - * ecount_buf must be initialised with zeros before the first - * call to AES_ctr128_encrypt(). - * - * This algorithm assumes that the counter is in the x lower bits - * of the IV (ivec), and that the application has full control over - * overflow and the rest of the IV. This implementation takes NO - * responsability for checking that the counter doesn't overflow - * into the rest of the IV when incremented. - */ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char ivec[AES_BLOCK_SIZE], - unsigned char ecount_buf[AES_BLOCK_SIZE], - unsigned int *num) { - - unsigned int n; - unsigned long l=length; - - assert(in && out && key && counter && num); - assert(*num < AES_BLOCK_SIZE); - - n = *num; - - while (l--) { - if (n == 0) { - AES_encrypt(ivec, ecount_buf, key); - AES_ctr128_inc(ivec); - } - *(out++) = *(in++) ^ ecount_buf[n]; - n = (n+1) % AES_BLOCK_SIZE; - } - - *num=n; + size_t length, const AES_KEY *key, + unsigned char ivec[AES_BLOCK_SIZE], + unsigned char ecount_buf[AES_BLOCK_SIZE], + unsigned int *num) { + CRYPTO_ctr128_encrypt(in,out,length,key,ivec,ecount_buf,num,(block128_f)AES_encrypt); } diff --git a/src/lib/libcrypto/aes/aes_ofb.c b/src/lib/libcrypto/aes/aes_ofb.c index f358bb39e2..50bf0b8325 100644 --- a/src/lib/libcrypto/aes/aes_ofb.c +++ b/src/lib/libcrypto/aes/aes_ofb.c @@ -1,6 +1,6 @@ /* crypto/aes/aes_ofb.c -*- mode:C; c-file-style: "eay" -*- */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -48,95 +48,13 @@ * ==================================================================== * */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef AES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif -#include #include -#include "aes_locl.h" +#include -/* The input and output encrypted as though 128bit ofb mode is being - * used. The extra state information to record how much of the - * 128bit block we have used is contained in *num; - */ void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char *ivec, int *num) { - - unsigned int n; - unsigned long l=length; - - assert(in && out && key && ivec && num); - - n = *num; - - while (l--) { - if (n == 0) { - AES_encrypt(ivec, ivec, key); - } - *(out++) = *(in++) ^ ivec[n]; - n = (n+1) % AES_BLOCK_SIZE; - } - - *num=n; + size_t length, const AES_KEY *key, + unsigned char *ivec, int *num) +{ + CRYPTO_ofb128_encrypt(in,out,length,key,ivec,num,(block128_f)AES_encrypt); } diff --git a/src/lib/libcrypto/aes/asm/aes-586.pl b/src/lib/libcrypto/aes/asm/aes-586.pl index e771e83953..aab40e6f1c 100644 --- a/src/lib/libcrypto/aes/asm/aes-586.pl +++ b/src/lib/libcrypto/aes/asm/aes-586.pl @@ -2,11 +2,12 @@ # # ==================================================================== # Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. # ==================================================================== # -# Version 3.6. +# Version 4.3. # # You might fail to appreciate this module performance from the first # try. If compared to "vanilla" linux-ia32-icc target, i.e. considered @@ -81,11 +82,117 @@ # AMD K8 20 19 # PIII 25 23 # Pentium 81 78 - -push(@INC,"perlasm","../../perlasm"); +# +# Version 3.7 reimplements outer rounds as "compact." Meaning that +# first and last rounds reference compact 256 bytes S-box. This means +# that first round consumes a lot more CPU cycles and that encrypt +# and decrypt performance becomes asymmetric. Encrypt performance +# drops by 10-12%, while decrypt - by 20-25%:-( 256 bytes S-box is +# aggressively pre-fetched. +# +# Version 4.0 effectively rolls back to 3.6 and instead implements +# additional set of functions, _[x86|sse]_AES_[en|de]crypt_compact, +# which use exclusively 256 byte S-box. These functions are to be +# called in modes not concealing plain text, such as ECB, or when +# we're asked to process smaller amount of data [or unconditionally +# on hyper-threading CPU]. Currently it's called unconditionally from +# AES_[en|de]crypt, which affects all modes, but CBC. CBC routine +# still needs to be modified to switch between slower and faster +# mode when appropriate... But in either case benchmark landscape +# changes dramatically and below numbers are CPU cycles per processed +# byte for 128-bit key. +# +# ECB encrypt ECB decrypt CBC large chunk +# P4 56[60] 84[100] 23 +# AMD K8 48[44] 70[79] 18 +# PIII 41[50] 61[91] 24 +# Core 2 32[38] 45[70] 18.5 +# Pentium 120 160 77 +# +# Version 4.1 switches to compact S-box even in key schedule setup. +# +# Version 4.2 prefetches compact S-box in every SSE round or in other +# words every cache-line is *guaranteed* to be accessed within ~50 +# cycles window. Why just SSE? Because it's needed on hyper-threading +# CPU! Which is also why it's prefetched with 64 byte stride. Best +# part is that it has no negative effect on performance:-) +# +# Version 4.3 implements switch between compact and non-compact block +# functions in AES_cbc_encrypt depending on how much data was asked +# to be processed in one stroke. +# +###################################################################### +# Timing attacks are classified in two classes: synchronous when +# attacker consciously initiates cryptographic operation and collects +# timing data of various character afterwards, and asynchronous when +# malicious code is executed on same CPU simultaneously with AES, +# instruments itself and performs statistical analysis of this data. +# +# As far as synchronous attacks go the root to the AES timing +# vulnerability is twofold. Firstly, of 256 S-box elements at most 160 +# are referred to in single 128-bit block operation. Well, in C +# implementation with 4 distinct tables it's actually as little as 40 +# references per 256 elements table, but anyway... Secondly, even +# though S-box elements are clustered into smaller amount of cache- +# lines, smaller than 160 and even 40, it turned out that for certain +# plain-text pattern[s] or simply put chosen plain-text and given key +# few cache-lines remain unaccessed during block operation. Now, if +# attacker can figure out this access pattern, he can deduct the key +# [or at least part of it]. The natural way to mitigate this kind of +# attacks is to minimize the amount of cache-lines in S-box and/or +# prefetch them to ensure that every one is accessed for more uniform +# timing. But note that *if* plain-text was concealed in such way that +# input to block function is distributed *uniformly*, then attack +# wouldn't apply. Now note that some encryption modes, most notably +# CBC, do mask the plain-text in this exact way [secure cipher output +# is distributed uniformly]. Yes, one still might find input that +# would reveal the information about given key, but if amount of +# candidate inputs to be tried is larger than amount of possible key +# combinations then attack becomes infeasible. This is why revised +# AES_cbc_encrypt "dares" to switch to larger S-box when larger chunk +# of data is to be processed in one stroke. The current size limit of +# 512 bytes is chosen to provide same [diminishigly low] probability +# for cache-line to remain untouched in large chunk operation with +# large S-box as for single block operation with compact S-box and +# surely needs more careful consideration... +# +# As for asynchronous attacks. There are two flavours: attacker code +# being interleaved with AES on hyper-threading CPU at *instruction* +# level, and two processes time sharing single core. As for latter. +# Two vectors. 1. Given that attacker process has higher priority, +# yield execution to process performing AES just before timer fires +# off the scheduler, immediately regain control of CPU and analyze the +# cache state. For this attack to be efficient attacker would have to +# effectively slow down the operation by several *orders* of magnitute, +# by ratio of time slice to duration of handful of AES rounds, which +# unlikely to remain unnoticed. Not to mention that this also means +# that he would spend correspondigly more time to collect enough +# statistical data to mount the attack. It's probably appropriate to +# say that if adeversary reckons that this attack is beneficial and +# risks to be noticed, you probably have larger problems having him +# mere opportunity. In other words suggested code design expects you +# to preclude/mitigate this attack by overall system security design. +# 2. Attacker manages to make his code interrupt driven. In order for +# this kind of attack to be feasible, interrupt rate has to be high +# enough, again comparable to duration of handful of AES rounds. But +# is there interrupt source of such rate? Hardly, not even 1Gbps NIC +# generates interrupts at such raging rate... +# +# And now back to the former, hyper-threading CPU or more specifically +# Intel P4. Recall that asynchronous attack implies that malicious +# code instruments itself. And naturally instrumentation granularity +# has be noticeably lower than duration of codepath accessing S-box. +# Given that all cache-lines are accessed during that time that is. +# Current implementation accesses *all* cache-lines within ~50 cycles +# window, which is actually *less* than RDTSC latency on Intel P4! + +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; -&asm_init($ARGV[0],"aes-586.pl",$ARGV[$#ARGV] eq "386"); +&asm_init($ARGV[0],"aes-586.pl",$x86only = $ARGV[$#ARGV] eq "386"); +&static_label("AES_Te"); +&static_label("AES_Td"); $s0="eax"; $s1="ebx"; @@ -93,21 +200,36 @@ $s2="ecx"; $s3="edx"; $key="edi"; $acc="esi"; +$tbl="ebp"; + +# stack frame layout in _[x86|sse]_AES_* routines, frame is allocated +# by caller +$__ra=&DWP(0,"esp"); # return address +$__s0=&DWP(4,"esp"); # s0 backing store +$__s1=&DWP(8,"esp"); # s1 backing store +$__s2=&DWP(12,"esp"); # s2 backing store +$__s3=&DWP(16,"esp"); # s3 backing store +$__key=&DWP(20,"esp"); # pointer to key schedule +$__end=&DWP(24,"esp"); # pointer to end of key schedule +$__tbl=&DWP(28,"esp"); # %ebp backing store + +# stack frame layout in AES_[en|crypt] routines, which differs from +# above by 4 and overlaps by %ebp backing store +$_tbl=&DWP(24,"esp"); +$_esp=&DWP(28,"esp"); + +sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } -$compromise=0; # $compromise=128 abstains from copying key - # schedule to stack when encrypting inputs - # shorter than 128 bytes at the cost of - # risksing aliasing with S-boxes. In return - # you get way better, up to +70%, small block - # performance. +$speed_limit=512; # chunks smaller than $speed_limit are + # processed with compact routine in CBC mode $small_footprint=1; # $small_footprint=1 code is ~5% slower [on # recent µ-archs], but ~5 times smaller! # I favor compact code to minimize cache # contention and in hope to "collect" 5% back # in real-life applications... + $vertical_spin=0; # shift "verticaly" defaults to 0, because of # its proof-of-concept status... - # Note that there is no decvert(), as well as last encryption round is # performed with "horizontal" shifts. This is because this "vertical" # implementation [one which groups shifts on a given $s[i] to form a @@ -170,17 +292,484 @@ sub encvert() &movz ($v0,&HB($v1)); &and ($v1,0xFF); &xor ($s[3],&DWP(2,$te,$v1,8)); # s1>>16 - &mov ($key,&DWP(12,"esp")); # reincarnate v1 as key + &mov ($key,$__key); # reincarnate v1 as key &xor ($s[2],&DWP(1,$te,$v0,8)); # s1>>24 } +# Another experimental routine, which features "horizontal spin," but +# eliminates one reference to stack. Strangely enough runs slower... +sub enchoriz() +{ my $v0 = $key, $v1 = $acc; + + &movz ($v0,&LB($s0)); # 3, 2, 1, 0* + &rotr ($s2,8); # 8,11,10, 9 + &mov ($v1,&DWP(0,$te,$v0,8)); # 0 + &movz ($v0,&HB($s1)); # 7, 6, 5*, 4 + &rotr ($s3,16); # 13,12,15,14 + &xor ($v1,&DWP(3,$te,$v0,8)); # 5 + &movz ($v0,&HB($s2)); # 8,11,10*, 9 + &rotr ($s0,16); # 1, 0, 3, 2 + &xor ($v1,&DWP(2,$te,$v0,8)); # 10 + &movz ($v0,&HB($s3)); # 13,12,15*,14 + &xor ($v1,&DWP(1,$te,$v0,8)); # 15, t[0] collected + &mov ($__s0,$v1); # t[0] saved + + &movz ($v0,&LB($s1)); # 7, 6, 5, 4* + &shr ($s1,16); # -, -, 7, 6 + &mov ($v1,&DWP(0,$te,$v0,8)); # 4 + &movz ($v0,&LB($s3)); # 13,12,15,14* + &xor ($v1,&DWP(2,$te,$v0,8)); # 14 + &movz ($v0,&HB($s0)); # 1, 0, 3*, 2 + &and ($s3,0xffff0000); # 13,12, -, - + &xor ($v1,&DWP(1,$te,$v0,8)); # 3 + &movz ($v0,&LB($s2)); # 8,11,10, 9* + &or ($s3,$s1); # 13,12, 7, 6 + &xor ($v1,&DWP(3,$te,$v0,8)); # 9, t[1] collected + &mov ($s1,$v1); # s[1]=t[1] + + &movz ($v0,&LB($s0)); # 1, 0, 3, 2* + &shr ($s2,16); # -, -, 8,11 + &mov ($v1,&DWP(2,$te,$v0,8)); # 2 + &movz ($v0,&HB($s3)); # 13,12, 7*, 6 + &xor ($v1,&DWP(1,$te,$v0,8)); # 7 + &movz ($v0,&HB($s2)); # -, -, 8*,11 + &xor ($v1,&DWP(0,$te,$v0,8)); # 8 + &mov ($v0,$s3); + &shr ($v0,24); # 13 + &xor ($v1,&DWP(3,$te,$v0,8)); # 13, t[2] collected + + &movz ($v0,&LB($s2)); # -, -, 8,11* + &shr ($s0,24); # 1* + &mov ($s2,&DWP(1,$te,$v0,8)); # 11 + &xor ($s2,&DWP(3,$te,$s0,8)); # 1 + &mov ($s0,$__s0); # s[0]=t[0] + &movz ($v0,&LB($s3)); # 13,12, 7, 6* + &shr ($s3,16); # , ,13,12 + &xor ($s2,&DWP(2,$te,$v0,8)); # 6 + &mov ($key,$__key); # reincarnate v0 as key + &and ($s3,0xff); # , ,13,12* + &mov ($s3,&DWP(0,$te,$s3,8)); # 12 + &xor ($s3,$s2); # s[2]=t[3] collected + &mov ($s2,$v1); # s[2]=t[2] +} + +# More experimental code... SSE one... Even though this one eliminates +# *all* references to stack, it's not faster... +sub sse_encbody() +{ + &movz ($acc,&LB("eax")); # 0 + &mov ("ecx",&DWP(0,$tbl,$acc,8)); # 0 + &pshufw ("mm2","mm0",0x0d); # 7, 6, 3, 2 + &movz ("edx",&HB("eax")); # 1 + &mov ("edx",&DWP(3,$tbl,"edx",8)); # 1 + &shr ("eax",16); # 5, 4 + + &movz ($acc,&LB("ebx")); # 10 + &xor ("ecx",&DWP(2,$tbl,$acc,8)); # 10 + &pshufw ("mm6","mm4",0x08); # 13,12, 9, 8 + &movz ($acc,&HB("ebx")); # 11 + &xor ("edx",&DWP(1,$tbl,$acc,8)); # 11 + &shr ("ebx",16); # 15,14 + + &movz ($acc,&HB("eax")); # 5 + &xor ("ecx",&DWP(3,$tbl,$acc,8)); # 5 + &movq ("mm3",QWP(16,$key)); + &movz ($acc,&HB("ebx")); # 15 + &xor ("ecx",&DWP(1,$tbl,$acc,8)); # 15 + &movd ("mm0","ecx"); # t[0] collected + + &movz ($acc,&LB("eax")); # 4 + &mov ("ecx",&DWP(0,$tbl,$acc,8)); # 4 + &movd ("eax","mm2"); # 7, 6, 3, 2 + &movz ($acc,&LB("ebx")); # 14 + &xor ("ecx",&DWP(2,$tbl,$acc,8)); # 14 + &movd ("ebx","mm6"); # 13,12, 9, 8 + + &movz ($acc,&HB("eax")); # 3 + &xor ("ecx",&DWP(1,$tbl,$acc,8)); # 3 + &movz ($acc,&HB("ebx")); # 9 + &xor ("ecx",&DWP(3,$tbl,$acc,8)); # 9 + &movd ("mm1","ecx"); # t[1] collected + + &movz ($acc,&LB("eax")); # 2 + &mov ("ecx",&DWP(2,$tbl,$acc,8)); # 2 + &shr ("eax",16); # 7, 6 + &punpckldq ("mm0","mm1"); # t[0,1] collected + &movz ($acc,&LB("ebx")); # 8 + &xor ("ecx",&DWP(0,$tbl,$acc,8)); # 8 + &shr ("ebx",16); # 13,12 + + &movz ($acc,&HB("eax")); # 7 + &xor ("ecx",&DWP(1,$tbl,$acc,8)); # 7 + &pxor ("mm0","mm3"); + &movz ("eax",&LB("eax")); # 6 + &xor ("edx",&DWP(2,$tbl,"eax",8)); # 6 + &pshufw ("mm1","mm0",0x08); # 5, 4, 1, 0 + &movz ($acc,&HB("ebx")); # 13 + &xor ("ecx",&DWP(3,$tbl,$acc,8)); # 13 + &xor ("ecx",&DWP(24,$key)); # t[2] + &movd ("mm4","ecx"); # t[2] collected + &movz ("ebx",&LB("ebx")); # 12 + &xor ("edx",&DWP(0,$tbl,"ebx",8)); # 12 + &shr ("ecx",16); + &movd ("eax","mm1"); # 5, 4, 1, 0 + &mov ("ebx",&DWP(28,$key)); # t[3] + &xor ("ebx","edx"); + &movd ("mm5","ebx"); # t[3] collected + &and ("ebx",0xffff0000); + &or ("ebx","ecx"); + + &punpckldq ("mm4","mm5"); # t[2,3] collected +} + +###################################################################### +# "Compact" block function +###################################################################### + +sub enccompact() +{ my $Fn = mov; + while ($#_>5) { pop(@_); $Fn=sub{}; } + my ($i,$te,@s)=@_; + my $tmp = $key; + my $out = $i==3?$s[0]:$acc; + + # $Fn is used in first compact round and its purpose is to + # void restoration of some values from stack, so that after + # 4xenccompact with extra argument $key value is left there... + if ($i==3) { &$Fn ($key,$__key); }##%edx + else { &mov ($out,$s[0]); } + &and ($out,0xFF); + if ($i==1) { &shr ($s[0],16); }#%ebx[1] + if ($i==2) { &shr ($s[0],24); }#%ecx[2] + &movz ($out,&BP(-128,$te,$out,1)); + + if ($i==3) { $tmp=$s[1]; }##%eax + &movz ($tmp,&HB($s[1])); + &movz ($tmp,&BP(-128,$te,$tmp,1)); + &shl ($tmp,8); + &xor ($out,$tmp); + + if ($i==3) { $tmp=$s[2]; &mov ($s[1],$__s0); }##%ebx + else { &mov ($tmp,$s[2]); + &shr ($tmp,16); } + if ($i==2) { &and ($s[1],0xFF); }#%edx[2] + &and ($tmp,0xFF); + &movz ($tmp,&BP(-128,$te,$tmp,1)); + &shl ($tmp,16); + &xor ($out,$tmp); + + if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }##%ecx + elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] + else { &mov ($tmp,$s[3]); + &shr ($tmp,24); } + &movz ($tmp,&BP(-128,$te,$tmp,1)); + &shl ($tmp,24); + &xor ($out,$tmp); + if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } + if ($i==3) { &mov ($s[3],$acc); } + &comment(); +} + +sub enctransform() +{ my @s = ($s0,$s1,$s2,$s3); + my $i = shift; + my $tmp = $tbl; + my $r2 = $key ; + + &mov ($acc,$s[$i]); + &and ($acc,0x80808080); + &mov ($tmp,$acc); + &shr ($tmp,7); + &lea ($r2,&DWP(0,$s[$i],$s[$i])); + &sub ($acc,$tmp); + &and ($r2,0xfefefefe); + &and ($acc,0x1b1b1b1b); + &mov ($tmp,$s[$i]); + &xor ($acc,$r2); # r2 + + &xor ($s[$i],$acc); # r0 ^ r2 + &rotl ($s[$i],24); + &xor ($s[$i],$acc) # ROTATE(r2^r0,24) ^ r2 + &rotr ($tmp,16); + &xor ($s[$i],$tmp); + &rotr ($tmp,8); + &xor ($s[$i],$tmp); +} + +&function_begin_B("_x86_AES_encrypt_compact"); + # note that caller is expected to allocate stack frame for me! + &mov ($__key,$key); # save key + + &xor ($s0,&DWP(0,$key)); # xor with key + &xor ($s1,&DWP(4,$key)); + &xor ($s2,&DWP(8,$key)); + &xor ($s3,&DWP(12,$key)); + + &mov ($acc,&DWP(240,$key)); # load key->rounds + &lea ($acc,&DWP(-2,$acc,$acc)); + &lea ($acc,&DWP(0,$key,$acc,8)); + &mov ($__end,$acc); # end of key schedule + + # prefetch Te4 + &mov ($key,&DWP(0-128,$tbl)); + &mov ($acc,&DWP(32-128,$tbl)); + &mov ($key,&DWP(64-128,$tbl)); + &mov ($acc,&DWP(96-128,$tbl)); + &mov ($key,&DWP(128-128,$tbl)); + &mov ($acc,&DWP(160-128,$tbl)); + &mov ($key,&DWP(192-128,$tbl)); + &mov ($acc,&DWP(224-128,$tbl)); + + &set_label("loop",16); + + &enccompact(0,$tbl,$s0,$s1,$s2,$s3,1); + &enccompact(1,$tbl,$s1,$s2,$s3,$s0,1); + &enccompact(2,$tbl,$s2,$s3,$s0,$s1,1); + &enccompact(3,$tbl,$s3,$s0,$s1,$s2,1); + &enctransform(2); + &enctransform(3); + &enctransform(0); + &enctransform(1); + &mov ($key,$__key); + &mov ($tbl,$__tbl); + &add ($key,16); # advance rd_key + &xor ($s0,&DWP(0,$key)); + &xor ($s1,&DWP(4,$key)); + &xor ($s2,&DWP(8,$key)); + &xor ($s3,&DWP(12,$key)); + + &cmp ($key,$__end); + &mov ($__key,$key); + &jb (&label("loop")); + + &enccompact(0,$tbl,$s0,$s1,$s2,$s3); + &enccompact(1,$tbl,$s1,$s2,$s3,$s0); + &enccompact(2,$tbl,$s2,$s3,$s0,$s1); + &enccompact(3,$tbl,$s3,$s0,$s1,$s2); + + &xor ($s0,&DWP(16,$key)); + &xor ($s1,&DWP(20,$key)); + &xor ($s2,&DWP(24,$key)); + &xor ($s3,&DWP(28,$key)); + + &ret (); +&function_end_B("_x86_AES_encrypt_compact"); + +###################################################################### +# "Compact" SSE block function. +###################################################################### +# +# Performance is not actually extraordinary in comparison to pure +# x86 code. In particular encrypt performance is virtually the same. +# Decrypt performance on the other hand is 15-20% better on newer +# µ-archs [but we're thankful for *any* improvement here], and ~50% +# better on PIII:-) And additionally on the pros side this code +# eliminates redundant references to stack and thus relieves/ +# minimizes the pressure on the memory bus. +# +# MMX register layout lsb +# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ +# | mm4 | mm0 | +# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ +# | s3 | s2 | s1 | s0 | +# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ +# |15|14|13|12|11|10| 9| 8| 7| 6| 5| 4| 3| 2| 1| 0| +# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ +# +# Indexes translate as s[N/4]>>(8*(N%4)), e.g. 5 means s1>>8. +# In this terms encryption and decryption "compact" permutation +# matrices can be depicted as following: +# +# encryption lsb # decryption lsb +# +----++----+----+----+----+ # +----++----+----+----+----+ +# | t0 || 15 | 10 | 5 | 0 | # | t0 || 7 | 10 | 13 | 0 | +# +----++----+----+----+----+ # +----++----+----+----+----+ +# | t1 || 3 | 14 | 9 | 4 | # | t1 || 11 | 14 | 1 | 4 | +# +----++----+----+----+----+ # +----++----+----+----+----+ +# | t2 || 7 | 2 | 13 | 8 | # | t2 || 15 | 2 | 5 | 8 | +# +----++----+----+----+----+ # +----++----+----+----+----+ +# | t3 || 11 | 6 | 1 | 12 | # | t3 || 3 | 6 | 9 | 12 | +# +----++----+----+----+----+ # +----++----+----+----+----+ +# +###################################################################### +# Why not xmm registers? Short answer. It was actually tested and +# was not any faster, but *contrary*, most notably on Intel CPUs. +# Longer answer. Main advantage of using mm registers is that movd +# latency is lower, especially on Intel P4. While arithmetic +# instructions are twice as many, they can be scheduled every cycle +# and not every second one when they are operating on xmm register, +# so that "arithmetic throughput" remains virtually the same. And +# finally the code can be executed even on elder SSE-only CPUs:-) + +sub sse_enccompact() +{ + &pshufw ("mm1","mm0",0x08); # 5, 4, 1, 0 + &pshufw ("mm5","mm4",0x0d); # 15,14,11,10 + &movd ("eax","mm1"); # 5, 4, 1, 0 + &movd ("ebx","mm5"); # 15,14,11,10 + + &movz ($acc,&LB("eax")); # 0 + &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 0 + &pshufw ("mm2","mm0",0x0d); # 7, 6, 3, 2 + &movz ("edx",&HB("eax")); # 1 + &movz ("edx",&BP(-128,$tbl,"edx",1)); # 1 + &shl ("edx",8); # 1 + &shr ("eax",16); # 5, 4 + + &movz ($acc,&LB("ebx")); # 10 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 10 + &shl ($acc,16); # 10 + &or ("ecx",$acc); # 10 + &pshufw ("mm6","mm4",0x08); # 13,12, 9, 8 + &movz ($acc,&HB("ebx")); # 11 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 11 + &shl ($acc,24); # 11 + &or ("edx",$acc); # 11 + &shr ("ebx",16); # 15,14 + + &movz ($acc,&HB("eax")); # 5 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 5 + &shl ($acc,8); # 5 + &or ("ecx",$acc); # 5 + &movz ($acc,&HB("ebx")); # 15 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 15 + &shl ($acc,24); # 15 + &or ("ecx",$acc); # 15 + &movd ("mm0","ecx"); # t[0] collected + + &movz ($acc,&LB("eax")); # 4 + &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 4 + &movd ("eax","mm2"); # 7, 6, 3, 2 + &movz ($acc,&LB("ebx")); # 14 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 14 + &shl ($acc,16); # 14 + &or ("ecx",$acc); # 14 + + &movd ("ebx","mm6"); # 13,12, 9, 8 + &movz ($acc,&HB("eax")); # 3 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 3 + &shl ($acc,24); # 3 + &or ("ecx",$acc); # 3 + &movz ($acc,&HB("ebx")); # 9 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 9 + &shl ($acc,8); # 9 + &or ("ecx",$acc); # 9 + &movd ("mm1","ecx"); # t[1] collected + + &movz ($acc,&LB("ebx")); # 8 + &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 8 + &shr ("ebx",16); # 13,12 + &movz ($acc,&LB("eax")); # 2 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 2 + &shl ($acc,16); # 2 + &or ("ecx",$acc); # 2 + &shr ("eax",16); # 7, 6 + + &punpckldq ("mm0","mm1"); # t[0,1] collected + + &movz ($acc,&HB("eax")); # 7 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 7 + &shl ($acc,24); # 7 + &or ("ecx",$acc); # 7 + &and ("eax",0xff); # 6 + &movz ("eax",&BP(-128,$tbl,"eax",1)); # 6 + &shl ("eax",16); # 6 + &or ("edx","eax"); # 6 + &movz ($acc,&HB("ebx")); # 13 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 13 + &shl ($acc,8); # 13 + &or ("ecx",$acc); # 13 + &movd ("mm4","ecx"); # t[2] collected + &and ("ebx",0xff); # 12 + &movz ("ebx",&BP(-128,$tbl,"ebx",1)); # 12 + &or ("edx","ebx"); # 12 + &movd ("mm5","edx"); # t[3] collected + + &punpckldq ("mm4","mm5"); # t[2,3] collected +} + + if (!$x86only) { +&function_begin_B("_sse_AES_encrypt_compact"); + &pxor ("mm0",&QWP(0,$key)); # 7, 6, 5, 4, 3, 2, 1, 0 + &pxor ("mm4",&QWP(8,$key)); # 15,14,13,12,11,10, 9, 8 + + # note that caller is expected to allocate stack frame for me! + &mov ($acc,&DWP(240,$key)); # load key->rounds + &lea ($acc,&DWP(-2,$acc,$acc)); + &lea ($acc,&DWP(0,$key,$acc,8)); + &mov ($__end,$acc); # end of key schedule + + &mov ($s0,0x1b1b1b1b); # magic constant + &mov (&DWP(8,"esp"),$s0); + &mov (&DWP(12,"esp"),$s0); + + # prefetch Te4 + &mov ($s0,&DWP(0-128,$tbl)); + &mov ($s1,&DWP(32-128,$tbl)); + &mov ($s2,&DWP(64-128,$tbl)); + &mov ($s3,&DWP(96-128,$tbl)); + &mov ($s0,&DWP(128-128,$tbl)); + &mov ($s1,&DWP(160-128,$tbl)); + &mov ($s2,&DWP(192-128,$tbl)); + &mov ($s3,&DWP(224-128,$tbl)); + + &set_label("loop",16); + &sse_enccompact(); + &add ($key,16); + &cmp ($key,$__end); + &ja (&label("out")); + + &movq ("mm2",&QWP(8,"esp")); + &pxor ("mm3","mm3"); &pxor ("mm7","mm7"); + &movq ("mm1","mm0"); &movq ("mm5","mm4"); # r0 + &pcmpgtb("mm3","mm0"); &pcmpgtb("mm7","mm4"); + &pand ("mm3","mm2"); &pand ("mm7","mm2"); + &pshufw ("mm2","mm0",0xb1); &pshufw ("mm6","mm4",0xb1);# ROTATE(r0,16) + &paddb ("mm0","mm0"); &paddb ("mm4","mm4"); + &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # = r2 + &pshufw ("mm3","mm2",0xb1); &pshufw ("mm7","mm6",0xb1);# r0 + &pxor ("mm1","mm0"); &pxor ("mm5","mm4"); # r0^r2 + &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= ROTATE(r0,16) + + &movq ("mm2","mm3"); &movq ("mm6","mm7"); + &pslld ("mm3",8); &pslld ("mm7",8); + &psrld ("mm2",24); &psrld ("mm6",24); + &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= r0<<8 + &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= r0>>24 + + &movq ("mm3","mm1"); &movq ("mm7","mm5"); + &movq ("mm2",&QWP(0,$key)); &movq ("mm6",&QWP(8,$key)); + &psrld ("mm1",8); &psrld ("mm5",8); + &mov ($s0,&DWP(0-128,$tbl)); + &pslld ("mm3",24); &pslld ("mm7",24); + &mov ($s1,&DWP(64-128,$tbl)); + &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= (r2^r0)<<8 + &mov ($s2,&DWP(128-128,$tbl)); + &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= (r2^r0)>>24 + &mov ($s3,&DWP(192-128,$tbl)); + + &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); + &jmp (&label("loop")); + + &set_label("out",16); + &pxor ("mm0",&QWP(0,$key)); + &pxor ("mm4",&QWP(8,$key)); + + &ret (); +&function_end_B("_sse_AES_encrypt_compact"); + } + +###################################################################### +# Vanilla block function. +###################################################################### + sub encstep() { my ($i,$te,@s) = @_; my $tmp = $key; my $out = $i==3?$s[0]:$acc; # lines marked with #%e?x[i] denote "reordered" instructions... - if ($i==3) { &mov ($key,&DWP(12,"esp")); }##%edx + if ($i==3) { &mov ($key,$__key); }##%edx else { &mov ($out,$s[0]); &and ($out,0xFF); } if ($i==1) { &shr ($s[0],16); }#%ebx[1] @@ -191,14 +780,14 @@ sub encstep() &movz ($tmp,&HB($s[1])); &xor ($out,&DWP(3,$te,$tmp,8)); - if ($i==3) { $tmp=$s[2]; &mov ($s[1],&DWP(4,"esp")); }##%ebx + if ($i==3) { $tmp=$s[2]; &mov ($s[1],$__s0); }##%ebx else { &mov ($tmp,$s[2]); &shr ($tmp,16); } if ($i==2) { &and ($s[1],0xFF); }#%edx[2] &and ($tmp,0xFF); &xor ($out,&DWP(2,$te,$tmp,8)); - if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }##%ecx + if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }##%ecx elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] else { &mov ($tmp,$s[3]); &shr ($tmp,24) } @@ -213,7 +802,7 @@ sub enclast() my $tmp = $key; my $out = $i==3?$s[0]:$acc; - if ($i==3) { &mov ($key,&DWP(12,"esp")); }##%edx + if ($i==3) { &mov ($key,$__key); }##%edx else { &mov ($out,$s[0]); } &and ($out,0xFF); if ($i==1) { &shr ($s[0],16); }#%ebx[1] @@ -227,8 +816,8 @@ sub enclast() &and ($tmp,0x0000ff00); &xor ($out,$tmp); - if ($i==3) { $tmp=$s[2]; &mov ($s[1],&DWP(4,"esp")); }##%ebx - else { mov ($tmp,$s[2]); + if ($i==3) { $tmp=$s[2]; &mov ($s[1],$__s0); }##%ebx + else { &mov ($tmp,$s[2]); &shr ($tmp,16); } if ($i==2) { &and ($s[1],0xFF); }#%edx[2] &and ($tmp,0xFF); @@ -236,7 +825,7 @@ sub enclast() &and ($tmp,0x00ff0000); &xor ($out,$tmp); - if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }##%ecx + if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }##%ecx elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] else { &mov ($tmp,$s[3]); &shr ($tmp,24); } @@ -247,10 +836,7 @@ sub enclast() if ($i==3) { &mov ($s[3],$acc); } } -sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } - -&public_label("AES_Te"); -&function_begin_C("_x86_AES_encrypt"); +&function_begin_B("_x86_AES_encrypt"); if ($vertical_spin) { # I need high parts of volatile registers to be accessible... &exch ($s1="edi",$key="ebx"); @@ -258,7 +844,7 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } } # note that caller is expected to allocate stack frame for me! - &mov (&DWP(12,"esp"),$key); # save key + &mov ($__key,$key); # save key &xor ($s0,&DWP(0,$key)); # xor with key &xor ($s1,&DWP(4,$key)); @@ -270,24 +856,24 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } if ($small_footprint) { &lea ($acc,&DWP(-2,$acc,$acc)); &lea ($acc,&DWP(0,$key,$acc,8)); - &mov (&DWP(16,"esp"),$acc); # end of key schedule - &align (4); - &set_label("loop"); + &mov ($__end,$acc); # end of key schedule + + &set_label("loop",16); if ($vertical_spin) { - &encvert("ebp",$s0,$s1,$s2,$s3); + &encvert($tbl,$s0,$s1,$s2,$s3); } else { - &encstep(0,"ebp",$s0,$s1,$s2,$s3); - &encstep(1,"ebp",$s1,$s2,$s3,$s0); - &encstep(2,"ebp",$s2,$s3,$s0,$s1); - &encstep(3,"ebp",$s3,$s0,$s1,$s2); + &encstep(0,$tbl,$s0,$s1,$s2,$s3); + &encstep(1,$tbl,$s1,$s2,$s3,$s0); + &encstep(2,$tbl,$s2,$s3,$s0,$s1); + &encstep(3,$tbl,$s3,$s0,$s1,$s2); } &add ($key,16); # advance rd_key &xor ($s0,&DWP(0,$key)); &xor ($s1,&DWP(4,$key)); &xor ($s2,&DWP(8,$key)); &xor ($s3,&DWP(12,$key)); - &cmp ($key,&DWP(16,"esp")); - &mov (&DWP(12,"esp"),$key); + &cmp ($key,$__end); + &mov ($__key,$key); &jb (&label("loop")); } else { @@ -296,15 +882,15 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } &cmp ($acc,12); &jle (&label("12rounds")); - &set_label("14rounds"); + &set_label("14rounds",4); for ($i=1;$i<3;$i++) { if ($vertical_spin) { - &encvert("ebp",$s0,$s1,$s2,$s3); + &encvert($tbl,$s0,$s1,$s2,$s3); } else { - &encstep(0,"ebp",$s0,$s1,$s2,$s3); - &encstep(1,"ebp",$s1,$s2,$s3,$s0); - &encstep(2,"ebp",$s2,$s3,$s0,$s1); - &encstep(3,"ebp",$s3,$s0,$s1,$s2); + &encstep(0,$tbl,$s0,$s1,$s2,$s3); + &encstep(1,$tbl,$s1,$s2,$s3,$s0); + &encstep(2,$tbl,$s2,$s3,$s0,$s1); + &encstep(3,$tbl,$s3,$s0,$s1,$s2); } &xor ($s0,&DWP(16*$i+0,$key)); &xor ($s1,&DWP(16*$i+4,$key)); @@ -312,16 +898,16 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } &xor ($s3,&DWP(16*$i+12,$key)); } &add ($key,32); - &mov (&DWP(12,"esp"),$key); # advance rd_key - &set_label("12rounds"); + &mov ($__key,$key); # advance rd_key + &set_label("12rounds",4); for ($i=1;$i<3;$i++) { if ($vertical_spin) { - &encvert("ebp",$s0,$s1,$s2,$s3); + &encvert($tbl,$s0,$s1,$s2,$s3); } else { - &encstep(0,"ebp",$s0,$s1,$s2,$s3); - &encstep(1,"ebp",$s1,$s2,$s3,$s0); - &encstep(2,"ebp",$s2,$s3,$s0,$s1); - &encstep(3,"ebp",$s3,$s0,$s1,$s2); + &encstep(0,$tbl,$s0,$s1,$s2,$s3); + &encstep(1,$tbl,$s1,$s2,$s3,$s0); + &encstep(2,$tbl,$s2,$s3,$s0,$s1); + &encstep(3,$tbl,$s3,$s0,$s1,$s2); } &xor ($s0,&DWP(16*$i+0,$key)); &xor ($s1,&DWP(16*$i+4,$key)); @@ -329,16 +915,16 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } &xor ($s3,&DWP(16*$i+12,$key)); } &add ($key,32); - &mov (&DWP(12,"esp"),$key); # advance rd_key - &set_label("10rounds"); + &mov ($__key,$key); # advance rd_key + &set_label("10rounds",4); for ($i=1;$i<10;$i++) { if ($vertical_spin) { - &encvert("ebp",$s0,$s1,$s2,$s3); + &encvert($tbl,$s0,$s1,$s2,$s3); } else { - &encstep(0,"ebp",$s0,$s1,$s2,$s3); - &encstep(1,"ebp",$s1,$s2,$s3,$s0); - &encstep(2,"ebp",$s2,$s3,$s0,$s1); - &encstep(3,"ebp",$s3,$s0,$s1,$s2); + &encstep(0,$tbl,$s0,$s1,$s2,$s3); + &encstep(1,$tbl,$s1,$s2,$s3,$s0); + &encstep(2,$tbl,$s2,$s3,$s0,$s1); + &encstep(3,$tbl,$s3,$s0,$s1,$s2); } &xor ($s0,&DWP(16*$i+0,$key)); &xor ($s1,&DWP(16*$i+4,$key)); @@ -352,10 +938,10 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } &mov ($s1="ebx",$key="edi"); &mov ($s2="ecx",$acc="esi"); } - &enclast(0,"ebp",$s0,$s1,$s2,$s3); - &enclast(1,"ebp",$s1,$s2,$s3,$s0); - &enclast(2,"ebp",$s2,$s3,$s0,$s1); - &enclast(3,"ebp",$s3,$s0,$s1,$s2); + &enclast(0,$tbl,$s0,$s1,$s2,$s3); + &enclast(1,$tbl,$s1,$s2,$s3,$s0); + &enclast(2,$tbl,$s2,$s3,$s0,$s1); + &enclast(3,$tbl,$s3,$s0,$s1,$s2); &add ($key,$small_footprint?16:160); &xor ($s0,&DWP(0,$key)); @@ -430,38 +1016,198 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } &_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0); &_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e); &_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c); + +#Te4 # four copies of Te4 to choose from to avoid L1 aliasing + &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); + &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); + &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); + &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); + &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); + &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); + &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); + &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); + &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); + &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); + &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); + &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); + &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); + &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); + &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); + &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); + &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); + &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); + &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); + &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); + &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); + &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); + &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); + &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); + &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); + &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); + &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); + &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); + &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); + &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); + &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); + &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); + + &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); + &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); + &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); + &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); + &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); + &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); + &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); + &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); + &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); + &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); + &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); + &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); + &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); + &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); + &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); + &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); + &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); + &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); + &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); + &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); + &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); + &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); + &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); + &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); + &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); + &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); + &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); + &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); + &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); + &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); + &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); + &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); + + &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); + &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); + &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); + &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); + &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); + &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); + &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); + &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); + &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); + &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); + &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); + &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); + &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); + &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); + &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); + &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); + &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); + &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); + &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); + &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); + &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); + &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); + &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); + &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); + &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); + &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); + &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); + &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); + &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); + &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); + &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); + &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); + + &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); + &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); + &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); + &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); + &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); + &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); + &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); + &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); + &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); + &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); + &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); + &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); + &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); + &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); + &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); + &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); + &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); + &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); + &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); + &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); + &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); + &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); + &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); + &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); + &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); + &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); + &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); + &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); + &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); + &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); + &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); + &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); #rcon: &data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008); &data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080); - &data_word(0x0000001b, 0x00000036, 0, 0, 0, 0, 0, 0); + &data_word(0x0000001b, 0x00000036, 0x00000000, 0x00000000); + &data_word(0x00000000, 0x00000000, 0x00000000, 0x00000000); &function_end_B("_x86_AES_encrypt"); # void AES_encrypt (const void *inp,void *out,const AES_KEY *key); -&public_label("AES_Te"); &function_begin("AES_encrypt"); &mov ($acc,&wparam(0)); # load inp &mov ($key,&wparam(2)); # load key &mov ($s0,"esp"); - &sub ("esp",24); - &and ("esp",-64); - &add ("esp",4); - &mov (&DWP(16,"esp"),$s0); + &sub ("esp",36); + &and ("esp",-64); # align to cache-line + + # place stack frame just "above" the key schedule + &lea ($s1,&DWP(-64-63,$key)); + &sub ($s1,"esp"); + &neg ($s1); + &and ($s1,0x3C0); # modulo 1024, but aligned to cache-line + &sub ("esp",$s1); + &add ("esp",4); # 4 is reserved for caller's return address + &mov ($_esp,$s0); # save stack pointer &call (&label("pic_point")); # make it PIC! &set_label("pic_point"); - &blindpop("ebp"); - &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); - + &blindpop($tbl); + &picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if (!$x86only); + &lea ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl)); + + # pick Te4 copy which can't "overlap" with stack frame or key schedule + &lea ($s1,&DWP(768-4,"esp")); + &sub ($s1,$tbl); + &and ($s1,0x300); + &lea ($tbl,&DWP(2048+128,$tbl,$s1)); + + if (!$x86only) { + &bt (&DWP(0,$s0),25); # check for SSE bit + &jnc (&label("x86")); + + &movq ("mm0",&QWP(0,$acc)); + &movq ("mm4",&QWP(8,$acc)); + &call ("_sse_AES_encrypt_compact"); + &mov ("esp",$_esp); # restore stack pointer + &mov ($acc,&wparam(1)); # load out + &movq (&QWP(0,$acc),"mm0"); # write output data + &movq (&QWP(8,$acc),"mm4"); + &emms (); + &function_end_A(); + } + &set_label("x86",16); + &mov ($_tbl,$tbl); &mov ($s0,&DWP(0,$acc)); # load input data &mov ($s1,&DWP(4,$acc)); &mov ($s2,&DWP(8,$acc)); &mov ($s3,&DWP(12,$acc)); - - &call ("_x86_AES_encrypt"); - - &mov ("esp",&DWP(16,"esp")); - + &call ("_x86_AES_encrypt_compact"); + &mov ("esp",$_esp); # restore stack pointer &mov ($acc,&wparam(1)); # load out &mov (&DWP(0,$acc),$s0); # write output data &mov (&DWP(4,$acc),$s1); @@ -469,7 +1215,370 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } &mov (&DWP(12,$acc),$s3); &function_end("AES_encrypt"); -#------------------------------------------------------------------# +#--------------------------------------------------------------------# + +###################################################################### +# "Compact" block function +###################################################################### + +sub deccompact() +{ my $Fn = mov; + while ($#_>5) { pop(@_); $Fn=sub{}; } + my ($i,$td,@s)=@_; + my $tmp = $key; + my $out = $i==3?$s[0]:$acc; + + # $Fn is used in first compact round and its purpose is to + # void restoration of some values from stack, so that after + # 4xdeccompact with extra argument $key, $s0 and $s1 values + # are left there... + if($i==3) { &$Fn ($key,$__key); } + else { &mov ($out,$s[0]); } + &and ($out,0xFF); + &movz ($out,&BP(-128,$td,$out,1)); + + if ($i==3) { $tmp=$s[1]; } + &movz ($tmp,&HB($s[1])); + &movz ($tmp,&BP(-128,$td,$tmp,1)); + &shl ($tmp,8); + &xor ($out,$tmp); + + if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); } + else { mov ($tmp,$s[2]); } + &shr ($tmp,16); + &and ($tmp,0xFF); + &movz ($tmp,&BP(-128,$td,$tmp,1)); + &shl ($tmp,16); + &xor ($out,$tmp); + + if ($i==3) { $tmp=$s[3]; &$Fn ($s[2],$__s1); } + else { &mov ($tmp,$s[3]); } + &shr ($tmp,24); + &movz ($tmp,&BP(-128,$td,$tmp,1)); + &shl ($tmp,24); + &xor ($out,$tmp); + if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } + if ($i==3) { &$Fn ($s[3],$__s0); } +} + +# must be called with 2,3,0,1 as argument sequence!!! +sub dectransform() +{ my @s = ($s0,$s1,$s2,$s3); + my $i = shift; + my $tmp = $key; + my $tp2 = @s[($i+2)%4]; $tp2 = @s[2] if ($i==1); + my $tp4 = @s[($i+3)%4]; $tp4 = @s[3] if ($i==1); + my $tp8 = $tbl; + + &mov ($acc,$s[$i]); + &and ($acc,0x80808080); + &mov ($tmp,$acc); + &shr ($tmp,7); + &lea ($tp2,&DWP(0,$s[$i],$s[$i])); + &sub ($acc,$tmp); + &and ($tp2,0xfefefefe); + &and ($acc,0x1b1b1b1b); + &xor ($acc,$tp2); + &mov ($tp2,$acc); + + &and ($acc,0x80808080); + &mov ($tmp,$acc); + &shr ($tmp,7); + &lea ($tp4,&DWP(0,$tp2,$tp2)); + &sub ($acc,$tmp); + &and ($tp4,0xfefefefe); + &and ($acc,0x1b1b1b1b); + &xor ($tp2,$s[$i]); # tp2^tp1 + &xor ($acc,$tp4); + &mov ($tp4,$acc); + + &and ($acc,0x80808080); + &mov ($tmp,$acc); + &shr ($tmp,7); + &lea ($tp8,&DWP(0,$tp4,$tp4)); + &sub ($acc,$tmp); + &and ($tp8,0xfefefefe); + &and ($acc,0x1b1b1b1b); + &xor ($tp4,$s[$i]); # tp4^tp1 + &rotl ($s[$i],8); # = ROTATE(tp1,8) + &xor ($tp8,$acc); + + &xor ($s[$i],$tp2); + &xor ($tp2,$tp8); + &rotl ($tp2,24); + &xor ($s[$i],$tp4); + &xor ($tp4,$tp8); + &rotl ($tp4,16); + &xor ($s[$i],$tp8); # ^= tp8^(tp4^tp1)^(tp2^tp1) + &rotl ($tp8,8); + &xor ($s[$i],$tp2); # ^= ROTATE(tp8^tp2^tp1,24) + &xor ($s[$i],$tp4); # ^= ROTATE(tp8^tp4^tp1,16) + &mov ($s[0],$__s0) if($i==2); #prefetch $s0 + &mov ($s[1],$__s1) if($i==3); #prefetch $s1 + &mov ($s[2],$__s2) if($i==1); + &xor ($s[$i],$tp8); # ^= ROTATE(tp8,8) + + &mov ($s[3],$__s3) if($i==1); + &mov (&DWP(4+4*$i,"esp"),$s[$i]) if($i>=2); +} + +&function_begin_B("_x86_AES_decrypt_compact"); + # note that caller is expected to allocate stack frame for me! + &mov ($__key,$key); # save key + + &xor ($s0,&DWP(0,$key)); # xor with key + &xor ($s1,&DWP(4,$key)); + &xor ($s2,&DWP(8,$key)); + &xor ($s3,&DWP(12,$key)); + + &mov ($acc,&DWP(240,$key)); # load key->rounds + + &lea ($acc,&DWP(-2,$acc,$acc)); + &lea ($acc,&DWP(0,$key,$acc,8)); + &mov ($__end,$acc); # end of key schedule + + # prefetch Td4 + &mov ($key,&DWP(0-128,$tbl)); + &mov ($acc,&DWP(32-128,$tbl)); + &mov ($key,&DWP(64-128,$tbl)); + &mov ($acc,&DWP(96-128,$tbl)); + &mov ($key,&DWP(128-128,$tbl)); + &mov ($acc,&DWP(160-128,$tbl)); + &mov ($key,&DWP(192-128,$tbl)); + &mov ($acc,&DWP(224-128,$tbl)); + + &set_label("loop",16); + + &deccompact(0,$tbl,$s0,$s3,$s2,$s1,1); + &deccompact(1,$tbl,$s1,$s0,$s3,$s2,1); + &deccompact(2,$tbl,$s2,$s1,$s0,$s3,1); + &deccompact(3,$tbl,$s3,$s2,$s1,$s0,1); + &dectransform(2); + &dectransform(3); + &dectransform(0); + &dectransform(1); + &mov ($key,$__key); + &mov ($tbl,$__tbl); + &add ($key,16); # advance rd_key + &xor ($s0,&DWP(0,$key)); + &xor ($s1,&DWP(4,$key)); + &xor ($s2,&DWP(8,$key)); + &xor ($s3,&DWP(12,$key)); + + &cmp ($key,$__end); + &mov ($__key,$key); + &jb (&label("loop")); + + &deccompact(0,$tbl,$s0,$s3,$s2,$s1); + &deccompact(1,$tbl,$s1,$s0,$s3,$s2); + &deccompact(2,$tbl,$s2,$s1,$s0,$s3); + &deccompact(3,$tbl,$s3,$s2,$s1,$s0); + + &xor ($s0,&DWP(16,$key)); + &xor ($s1,&DWP(20,$key)); + &xor ($s2,&DWP(24,$key)); + &xor ($s3,&DWP(28,$key)); + + &ret (); +&function_end_B("_x86_AES_decrypt_compact"); + +###################################################################### +# "Compact" SSE block function. +###################################################################### + +sub sse_deccompact() +{ + &pshufw ("mm1","mm0",0x0c); # 7, 6, 1, 0 + &movd ("eax","mm1"); # 7, 6, 1, 0 + + &pshufw ("mm5","mm4",0x09); # 13,12,11,10 + &movz ($acc,&LB("eax")); # 0 + &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 0 + &movd ("ebx","mm5"); # 13,12,11,10 + &movz ("edx",&HB("eax")); # 1 + &movz ("edx",&BP(-128,$tbl,"edx",1)); # 1 + &shl ("edx",8); # 1 + + &pshufw ("mm2","mm0",0x06); # 3, 2, 5, 4 + &movz ($acc,&LB("ebx")); # 10 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 10 + &shl ($acc,16); # 10 + &or ("ecx",$acc); # 10 + &shr ("eax",16); # 7, 6 + &movz ($acc,&HB("ebx")); # 11 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 11 + &shl ($acc,24); # 11 + &or ("edx",$acc); # 11 + &shr ("ebx",16); # 13,12 + + &pshufw ("mm6","mm4",0x03); # 9, 8,15,14 + &movz ($acc,&HB("eax")); # 7 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 7 + &shl ($acc,24); # 7 + &or ("ecx",$acc); # 7 + &movz ($acc,&HB("ebx")); # 13 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 13 + &shl ($acc,8); # 13 + &or ("ecx",$acc); # 13 + &movd ("mm0","ecx"); # t[0] collected + + &movz ($acc,&LB("eax")); # 6 + &movd ("eax","mm2"); # 3, 2, 5, 4 + &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 6 + &shl ("ecx",16); # 6 + &movz ($acc,&LB("ebx")); # 12 + &movd ("ebx","mm6"); # 9, 8,15,14 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 12 + &or ("ecx",$acc); # 12 + + &movz ($acc,&LB("eax")); # 4 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 4 + &or ("edx",$acc); # 4 + &movz ($acc,&LB("ebx")); # 14 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 14 + &shl ($acc,16); # 14 + &or ("edx",$acc); # 14 + &movd ("mm1","edx"); # t[1] collected + + &movz ($acc,&HB("eax")); # 5 + &movz ("edx",&BP(-128,$tbl,$acc,1)); # 5 + &shl ("edx",8); # 5 + &movz ($acc,&HB("ebx")); # 15 + &shr ("eax",16); # 3, 2 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 15 + &shl ($acc,24); # 15 + &or ("edx",$acc); # 15 + &shr ("ebx",16); # 9, 8 + + &punpckldq ("mm0","mm1"); # t[0,1] collected + + &movz ($acc,&HB("ebx")); # 9 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 9 + &shl ($acc,8); # 9 + &or ("ecx",$acc); # 9 + &and ("ebx",0xff); # 8 + &movz ("ebx",&BP(-128,$tbl,"ebx",1)); # 8 + &or ("edx","ebx"); # 8 + &movz ($acc,&LB("eax")); # 2 + &movz ($acc,&BP(-128,$tbl,$acc,1)); # 2 + &shl ($acc,16); # 2 + &or ("edx",$acc); # 2 + &movd ("mm4","edx"); # t[2] collected + &movz ("eax",&HB("eax")); # 3 + &movz ("eax",&BP(-128,$tbl,"eax",1)); # 3 + &shl ("eax",24); # 3 + &or ("ecx","eax"); # 3 + &movd ("mm5","ecx"); # t[3] collected + + &punpckldq ("mm4","mm5"); # t[2,3] collected +} + + if (!$x86only) { +&function_begin_B("_sse_AES_decrypt_compact"); + &pxor ("mm0",&QWP(0,$key)); # 7, 6, 5, 4, 3, 2, 1, 0 + &pxor ("mm4",&QWP(8,$key)); # 15,14,13,12,11,10, 9, 8 + + # note that caller is expected to allocate stack frame for me! + &mov ($acc,&DWP(240,$key)); # load key->rounds + &lea ($acc,&DWP(-2,$acc,$acc)); + &lea ($acc,&DWP(0,$key,$acc,8)); + &mov ($__end,$acc); # end of key schedule + + &mov ($s0,0x1b1b1b1b); # magic constant + &mov (&DWP(8,"esp"),$s0); + &mov (&DWP(12,"esp"),$s0); + + # prefetch Td4 + &mov ($s0,&DWP(0-128,$tbl)); + &mov ($s1,&DWP(32-128,$tbl)); + &mov ($s2,&DWP(64-128,$tbl)); + &mov ($s3,&DWP(96-128,$tbl)); + &mov ($s0,&DWP(128-128,$tbl)); + &mov ($s1,&DWP(160-128,$tbl)); + &mov ($s2,&DWP(192-128,$tbl)); + &mov ($s3,&DWP(224-128,$tbl)); + + &set_label("loop",16); + &sse_deccompact(); + &add ($key,16); + &cmp ($key,$__end); + &ja (&label("out")); + + # ROTATE(x^y,N) == ROTATE(x,N)^ROTATE(y,N) + &movq ("mm3","mm0"); &movq ("mm7","mm4"); + &movq ("mm2","mm0",1); &movq ("mm6","mm4",1); + &movq ("mm1","mm0"); &movq ("mm5","mm4"); + &pshufw ("mm0","mm0",0xb1); &pshufw ("mm4","mm4",0xb1);# = ROTATE(tp0,16) + &pslld ("mm2",8); &pslld ("mm6",8); + &psrld ("mm3",8); &psrld ("mm7",8); + &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= tp0<<8 + &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp0>>8 + &pslld ("mm2",16); &pslld ("mm6",16); + &psrld ("mm3",16); &psrld ("mm7",16); + &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= tp0<<24 + &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp0>>24 + + &movq ("mm3",&QWP(8,"esp")); + &pxor ("mm2","mm2"); &pxor ("mm6","mm6"); + &pcmpgtb("mm2","mm1"); &pcmpgtb("mm6","mm5"); + &pand ("mm2","mm3"); &pand ("mm6","mm3"); + &paddb ("mm1","mm1"); &paddb ("mm5","mm5"); + &pxor ("mm1","mm2"); &pxor ("mm5","mm6"); # tp2 + &movq ("mm3","mm1"); &movq ("mm7","mm5"); + &movq ("mm2","mm1"); &movq ("mm6","mm5"); + &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp2 + &pslld ("mm3",24); &pslld ("mm7",24); + &psrld ("mm2",8); &psrld ("mm6",8); + &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp2<<24 + &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= tp2>>8 + + &movq ("mm2",&QWP(8,"esp")); + &pxor ("mm3","mm3"); &pxor ("mm7","mm7"); + &pcmpgtb("mm3","mm1"); &pcmpgtb("mm7","mm5"); + &pand ("mm3","mm2"); &pand ("mm7","mm2"); + &paddb ("mm1","mm1"); &paddb ("mm5","mm5"); + &pxor ("mm1","mm3"); &pxor ("mm5","mm7"); # tp4 + &pshufw ("mm3","mm1",0xb1); &pshufw ("mm7","mm5",0xb1); + &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp4 + &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= ROTATE(tp4,16) + + &pxor ("mm3","mm3"); &pxor ("mm7","mm7"); + &pcmpgtb("mm3","mm1"); &pcmpgtb("mm7","mm5"); + &pand ("mm3","mm2"); &pand ("mm7","mm2"); + &paddb ("mm1","mm1"); &paddb ("mm5","mm5"); + &pxor ("mm1","mm3"); &pxor ("mm5","mm7"); # tp8 + &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp8 + &movq ("mm3","mm1"); &movq ("mm7","mm5"); + &pshufw ("mm2","mm1",0xb1); &pshufw ("mm6","mm5",0xb1); + &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= ROTATE(tp8,16) + &pslld ("mm1",8); &pslld ("mm5",8); + &psrld ("mm3",8); &psrld ("mm7",8); + &movq ("mm2",&QWP(0,$key)); &movq ("mm6",&QWP(8,$key)); + &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp8<<8 + &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp8>>8 + &mov ($s0,&DWP(0-128,$tbl)); + &pslld ("mm1",16); &pslld ("mm5",16); + &mov ($s1,&DWP(64-128,$tbl)); + &psrld ("mm3",16); &psrld ("mm7",16); + &mov ($s2,&DWP(128-128,$tbl)); + &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp8<<24 + &mov ($s3,&DWP(192-128,$tbl)); + &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp8>>24 + + &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); + &jmp (&label("loop")); + + &set_label("out",16); + &pxor ("mm0",&QWP(0,$key)); + &pxor ("mm4",&QWP(8,$key)); + + &ret (); +&function_end_B("_sse_AES_decrypt_compact"); + } + +###################################################################### +# Vanilla block function. +###################################################################### sub decstep() { my ($i,$td,@s) = @_; @@ -480,7 +1589,7 @@ sub decstep() # optimal... or rather that all attempts to reorder didn't # result in better performance [which by the way is not a # bit lower than ecryption]. - if($i==3) { &mov ($key,&DWP(12,"esp")); } + if($i==3) { &mov ($key,$__key); } else { &mov ($out,$s[0]); } &and ($out,0xFF); &mov ($out,&DWP(0,$td,$out,8)); @@ -495,12 +1604,12 @@ sub decstep() &and ($tmp,0xFF); &xor ($out,&DWP(2,$td,$tmp,8)); - if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); } + if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); } else { &mov ($tmp,$s[3]); } &shr ($tmp,24); &xor ($out,&DWP(1,$td,$tmp,8)); if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],&DWP(4,"esp")); } + if ($i==3) { &mov ($s[3],$__s0); } &comment(); } @@ -509,14 +1618,24 @@ sub declast() my $tmp = $key; my $out = $i==3?$s[0]:$acc; - if($i==3) { &mov ($key,&DWP(12,"esp")); } + if($i==0) { &lea ($td,&DWP(2048+128,$td)); + &mov ($tmp,&DWP(0-128,$td)); + &mov ($acc,&DWP(32-128,$td)); + &mov ($tmp,&DWP(64-128,$td)); + &mov ($acc,&DWP(96-128,$td)); + &mov ($tmp,&DWP(128-128,$td)); + &mov ($acc,&DWP(160-128,$td)); + &mov ($tmp,&DWP(192-128,$td)); + &mov ($acc,&DWP(224-128,$td)); + &lea ($td,&DWP(-128,$td)); } + if($i==3) { &mov ($key,$__key); } else { &mov ($out,$s[0]); } &and ($out,0xFF); - &movz ($out,&BP(2048,$td,$out,1)); + &movz ($out,&BP(0,$td,$out,1)); if ($i==3) { $tmp=$s[1]; } &movz ($tmp,&HB($s[1])); - &movz ($tmp,&BP(2048,$td,$tmp,1)); + &movz ($tmp,&BP(0,$td,$tmp,1)); &shl ($tmp,8); &xor ($out,$tmp); @@ -524,24 +1643,24 @@ sub declast() else { mov ($tmp,$s[2]); } &shr ($tmp,16); &and ($tmp,0xFF); - &movz ($tmp,&BP(2048,$td,$tmp,1)); + &movz ($tmp,&BP(0,$td,$tmp,1)); &shl ($tmp,16); &xor ($out,$tmp); - if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); } + if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); } else { &mov ($tmp,$s[3]); } &shr ($tmp,24); - &movz ($tmp,&BP(2048,$td,$tmp,1)); + &movz ($tmp,&BP(0,$td,$tmp,1)); &shl ($tmp,24); &xor ($out,$tmp); if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],&DWP(4,"esp")); } + if ($i==3) { &mov ($s[3],$__s0); + &lea ($td,&DWP(-2048,$td)); } } -&public_label("AES_Td"); -&function_begin_C("_x86_AES_decrypt"); +&function_begin_B("_x86_AES_decrypt"); # note that caller is expected to allocate stack frame for me! - &mov (&DWP(12,"esp"),$key); # save key + &mov ($__key,$key); # save key &xor ($s0,&DWP(0,$key)); # xor with key &xor ($s1,&DWP(4,$key)); @@ -553,20 +1672,19 @@ sub declast() if ($small_footprint) { &lea ($acc,&DWP(-2,$acc,$acc)); &lea ($acc,&DWP(0,$key,$acc,8)); - &mov (&DWP(16,"esp"),$acc); # end of key schedule - &align (4); - &set_label("loop"); - &decstep(0,"ebp",$s0,$s3,$s2,$s1); - &decstep(1,"ebp",$s1,$s0,$s3,$s2); - &decstep(2,"ebp",$s2,$s1,$s0,$s3); - &decstep(3,"ebp",$s3,$s2,$s1,$s0); + &mov ($__end,$acc); # end of key schedule + &set_label("loop",16); + &decstep(0,$tbl,$s0,$s3,$s2,$s1); + &decstep(1,$tbl,$s1,$s0,$s3,$s2); + &decstep(2,$tbl,$s2,$s1,$s0,$s3); + &decstep(3,$tbl,$s3,$s2,$s1,$s0); &add ($key,16); # advance rd_key &xor ($s0,&DWP(0,$key)); &xor ($s1,&DWP(4,$key)); &xor ($s2,&DWP(8,$key)); &xor ($s3,&DWP(12,$key)); - &cmp ($key,&DWP(16,"esp")); - &mov (&DWP(12,"esp"),$key); + &cmp ($key,$__end); + &mov ($__key,$key); &jb (&label("loop")); } else { @@ -575,38 +1693,38 @@ sub declast() &cmp ($acc,12); &jle (&label("12rounds")); - &set_label("14rounds"); + &set_label("14rounds",4); for ($i=1;$i<3;$i++) { - &decstep(0,"ebp",$s0,$s3,$s2,$s1); - &decstep(1,"ebp",$s1,$s0,$s3,$s2); - &decstep(2,"ebp",$s2,$s1,$s0,$s3); - &decstep(3,"ebp",$s3,$s2,$s1,$s0); + &decstep(0,$tbl,$s0,$s3,$s2,$s1); + &decstep(1,$tbl,$s1,$s0,$s3,$s2); + &decstep(2,$tbl,$s2,$s1,$s0,$s3); + &decstep(3,$tbl,$s3,$s2,$s1,$s0); &xor ($s0,&DWP(16*$i+0,$key)); &xor ($s1,&DWP(16*$i+4,$key)); &xor ($s2,&DWP(16*$i+8,$key)); &xor ($s3,&DWP(16*$i+12,$key)); } &add ($key,32); - &mov (&DWP(12,"esp"),$key); # advance rd_key - &set_label("12rounds"); + &mov ($__key,$key); # advance rd_key + &set_label("12rounds",4); for ($i=1;$i<3;$i++) { - &decstep(0,"ebp",$s0,$s3,$s2,$s1); - &decstep(1,"ebp",$s1,$s0,$s3,$s2); - &decstep(2,"ebp",$s2,$s1,$s0,$s3); - &decstep(3,"ebp",$s3,$s2,$s1,$s0); + &decstep(0,$tbl,$s0,$s3,$s2,$s1); + &decstep(1,$tbl,$s1,$s0,$s3,$s2); + &decstep(2,$tbl,$s2,$s1,$s0,$s3); + &decstep(3,$tbl,$s3,$s2,$s1,$s0); &xor ($s0,&DWP(16*$i+0,$key)); &xor ($s1,&DWP(16*$i+4,$key)); &xor ($s2,&DWP(16*$i+8,$key)); &xor ($s3,&DWP(16*$i+12,$key)); } &add ($key,32); - &mov (&DWP(12,"esp"),$key); # advance rd_key - &set_label("10rounds"); + &mov ($__key,$key); # advance rd_key + &set_label("10rounds",4); for ($i=1;$i<10;$i++) { - &decstep(0,"ebp",$s0,$s3,$s2,$s1); - &decstep(1,"ebp",$s1,$s0,$s3,$s2); - &decstep(2,"ebp",$s2,$s1,$s0,$s3); - &decstep(3,"ebp",$s3,$s2,$s1,$s0); + &decstep(0,$tbl,$s0,$s3,$s2,$s1); + &decstep(1,$tbl,$s1,$s0,$s3,$s2); + &decstep(2,$tbl,$s2,$s1,$s0,$s3); + &decstep(3,$tbl,$s3,$s2,$s1,$s0); &xor ($s0,&DWP(16*$i+0,$key)); &xor ($s1,&DWP(16*$i+4,$key)); &xor ($s2,&DWP(16*$i+8,$key)); @@ -614,10 +1732,10 @@ sub declast() } } - &declast(0,"ebp",$s0,$s3,$s2,$s1); - &declast(1,"ebp",$s1,$s0,$s3,$s2); - &declast(2,"ebp",$s2,$s1,$s0,$s3); - &declast(3,"ebp",$s3,$s2,$s1,$s0); + &declast(0,$tbl,$s0,$s3,$s2,$s1); + &declast(1,$tbl,$s1,$s0,$s3,$s2); + &declast(2,$tbl,$s2,$s1,$s0,$s3); + &declast(3,$tbl,$s3,$s2,$s1,$s0); &add ($key,$small_footprint?16:160); &xor ($s0,&DWP(0,$key)); @@ -692,7 +1810,8 @@ sub declast() &_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff); &_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664); &_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0); -#Td4: + +#Td4: # four copies of Td4 to choose from to avoid L1 aliasing &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); @@ -725,178 +1844,301 @@ sub declast() &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); -&function_end_B("_x86_AES_decrypt"); - -# void AES_decrypt (const void *inp,void *out,const AES_KEY *key); -&public_label("AES_Td"); -&function_begin("AES_decrypt"); - &mov ($acc,&wparam(0)); # load inp - &mov ($key,&wparam(2)); # load key - - &mov ($s0,"esp"); - &sub ("esp",24); - &and ("esp",-64); - &add ("esp",4); - &mov (&DWP(16,"esp"),$s0); - - &call (&label("pic_point")); # make it PIC! - &set_label("pic_point"); - &blindpop("ebp"); - &lea ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); - - # prefetch Td4 - &lea ("ebp",&DWP(2048+128,"ebp")); - &mov ($s0,&DWP(0-128,"ebp")); - &mov ($s1,&DWP(32-128,"ebp")); - &mov ($s2,&DWP(64-128,"ebp")); - &mov ($s3,&DWP(96-128,"ebp")); - &mov ($s0,&DWP(128-128,"ebp")); - &mov ($s1,&DWP(160-128,"ebp")); - &mov ($s2,&DWP(192-128,"ebp")); - &mov ($s3,&DWP(224-128,"ebp")); - &lea ("ebp",&DWP(-2048-128,"ebp")); - - &mov ($s0,&DWP(0,$acc)); # load input data - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - &call ("_x86_AES_decrypt"); - - &mov ("esp",&DWP(16,"esp")); + &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); + &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); + &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); + &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); + &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); + &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); + &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); + &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); + &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); + &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); + &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); + &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); + &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); + &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); + &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); + &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); + &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); + &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); + &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); + &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); + &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); + &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); + &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); + &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); + &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); + &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); + &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); + &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); + &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); + &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); + &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); + &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); - &mov ($acc,&wparam(1)); # load out - &mov (&DWP(0,$acc),$s0); # write output data - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); -&function_end("AES_decrypt"); + &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); + &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); + &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); + &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); + &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); + &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); + &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); + &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); + &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); + &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); + &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); + &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); + &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); + &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); + &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); + &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); + &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); + &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); + &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); + &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); + &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); + &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); + &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); + &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); + &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); + &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); + &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); + &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); + &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); + &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); + &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); + &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); -# void AES_cbc_encrypt (const void char *inp, unsigned char *out, -# size_t length, const AES_KEY *key, -# unsigned char *ivp,const int enc); + &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); + &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); + &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); + &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); + &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); + &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); + &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); + &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); + &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); + &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); + &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); + &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); + &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); + &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); + &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); + &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); + &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); + &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); + &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); + &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); + &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); + &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); + &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); + &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); + &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); + &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); + &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); + &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); + &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); + &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); + &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); + &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); +&function_end_B("_x86_AES_decrypt"); + +# void AES_decrypt (const void *inp,void *out,const AES_KEY *key); +&function_begin("AES_decrypt"); + &mov ($acc,&wparam(0)); # load inp + &mov ($key,&wparam(2)); # load key + + &mov ($s0,"esp"); + &sub ("esp",36); + &and ("esp",-64); # align to cache-line + + # place stack frame just "above" the key schedule + &lea ($s1,&DWP(-64-63,$key)); + &sub ($s1,"esp"); + &neg ($s1); + &and ($s1,0x3C0); # modulo 1024, but aligned to cache-line + &sub ("esp",$s1); + &add ("esp",4); # 4 is reserved for caller's return address + &mov ($_esp,$s0); # save stack pointer + + &call (&label("pic_point")); # make it PIC! + &set_label("pic_point"); + &blindpop($tbl); + &picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only); + &lea ($tbl,&DWP(&label("AES_Td")."-".&label("pic_point"),$tbl)); + + # pick Td4 copy which can't "overlap" with stack frame or key schedule + &lea ($s1,&DWP(768-4,"esp")); + &sub ($s1,$tbl); + &and ($s1,0x300); + &lea ($tbl,&DWP(2048+128,$tbl,$s1)); + + if (!$x86only) { + &bt (&DWP(0,$s0),25); # check for SSE bit + &jnc (&label("x86")); + + &movq ("mm0",&QWP(0,$acc)); + &movq ("mm4",&QWP(8,$acc)); + &call ("_sse_AES_decrypt_compact"); + &mov ("esp",$_esp); # restore stack pointer + &mov ($acc,&wparam(1)); # load out + &movq (&QWP(0,$acc),"mm0"); # write output data + &movq (&QWP(8,$acc),"mm4"); + &emms (); + &function_end_A(); + } + &set_label("x86",16); + &mov ($_tbl,$tbl); + &mov ($s0,&DWP(0,$acc)); # load input data + &mov ($s1,&DWP(4,$acc)); + &mov ($s2,&DWP(8,$acc)); + &mov ($s3,&DWP(12,$acc)); + &call ("_x86_AES_decrypt_compact"); + &mov ("esp",$_esp); # restore stack pointer + &mov ($acc,&wparam(1)); # load out + &mov (&DWP(0,$acc),$s0); # write output data + &mov (&DWP(4,$acc),$s1); + &mov (&DWP(8,$acc),$s2); + &mov (&DWP(12,$acc),$s3); +&function_end("AES_decrypt"); + +# void AES_cbc_encrypt (const void char *inp, unsigned char *out, +# size_t length, const AES_KEY *key, +# unsigned char *ivp,const int enc); { # stack frame layout -# -4(%esp) 0(%esp) return address -# 0(%esp) 4(%esp) tmp1 -# 4(%esp) 8(%esp) tmp2 -# 8(%esp) 12(%esp) key -# 12(%esp) 16(%esp) end of key schedule -my $_esp=&DWP(16,"esp"); #saved %esp -my $_inp=&DWP(20,"esp"); #copy of wparam(0) -my $_out=&DWP(24,"esp"); #copy of wparam(1) -my $_len=&DWP(28,"esp"); #copy of wparam(2) -my $_key=&DWP(32,"esp"); #copy of wparam(3) -my $_ivp=&DWP(36,"esp"); #copy of wparam(4) -my $_tmp=&DWP(40,"esp"); #volatile variable -my $ivec=&DWP(44,"esp"); #ivec[16] -my $aes_key=&DWP(60,"esp"); #copy of aes_key -my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds - -&public_label("AES_Te"); -&public_label("AES_Td"); +# -4(%esp) # return address 0(%esp) +# 0(%esp) # s0 backing store 4(%esp) +# 4(%esp) # s1 backing store 8(%esp) +# 8(%esp) # s2 backing store 12(%esp) +# 12(%esp) # s3 backing store 16(%esp) +# 16(%esp) # key backup 20(%esp) +# 20(%esp) # end of key schedule 24(%esp) +# 24(%esp) # %ebp backup 28(%esp) +# 28(%esp) # %esp backup +my $_inp=&DWP(32,"esp"); # copy of wparam(0) +my $_out=&DWP(36,"esp"); # copy of wparam(1) +my $_len=&DWP(40,"esp"); # copy of wparam(2) +my $_key=&DWP(44,"esp"); # copy of wparam(3) +my $_ivp=&DWP(48,"esp"); # copy of wparam(4) +my $_tmp=&DWP(52,"esp"); # volatile variable +# +my $ivec=&DWP(60,"esp"); # ivec[16] +my $aes_key=&DWP(76,"esp"); # copy of aes_key +my $mark=&DWP(76+240,"esp"); # copy of aes_key->rounds + &function_begin("AES_cbc_encrypt"); &mov ($s2 eq "ecx"? $s2 : "",&wparam(2)); # load len &cmp ($s2,0); - &je (&label("enc_out")); + &je (&label("drop_out")); &call (&label("pic_point")); # make it PIC! &set_label("pic_point"); - &blindpop("ebp"); - - &pushf (); - &cld (); + &blindpop($tbl); + &picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only); &cmp (&wparam(5),0); - &je (&label("DECRYPT")); - - &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); + &lea ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl)); + &jne (&label("picked_te")); + &lea ($tbl,&DWP(&label("AES_Td")."-".&label("AES_Te"),$tbl)); + &set_label("picked_te"); - # allocate aligned stack frame... - &lea ($key,&DWP(-64-244,"esp")); - &and ($key,-64); + # one can argue if this is required + &pushf (); + &cld (); - # ... and make sure it doesn't alias with AES_Te modulo 4096 - &mov ($s0,"ebp"); - &lea ($s1,&DWP(2048,"ebp")); - &mov ($s3,$key); + &cmp ($s2,$speed_limit); + &jb (&label("slow_way")); + &test ($s2,15); + &jnz (&label("slow_way")); + if (!$x86only) { + &bt (&DWP(0,$s0),28); # check for hyper-threading bit + &jc (&label("slow_way")); + } + # pre-allocate aligned stack frame... + &lea ($acc,&DWP(-80-244,"esp")); + &and ($acc,-64); + + # ... and make sure it doesn't alias with $tbl modulo 4096 + &mov ($s0,$tbl); + &lea ($s1,&DWP(2048+256,$tbl)); + &mov ($s3,$acc); &and ($s0,0xfff); # s = %ebp&0xfff - &and ($s1,0xfff); # e = (%ebp+2048)&0xfff + &and ($s1,0xfff); # e = (%ebp+2048+256)&0xfff &and ($s3,0xfff); # p = %esp&0xfff &cmp ($s3,$s1); # if (p>=e) %esp =- (p-e); - &jb (&label("te_break_out")); + &jb (&label("tbl_break_out")); &sub ($s3,$s1); - &sub ($key,$s3); - &jmp (&label("te_ok")); - &set_label("te_break_out"); # else %esp -= (p-s)&0xfff + framesz; + &sub ($acc,$s3); + &jmp (&label("tbl_ok")); + &set_label("tbl_break_out",4); # else %esp -= (p-s)&0xfff + framesz; &sub ($s3,$s0); &and ($s3,0xfff); - &add ($s3,64+256); - &sub ($key,$s3); - &align (4); - &set_label("te_ok"); - - &mov ($s0,&wparam(0)); # load inp - &mov ($s1,&wparam(1)); # load out - &mov ($s3,&wparam(3)); # load key - &mov ($acc,&wparam(4)); # load ivp + &add ($s3,384); + &sub ($acc,$s3); + &set_label("tbl_ok",4); - &exch ("esp",$key); + &lea ($s3,&wparam(0)); # obtain pointer to parameter block + &exch ("esp",$acc); # allocate stack frame &add ("esp",4); # reserve for return address! - &mov ($_esp,$key); # save %esp + &mov ($_tbl,$tbl); # save %ebp + &mov ($_esp,$acc); # save %esp + + &mov ($s0,&DWP(0,$s3)); # load inp + &mov ($s1,&DWP(4,$s3)); # load out + #&mov ($s2,&DWP(8,$s3)); # load len + &mov ($key,&DWP(12,$s3)); # load key + &mov ($acc,&DWP(16,$s3)); # load ivp + &mov ($s3,&DWP(20,$s3)); # load enc flag &mov ($_inp,$s0); # save copy of inp &mov ($_out,$s1); # save copy of out &mov ($_len,$s2); # save copy of len - &mov ($_key,$s3); # save copy of key + &mov ($_key,$key); # save copy of key &mov ($_ivp,$acc); # save copy of ivp &mov ($mark,0); # copy of aes_key->rounds = 0; - if ($compromise) { - &cmp ($s2,$compromise); - &jb (&label("skip_ecopy")); - } # do we copy key schedule to stack? - &mov ($s1 eq "ebx" ? $s1 : "",$s3); + &mov ($s1 eq "ebx" ? $s1 : "",$key); &mov ($s2 eq "ecx" ? $s2 : "",244/4); - &sub ($s1,"ebp"); - &mov ("esi",$s3); + &sub ($s1,$tbl); + &mov ("esi",$key); &and ($s1,0xfff); &lea ("edi",$aes_key); - &cmp ($s1,2048); - &jb (&label("do_ecopy")); + &cmp ($s1,2048+256); + &jb (&label("do_copy")); &cmp ($s1,4096-244); - &jb (&label("skip_ecopy")); - &align (4); - &set_label("do_ecopy"); + &jb (&label("skip_copy")); + &set_label("do_copy",4); &mov ($_key,"edi"); &data_word(0xA5F3F689); # rep movsd - &set_label("skip_ecopy"); + &set_label("skip_copy"); - &mov ($acc,$s0); &mov ($key,16); - &align (4); - &set_label("prefetch_te"); - &mov ($s0,&DWP(0,"ebp")); - &mov ($s1,&DWP(32,"ebp")); - &mov ($s2,&DWP(64,"ebp")); - &mov ($s3,&DWP(96,"ebp")); - &lea ("ebp",&DWP(128,"ebp")); - &dec ($key); - &jnz (&label("prefetch_te")); - &sub ("ebp",2048); - - &mov ($s2,$_len); + &set_label("prefetch_tbl",4); + &mov ($s0,&DWP(0,$tbl)); + &mov ($s1,&DWP(32,$tbl)); + &mov ($s2,&DWP(64,$tbl)); + &mov ($acc,&DWP(96,$tbl)); + &lea ($tbl,&DWP(128,$tbl)); + &sub ($key,1); + &jnz (&label("prefetch_tbl")); + &sub ($tbl,2048); + + &mov ($acc,$_inp); &mov ($key,$_ivp); - &test ($s2,0xFFFFFFF0); - &jz (&label("enc_tail")); # short input... + &cmp ($s3,0); + &je (&label("fast_decrypt")); + +#----------------------------- ENCRYPT -----------------------------# &mov ($s0,&DWP(0,$key)); # load iv &mov ($s1,&DWP(4,$key)); - &align (4); - &set_label("enc_loop"); + &set_label("fast_enc_loop",16); &mov ($s2,&DWP(8,$key)); &mov ($s3,&DWP(12,$key)); @@ -916,22 +2158,16 @@ my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds &mov (&DWP(8,$key),$s2); &mov (&DWP(12,$key),$s3); + &lea ($acc,&DWP(16,$acc)); # advance inp &mov ($s2,$_len); # load len - - &lea ($acc,&DWP(16,$acc)); &mov ($_inp,$acc); # save inp - - &lea ($s3,&DWP(16,$key)); + &lea ($s3,&DWP(16,$key)); # advance out &mov ($_out,$s3); # save out - - &sub ($s2,16); - &test ($s2,0xFFFFFFF0); + &sub ($s2,16); # decrease len &mov ($_len,$s2); # save len - &jnz (&label("enc_loop")); - &test ($s2,15); - &jnz (&label("enc_tail")); + &jnz (&label("fast_enc_loop")); &mov ($acc,$_ivp); # load ivp - &mov ($s2,&DWP(8,$key)); # restore last dwords + &mov ($s2,&DWP(8,$key)); # restore last 2 dwords &mov ($s3,&DWP(12,$key)); &mov (&DWP(0,$acc),$s0); # save ivec &mov (&DWP(4,$acc),$s1); @@ -949,125 +2185,20 @@ my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds &set_label("skip_ezero") &mov ("esp",$_esp); &popf (); - &set_label("enc_out"); + &set_label("drop_out"); &function_end_A(); &pushf (); # kludge, never executed - &align (4); - &set_label("enc_tail"); - &mov ($s0,$key eq "edi" ? $key : ""); - &mov ($key,$_out); # load out - &push ($s0); # push ivp - &mov ($s1,16); - &sub ($s1,$s2); - &cmp ($key,$acc); # compare with inp - &je (&label("enc_in_place")); - &align (4); - &data_word(0xA4F3F689); # rep movsb # copy input - &jmp (&label("enc_skip_in_place")); - &set_label("enc_in_place"); - &lea ($key,&DWP(0,$key,$s2)); - &set_label("enc_skip_in_place"); - &mov ($s2,$s1); - &xor ($s0,$s0); - &align (4); - &data_word(0xAAF3F689); # rep stosb # zero tail - &pop ($key); # pop ivp - - &mov ($acc,$_out); # output as input - &mov ($s0,&DWP(0,$key)); - &mov ($s1,&DWP(4,$key)); - &mov ($_len,16); # len=16 - &jmp (&label("enc_loop")); # one more spin... - #----------------------------- DECRYPT -----------------------------# -&align (4); -&set_label("DECRYPT"); - &lea ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); - - # allocate aligned stack frame... - &lea ($key,&DWP(-64-244,"esp")); - &and ($key,-64); - - # ... and make sure it doesn't alias with AES_Td modulo 4096 - &mov ($s0,"ebp"); - &lea ($s1,&DWP(2048+256,"ebp")); - &mov ($s3,$key); - &and ($s0,0xfff); # s = %ebp&0xfff - &and ($s1,0xfff); # e = (%ebp+2048+256)&0xfff - &and ($s3,0xfff); # p = %esp&0xfff - - &cmp ($s3,$s1); # if (p>=e) %esp =- (p-e); - &jb (&label("td_break_out")); - &sub ($s3,$s1); - &sub ($key,$s3); - &jmp (&label("td_ok")); - &set_label("td_break_out"); # else %esp -= (p-s)&0xfff + framesz; - &sub ($s3,$s0); - &and ($s3,0xfff); - &add ($s3,64+256); - &sub ($key,$s3); - &align (4); - &set_label("td_ok"); - - &mov ($s0,&wparam(0)); # load inp - &mov ($s1,&wparam(1)); # load out - &mov ($s3,&wparam(3)); # load key - &mov ($acc,&wparam(4)); # load ivp - - &exch ("esp",$key); - &add ("esp",4); # reserve for return address! - &mov ($_esp,$key); # save %esp - - &mov ($_inp,$s0); # save copy of inp - &mov ($_out,$s1); # save copy of out - &mov ($_len,$s2); # save copy of len - &mov ($_key,$s3); # save copy of key - &mov ($_ivp,$acc); # save copy of ivp - - &mov ($mark,0); # copy of aes_key->rounds = 0; - if ($compromise) { - &cmp ($s2,$compromise); - &jb (&label("skip_dcopy")); - } - # do we copy key schedule to stack? - &mov ($s1 eq "ebx" ? $s1 : "",$s3); - &mov ($s2 eq "ecx" ? $s2 : "",244/4); - &sub ($s1,"ebp"); - &mov ("esi",$s3); - &and ($s1,0xfff); - &lea ("edi",$aes_key); - &cmp ($s1,2048+256); - &jb (&label("do_dcopy")); - &cmp ($s1,4096-244); - &jb (&label("skip_dcopy")); - &align (4); - &set_label("do_dcopy"); - &mov ($_key,"edi"); - &data_word(0xA5F3F689); # rep movsd - &set_label("skip_dcopy"); - - &mov ($acc,$s0); - &mov ($key,18); - &align (4); - &set_label("prefetch_td"); - &mov ($s0,&DWP(0,"ebp")); - &mov ($s1,&DWP(32,"ebp")); - &mov ($s2,&DWP(64,"ebp")); - &mov ($s3,&DWP(96,"ebp")); - &lea ("ebp",&DWP(128,"ebp")); - &dec ($key); - &jnz (&label("prefetch_td")); - &sub ("ebp",2048+256); +&set_label("fast_decrypt",16); &cmp ($acc,$_out); - &je (&label("dec_in_place")); # in-place processing... + &je (&label("fast_dec_in_place")); # in-place processing... - &mov ($key,$_ivp); # load ivp &mov ($_tmp,$key); &align (4); - &set_label("dec_loop"); + &set_label("fast_dec_loop",16); &mov ($s0,&DWP(0,$acc)); # read input &mov ($s1,&DWP(4,$acc)); &mov ($s2,&DWP(8,$acc)); @@ -1083,27 +2214,24 @@ my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds &xor ($s2,&DWP(8,$key)); &xor ($s3,&DWP(12,$key)); - &sub ($acc,16); - &jc (&label("dec_partial")); - &mov ($_len,$acc); # save len - &mov ($acc,$_inp); # load inp &mov ($key,$_out); # load out + &mov ($acc,$_inp); # load inp &mov (&DWP(0,$key),$s0); # write output &mov (&DWP(4,$key),$s1); &mov (&DWP(8,$key),$s2); &mov (&DWP(12,$key),$s3); + &mov ($s2,$_len); # load len &mov ($_tmp,$acc); # save ivp - &lea ($acc,&DWP(16,$acc)); + &lea ($acc,&DWP(16,$acc)); # advance inp &mov ($_inp,$acc); # save inp - - &lea ($key,&DWP(16,$key)); + &lea ($key,&DWP(16,$key)); # advance out &mov ($_out,$key); # save out - - &jnz (&label("dec_loop")); + &sub ($s2,16); # decrease len + &mov ($_len,$s2); # save len + &jnz (&label("fast_dec_loop")); &mov ($key,$_tmp); # load temp ivp - &set_label("dec_end"); &mov ($acc,$_ivp); # load user ivp &mov ($s0,&DWP(0,$key)); # load iv &mov ($s1,&DWP(4,$key)); @@ -1113,31 +2241,16 @@ my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds &mov (&DWP(4,$acc),$s1); &mov (&DWP(8,$acc),$s2); &mov (&DWP(12,$acc),$s3); - &jmp (&label("dec_out")); + &jmp (&label("fast_dec_out")); - &align (4); - &set_label("dec_partial"); - &lea ($key,$ivec); - &mov (&DWP(0,$key),$s0); # dump output to stack - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - &lea ($s2 eq "ecx" ? $s2 : "",&DWP(16,$acc)); - &mov ($acc eq "esi" ? $acc : "",$key); - &mov ($key eq "edi" ? $key : "",$_out); # load out - &data_word(0xA4F3F689); # rep movsb # copy output - &mov ($key,$_inp); # use inp as temp ivp - &jmp (&label("dec_end")); - - &align (4); - &set_label("dec_in_place"); - &set_label("dec_in_place_loop"); - &lea ($key,$ivec); + &set_label("fast_dec_in_place",16); + &set_label("fast_dec_in_place_loop"); &mov ($s0,&DWP(0,$acc)); # read input &mov ($s1,&DWP(4,$acc)); &mov ($s2,&DWP(8,$acc)); &mov ($s3,&DWP(12,$acc)); + &lea ($key,$ivec); &mov (&DWP(0,$key),$s0); # copy to temp &mov (&DWP(4,$key),$s1); &mov (&DWP(8,$key),$s2); @@ -1158,7 +2271,7 @@ my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds &mov (&DWP(8,$acc),$s2); &mov (&DWP(12,$acc),$s3); - &lea ($acc,&DWP(16,$acc)); + &lea ($acc,&DWP(16,$acc)); # advance out &mov ($_out,$acc); # save out &lea ($acc,$ivec); @@ -1173,40 +2286,340 @@ my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds &mov (&DWP(12,$key),$s3); &mov ($acc,$_inp); # load inp + &mov ($s2,$_len); # load len + &lea ($acc,&DWP(16,$acc)); # advance inp + &mov ($_inp,$acc); # save inp + &sub ($s2,16); # decrease len + &mov ($_len,$s2); # save len + &jnz (&label("fast_dec_in_place_loop")); + + &set_label("fast_dec_out",4); + &cmp ($mark,0); # was the key schedule copied? + &mov ("edi",$_key); + &je (&label("skip_dzero")); + # zero copy of key schedule + &mov ("ecx",240/4); + &xor ("eax","eax"); + &align (4); + &data_word(0xABF3F689); # rep stosd + &set_label("skip_dzero") + &mov ("esp",$_esp); + &popf (); + &function_end_A(); + &pushf (); # kludge, never executed + +#--------------------------- SLOW ROUTINE ---------------------------# +&set_label("slow_way",16); + + &mov ($s0,&DWP(0,$s0)) if (!$x86only);# load OPENSSL_ia32cap + &mov ($key,&wparam(3)); # load key + + # pre-allocate aligned stack frame... + &lea ($acc,&DWP(-80,"esp")); + &and ($acc,-64); + + # ... and make sure it doesn't alias with $key modulo 1024 + &lea ($s1,&DWP(-80-63,$key)); + &sub ($s1,$acc); + &neg ($s1); + &and ($s1,0x3C0); # modulo 1024, but aligned to cache-line + &sub ($acc,$s1); + + # pick S-box copy which can't overlap with stack frame or $key + &lea ($s1,&DWP(768,$acc)); + &sub ($s1,$tbl); + &and ($s1,0x300); + &lea ($tbl,&DWP(2048+128,$tbl,$s1)); + + &lea ($s3,&wparam(0)); # pointer to parameter block + + &exch ("esp",$acc); + &add ("esp",4); # reserve for return address! + &mov ($_tbl,$tbl); # save %ebp + &mov ($_esp,$acc); # save %esp + &mov ($_tmp,$s0); # save OPENSSL_ia32cap + + &mov ($s0,&DWP(0,$s3)); # load inp + &mov ($s1,&DWP(4,$s3)); # load out + #&mov ($s2,&DWP(8,$s3)); # load len + #&mov ($key,&DWP(12,$s3)); # load key + &mov ($acc,&DWP(16,$s3)); # load ivp + &mov ($s3,&DWP(20,$s3)); # load enc flag + + &mov ($_inp,$s0); # save copy of inp + &mov ($_out,$s1); # save copy of out + &mov ($_len,$s2); # save copy of len + &mov ($_key,$key); # save copy of key + &mov ($_ivp,$acc); # save copy of ivp + + &mov ($key,$acc); + &mov ($acc,$s0); + + &cmp ($s3,0); + &je (&label("slow_decrypt")); + +#--------------------------- SLOW ENCRYPT ---------------------------# + &cmp ($s2,16); + &mov ($s3,$s1); + &jb (&label("slow_enc_tail")); - &lea ($acc,&DWP(16,$acc)); + if (!$x86only) { + &bt ($_tmp,25); # check for SSE bit + &jnc (&label("slow_enc_x86")); + + &movq ("mm0",&QWP(0,$key)); # load iv + &movq ("mm4",&QWP(8,$key)); + + &set_label("slow_enc_loop_sse",16); + &pxor ("mm0",&QWP(0,$acc)); # xor input data + &pxor ("mm4",&QWP(8,$acc)); + + &mov ($key,$_key); + &call ("_sse_AES_encrypt_compact"); + + &mov ($acc,$_inp); # load inp + &mov ($key,$_out); # load out + &mov ($s2,$_len); # load len + + &movq (&QWP(0,$key),"mm0"); # save output data + &movq (&QWP(8,$key),"mm4"); + + &lea ($acc,&DWP(16,$acc)); # advance inp &mov ($_inp,$acc); # save inp + &lea ($s3,&DWP(16,$key)); # advance out + &mov ($_out,$s3); # save out + &sub ($s2,16); # decrease len + &cmp ($s2,16); + &mov ($_len,$s2); # save len + &jae (&label("slow_enc_loop_sse")); + &test ($s2,15); + &jnz (&label("slow_enc_tail")); + &mov ($acc,$_ivp); # load ivp + &movq (&QWP(0,$acc),"mm0"); # save ivec + &movq (&QWP(8,$acc),"mm4"); + &emms (); + &mov ("esp",$_esp); + &popf (); + &function_end_A(); + &pushf (); # kludge, never executed + } + &set_label("slow_enc_x86",16); + &mov ($s0,&DWP(0,$key)); # load iv + &mov ($s1,&DWP(4,$key)); + + &set_label("slow_enc_loop_x86",4); + &mov ($s2,&DWP(8,$key)); + &mov ($s3,&DWP(12,$key)); + + &xor ($s0,&DWP(0,$acc)); # xor input data + &xor ($s1,&DWP(4,$acc)); + &xor ($s2,&DWP(8,$acc)); + &xor ($s3,&DWP(12,$acc)); + + &mov ($key,$_key); # load key + &call ("_x86_AES_encrypt_compact"); + + &mov ($acc,$_inp); # load inp + &mov ($key,$_out); # load out + + &mov (&DWP(0,$key),$s0); # save output data + &mov (&DWP(4,$key),$s1); + &mov (&DWP(8,$key),$s2); + &mov (&DWP(12,$key),$s3); &mov ($s2,$_len); # load len - &sub ($s2,16); - &jc (&label("dec_in_place_partial")); + &lea ($acc,&DWP(16,$acc)); # advance inp + &mov ($_inp,$acc); # save inp + &lea ($s3,&DWP(16,$key)); # advance out + &mov ($_out,$s3); # save out + &sub ($s2,16); # decrease len + &cmp ($s2,16); &mov ($_len,$s2); # save len - &jnz (&label("dec_in_place_loop")); - &jmp (&label("dec_out")); - - &align (4); - &set_label("dec_in_place_partial"); - # one can argue if this is actually required... - &mov ($key eq "edi" ? $key : "",$_out); - &lea ($acc eq "esi" ? $acc : "",$ivec); + &jae (&label("slow_enc_loop_x86")); + &test ($s2,15); + &jnz (&label("slow_enc_tail")); + &mov ($acc,$_ivp); # load ivp + &mov ($s2,&DWP(8,$key)); # restore last dwords + &mov ($s3,&DWP(12,$key)); + &mov (&DWP(0,$acc),$s0); # save ivec + &mov (&DWP(4,$acc),$s1); + &mov (&DWP(8,$acc),$s2); + &mov (&DWP(12,$acc),$s3); + + &mov ("esp",$_esp); + &popf (); + &function_end_A(); + &pushf (); # kludge, never executed + + &set_label("slow_enc_tail",16); + &emms () if (!$x86only); + &mov ($key eq "edi"? $key:"",$s3); # load out to edi + &mov ($s1,16); + &sub ($s1,$s2); + &cmp ($key,$acc eq "esi"? $acc:""); # compare with inp + &je (&label("enc_in_place")); + &align (4); + &data_word(0xA4F3F689); # rep movsb # copy input + &jmp (&label("enc_skip_in_place")); + &set_label("enc_in_place"); &lea ($key,&DWP(0,$key,$s2)); - &lea ($acc,&DWP(16,$acc,$s2)); - &neg ($s2 eq "ecx" ? $s2 : ""); - &data_word(0xA4F3F689); # rep movsb # restore tail - - &align (4); - &set_label("dec_out"); - &cmp ($mark,0); # was the key schedule copied? - &mov ("edi",$_key); - &je (&label("skip_dzero")); - # zero copy of key schedule - &mov ("ecx",240/4); - &xor ("eax","eax"); - &align (4); - &data_word(0xABF3F689); # rep stosd - &set_label("skip_dzero") - &mov ("esp",$_esp); - &popf (); + &set_label("enc_skip_in_place"); + &mov ($s2,$s1); + &xor ($s0,$s0); + &align (4); + &data_word(0xAAF3F689); # rep stosb # zero tail + + &mov ($key,$_ivp); # restore ivp + &mov ($acc,$s3); # output as input + &mov ($s0,&DWP(0,$key)); + &mov ($s1,&DWP(4,$key)); + &mov ($_len,16); # len=16 + &jmp (&label("slow_enc_loop_x86")); # one more spin... + +#--------------------------- SLOW DECRYPT ---------------------------# +&set_label("slow_decrypt",16); + if (!$x86only) { + &bt ($_tmp,25); # check for SSE bit + &jnc (&label("slow_dec_loop_x86")); + + &set_label("slow_dec_loop_sse",4); + &movq ("mm0",&QWP(0,$acc)); # read input + &movq ("mm4",&QWP(8,$acc)); + + &mov ($key,$_key); + &call ("_sse_AES_decrypt_compact"); + + &mov ($acc,$_inp); # load inp + &lea ($s0,$ivec); + &mov ($s1,$_out); # load out + &mov ($s2,$_len); # load len + &mov ($key,$_ivp); # load ivp + + &movq ("mm1",&QWP(0,$acc)); # re-read input + &movq ("mm5",&QWP(8,$acc)); + + &pxor ("mm0",&QWP(0,$key)); # xor iv + &pxor ("mm4",&QWP(8,$key)); + + &movq (&QWP(0,$key),"mm1"); # copy input to iv + &movq (&QWP(8,$key),"mm5"); + + &sub ($s2,16); # decrease len + &jc (&label("slow_dec_partial_sse")); + + &movq (&QWP(0,$s1),"mm0"); # write output + &movq (&QWP(8,$s1),"mm4"); + + &lea ($s1,&DWP(16,$s1)); # advance out + &mov ($_out,$s1); # save out + &lea ($acc,&DWP(16,$acc)); # advance inp + &mov ($_inp,$acc); # save inp + &mov ($_len,$s2); # save len + &jnz (&label("slow_dec_loop_sse")); + &emms (); + &mov ("esp",$_esp); + &popf (); + &function_end_A(); + &pushf (); # kludge, never executed + + &set_label("slow_dec_partial_sse",16); + &movq (&QWP(0,$s0),"mm0"); # save output to temp + &movq (&QWP(8,$s0),"mm4"); + &emms (); + + &add ($s2 eq "ecx" ? "ecx":"",16); + &mov ("edi",$s1); # out + &mov ("esi",$s0); # temp + &align (4); + &data_word(0xA4F3F689); # rep movsb # copy partial output + + &mov ("esp",$_esp); + &popf (); + &function_end_A(); + &pushf (); # kludge, never executed + } + &set_label("slow_dec_loop_x86",16); + &mov ($s0,&DWP(0,$acc)); # read input + &mov ($s1,&DWP(4,$acc)); + &mov ($s2,&DWP(8,$acc)); + &mov ($s3,&DWP(12,$acc)); + + &lea ($key,$ivec); + &mov (&DWP(0,$key),$s0); # copy to temp + &mov (&DWP(4,$key),$s1); + &mov (&DWP(8,$key),$s2); + &mov (&DWP(12,$key),$s3); + + &mov ($key,$_key); # load key + &call ("_x86_AES_decrypt_compact"); + + &mov ($key,$_ivp); # load ivp + &mov ($acc,$_len); # load len + &xor ($s0,&DWP(0,$key)); # xor iv + &xor ($s1,&DWP(4,$key)); + &xor ($s2,&DWP(8,$key)); + &xor ($s3,&DWP(12,$key)); + + &sub ($acc,16); + &jc (&label("slow_dec_partial_x86")); + + &mov ($_len,$acc); # save len + &mov ($acc,$_out); # load out + + &mov (&DWP(0,$acc),$s0); # write output + &mov (&DWP(4,$acc),$s1); + &mov (&DWP(8,$acc),$s2); + &mov (&DWP(12,$acc),$s3); + + &lea ($acc,&DWP(16,$acc)); # advance out + &mov ($_out,$acc); # save out + + &lea ($acc,$ivec); + &mov ($s0,&DWP(0,$acc)); # read temp + &mov ($s1,&DWP(4,$acc)); + &mov ($s2,&DWP(8,$acc)); + &mov ($s3,&DWP(12,$acc)); + + &mov (&DWP(0,$key),$s0); # copy it to iv + &mov (&DWP(4,$key),$s1); + &mov (&DWP(8,$key),$s2); + &mov (&DWP(12,$key),$s3); + + &mov ($acc,$_inp); # load inp + &lea ($acc,&DWP(16,$acc)); # advance inp + &mov ($_inp,$acc); # save inp + &jnz (&label("slow_dec_loop_x86")); + &mov ("esp",$_esp); + &popf (); + &function_end_A(); + &pushf (); # kludge, never executed + + &set_label("slow_dec_partial_x86",16); + &lea ($acc,$ivec); + &mov (&DWP(0,$acc),$s0); # save output to temp + &mov (&DWP(4,$acc),$s1); + &mov (&DWP(8,$acc),$s2); + &mov (&DWP(12,$acc),$s3); + + &mov ($acc,$_inp); + &mov ($s0,&DWP(0,$acc)); # re-read input + &mov ($s1,&DWP(4,$acc)); + &mov ($s2,&DWP(8,$acc)); + &mov ($s3,&DWP(12,$acc)); + + &mov (&DWP(0,$key),$s0); # copy it to iv + &mov (&DWP(4,$key),$s1); + &mov (&DWP(8,$key),$s2); + &mov (&DWP(12,$key),$s3); + + &mov ("ecx",$_len); + &mov ("edi",$_out); + &lea ("esi",$ivec); + &align (4); + &data_word(0xA4F3F689); # rep movsb # copy partial output + + &mov ("esp",$_esp); + &popf (); &function_end("AES_cbc_encrypt"); } @@ -1215,35 +2628,31 @@ my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds sub enckey() { &movz ("esi",&LB("edx")); # rk[i]>>0 - &mov ("ebx",&DWP(2,"ebp","esi",8)); + &movz ("ebx",&BP(-128,$tbl,"esi",1)); &movz ("esi",&HB("edx")); # rk[i]>>8 - &and ("ebx",0xFF000000); + &shl ("ebx",24); &xor ("eax","ebx"); - &mov ("ebx",&DWP(2,"ebp","esi",8)); + &movz ("ebx",&BP(-128,$tbl,"esi",1)); &shr ("edx",16); - &and ("ebx",0x000000FF); &movz ("esi",&LB("edx")); # rk[i]>>16 &xor ("eax","ebx"); - &mov ("ebx",&DWP(0,"ebp","esi",8)); + &movz ("ebx",&BP(-128,$tbl,"esi",1)); &movz ("esi",&HB("edx")); # rk[i]>>24 - &and ("ebx",0x0000FF00); + &shl ("ebx",8); &xor ("eax","ebx"); - &mov ("ebx",&DWP(0,"ebp","esi",8)); - &and ("ebx",0x00FF0000); + &movz ("ebx",&BP(-128,$tbl,"esi",1)); + &shl ("ebx",16); &xor ("eax","ebx"); - &xor ("eax",&DWP(2048,"ebp","ecx",4)); # rcon + &xor ("eax",&DWP(1024-128,$tbl,"ecx",4)); # rcon } -# int AES_set_encrypt_key(const unsigned char *userKey, const int bits, -# AES_KEY *key) -&public_label("AES_Te"); -&function_begin("AES_set_encrypt_key", "", "_x86_AES_set_encrypt_key"); - &mov ("esi",&wparam(0)); # user supplied key - &mov ("edi",&wparam(2)); # private key schedule +&function_begin("_x86_AES_set_encrypt_key"); + &mov ("esi",&wparam(1)); # user supplied key + &mov ("edi",&wparam(3)); # private key schedule &test ("esi",-1); &jz (&label("badpointer")); @@ -1252,10 +2661,21 @@ sub enckey() &call (&label("pic_point")); &set_label("pic_point"); - &blindpop("ebp"); - &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); - - &mov ("ecx",&wparam(1)); # number of bits in key + &blindpop($tbl); + &lea ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl)); + &lea ($tbl,&DWP(2048+128,$tbl)); + + # prefetch Te4 + &mov ("eax",&DWP(0-128,$tbl)); + &mov ("ebx",&DWP(32-128,$tbl)); + &mov ("ecx",&DWP(64-128,$tbl)); + &mov ("edx",&DWP(96-128,$tbl)); + &mov ("eax",&DWP(128-128,$tbl)); + &mov ("ebx",&DWP(160-128,$tbl)); + &mov ("ecx",&DWP(192-128,$tbl)); + &mov ("edx",&DWP(224-128,$tbl)); + + &mov ("ecx",&wparam(2)); # number of bits in key &cmp ("ecx",128); &je (&label("10rounds")); &cmp ("ecx",192); @@ -1394,24 +2814,23 @@ sub enckey() &mov ("edx","eax"); &mov ("eax",&DWP(16,"edi")); # rk[4] &movz ("esi",&LB("edx")); # rk[11]>>0 - &mov ("ebx",&DWP(2,"ebp","esi",8)); + &movz ("ebx",&BP(-128,$tbl,"esi",1)); &movz ("esi",&HB("edx")); # rk[11]>>8 - &and ("ebx",0x000000FF); &xor ("eax","ebx"); - &mov ("ebx",&DWP(0,"ebp","esi",8)); + &movz ("ebx",&BP(-128,$tbl,"esi",1)); &shr ("edx",16); - &and ("ebx",0x0000FF00); + &shl ("ebx",8); &movz ("esi",&LB("edx")); # rk[11]>>16 &xor ("eax","ebx"); - &mov ("ebx",&DWP(0,"ebp","esi",8)); + &movz ("ebx",&BP(-128,$tbl,"esi",1)); &movz ("esi",&HB("edx")); # rk[11]>>24 - &and ("ebx",0x00FF0000); + &shl ("ebx",16); &xor ("eax","ebx"); - &mov ("ebx",&DWP(2,"ebp","esi",8)); - &and ("ebx",0xFF000000); + &movz ("ebx",&BP(-128,$tbl,"esi",1)); + &shl ("ebx",24); &xor ("eax","ebx"); &mov (&DWP(48,"edi"),"eax"); # rk[12] @@ -1433,43 +2852,74 @@ sub enckey() &set_label("badpointer"); &mov ("eax",-1); &set_label("exit"); -&function_end("AES_set_encrypt_key"); +&function_end("_x86_AES_set_encrypt_key"); -sub deckey() -{ my ($i,$ptr,$te,$td) = @_; +# int AES_set_encrypt_key(const unsigned char *userKey, const int bits, +# AES_KEY *key) +&function_begin_B("AES_set_encrypt_key"); + &call ("_x86_AES_set_encrypt_key"); + &ret (); +&function_end_B("AES_set_encrypt_key"); - &mov ("eax",&DWP($i,$ptr)); - &mov ("edx","eax"); - &movz ("ebx",&HB("eax")); - &shr ("edx",16); - &and ("eax",0xFF); - &movz ("eax",&BP(2,$te,"eax",8)); - &movz ("ebx",&BP(2,$te,"ebx",8)); - &mov ("eax",&DWP(0,$td,"eax",8)); - &xor ("eax",&DWP(3,$td,"ebx",8)); - &movz ("ebx",&HB("edx")); - &and ("edx",0xFF); - &movz ("edx",&BP(2,$te,"edx",8)); - &movz ("ebx",&BP(2,$te,"ebx",8)); - &xor ("eax",&DWP(2,$td,"edx",8)); - &xor ("eax",&DWP(1,$td,"ebx",8)); - &mov (&DWP($i,$ptr),"eax"); +sub deckey() +{ my ($i,$key,$tp1,$tp2,$tp4,$tp8) = @_; + my $tmp = $tbl; + + &mov ($acc,$tp1); + &and ($acc,0x80808080); + &mov ($tmp,$acc); + &shr ($tmp,7); + &lea ($tp2,&DWP(0,$tp1,$tp1)); + &sub ($acc,$tmp); + &and ($tp2,0xfefefefe); + &and ($acc,0x1b1b1b1b); + &xor ($acc,$tp2); + &mov ($tp2,$acc); + + &and ($acc,0x80808080); + &mov ($tmp,$acc); + &shr ($tmp,7); + &lea ($tp4,&DWP(0,$tp2,$tp2)); + &sub ($acc,$tmp); + &and ($tp4,0xfefefefe); + &and ($acc,0x1b1b1b1b); + &xor ($tp2,$tp1); # tp2^tp1 + &xor ($acc,$tp4); + &mov ($tp4,$acc); + + &and ($acc,0x80808080); + &mov ($tmp,$acc); + &shr ($tmp,7); + &lea ($tp8,&DWP(0,$tp4,$tp4)); + &xor ($tp4,$tp1); # tp4^tp1 + &sub ($acc,$tmp); + &and ($tp8,0xfefefefe); + &and ($acc,0x1b1b1b1b); + &rotl ($tp1,8); # = ROTATE(tp1,8) + &xor ($tp8,$acc); + + &mov ($tmp,&DWP(4*($i+1),$key)); # modulo-scheduled load + + &xor ($tp1,$tp2); + &xor ($tp2,$tp8); + &xor ($tp1,$tp4); + &rotl ($tp2,24); + &xor ($tp4,$tp8); + &xor ($tp1,$tp8); # ^= tp8^(tp4^tp1)^(tp2^tp1) + &rotl ($tp4,16); + &xor ($tp1,$tp2); # ^= ROTATE(tp8^tp2^tp1,24) + &rotl ($tp8,8); + &xor ($tp1,$tp4); # ^= ROTATE(tp8^tp4^tp1,16) + &mov ($tp2,$tmp); + &xor ($tp1,$tp8); # ^= ROTATE(tp8,8) + + &mov (&DWP(4*$i,$key),$tp1); } # int AES_set_decrypt_key(const unsigned char *userKey, const int bits, # AES_KEY *key) -&public_label("AES_Td"); -&public_label("AES_Te"); &function_begin_B("AES_set_decrypt_key"); - &mov ("eax",&wparam(0)); - &mov ("ecx",&wparam(1)); - &mov ("edx",&wparam(2)); - &sub ("esp",12); - &mov (&DWP(0,"esp"),"eax"); - &mov (&DWP(4,"esp"),"ecx"); - &mov (&DWP(8,"esp"),"edx"); &call ("_x86_AES_set_encrypt_key"); - &add ("esp",12); &cmp ("eax",0); &je (&label("proceed")); &ret (); @@ -1485,8 +2935,7 @@ sub deckey() &lea ("ecx",&DWP(0,"","ecx",4)); &lea ("edi",&DWP(0,"esi","ecx",4)); # pointer to last chunk - &align (4); - &set_label("invert"); # invert order of chunks + &set_label("invert",4); # invert order of chunks &mov ("eax",&DWP(0,"esi")); &mov ("ebx",&DWP(4,"esi")); &mov ("ecx",&DWP(0,"edi")); @@ -1508,26 +2957,24 @@ sub deckey() &cmp ("esi","edi"); &jne (&label("invert")); - &call (&label("pic_point")); - &set_label("pic_point"); - blindpop("ebp"); - &lea ("edi",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); - &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); - - &mov ("esi",&wparam(2)); - &mov ("ecx",&DWP(240,"esi")); # pull number of rounds - &dec ("ecx"); - &align (4); - &set_label("permute"); # permute the key schedule - &add ("esi",16); - &deckey (0,"esi","ebp","edi"); - &deckey (4,"esi","ebp","edi"); - &deckey (8,"esi","ebp","edi"); - &deckey (12,"esi","ebp","edi"); - &dec ("ecx"); - &jnz (&label("permute")); + &mov ($key,&wparam(2)); + &mov ($acc,&DWP(240,$key)); # pull number of rounds + &lea ($acc,&DWP(-2,$acc,$acc)); + &lea ($acc,&DWP(0,$key,$acc,8)); + &mov (&wparam(2),$acc); + + &mov ($s0,&DWP(16,$key)); # modulo-scheduled load + &set_label("permute",4); # permute the key schedule + &add ($key,16); + &deckey (0,$key,$s0,$s1,$s2,$s3); + &deckey (1,$key,$s1,$s2,$s3,$s0); + &deckey (2,$key,$s2,$s3,$s0,$s1); + &deckey (3,$key,$s3,$s0,$s1,$s2); + &cmp ($key,&wparam(2)); + &jb (&label("permute")); &xor ("eax","eax"); # return success &function_end("AES_set_decrypt_key"); +&asciz("AES for x86, CRYPTOGAMS by "); &asm_finish(); diff --git a/src/lib/libcrypto/aes/asm/aes-x86_64.pl b/src/lib/libcrypto/aes/asm/aes-x86_64.pl index a545e892ae..53e4ef85fd 100755 --- a/src/lib/libcrypto/aes/asm/aes-x86_64.pl +++ b/src/lib/libcrypto/aes/asm/aes-x86_64.pl @@ -1669,7 +1669,7 @@ AES_cbc_encrypt: lea .LAES_Td(%rip),$sbox .Lcbc_picked_te: - mov OPENSSL_ia32cap_P(%rip),%r10d + mov PIC_GOT(OPENSSL_ia32cap_P),%r10d cmp \$$speed_limit,%rdx jb .Lcbc_slow_prologue test \$15,%rdx diff --git a/src/lib/libcrypto/asn1/Makefile.ssl b/src/lib/libcrypto/asn1/Makefile.ssl deleted file mode 100644 index cb45194d48..0000000000 --- a/src/lib/libcrypto/asn1/Makefile.ssl +++ /dev/null @@ -1,1152 +0,0 @@ -# -# SSLeay/crypto/asn1/Makefile -# - -DIR= asn1 -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile README -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ - a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \ - a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \ - x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \ - x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \ - d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\ - t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \ - tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \ - f_int.c f_string.c n_pkey.c \ - f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \ - asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \ - evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c -LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ - a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \ - a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \ - x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \ - x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \ - d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \ - t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \ - tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \ - f_int.o f_string.o n_pkey.o \ - f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \ - asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \ - evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o - -SRC= $(LIBSRC) - -EXHEADER= asn1.h asn1_mac.h asn1t.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -test: test.c - cc -g -I../../include -c test.c - cc -g -I../../include -o test test.o -L../.. -lcrypto - -pk: pk.c - cc -g -I../../include -c pk.c - cc -g -I../../include -o pk pk.o -L../.. -lcrypto - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h -a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_bitstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_bitstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_bitstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c -a_bool.o: ../../e_os.h ../../include/openssl/asn1.h -a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_bool.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_bool.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_bool.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_bool.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_bool.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_bool.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_bool.o: ../cryptlib.h a_bool.c -a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h -a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_bytes.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_bytes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_bytes.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_bytes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_bytes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_bytes.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bytes.c -a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h -a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_d2i_fp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_d2i_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_d2i_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_d2i_fp.o: ../../include/openssl/opensslconf.h -a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c -a_digest.o: ../../e_os.h ../../include/openssl/aes.h -a_digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -a_digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -a_digest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -a_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -a_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h -a_digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -a_digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -a_digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -a_digest.o: ../../include/openssl/opensslconf.h -a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -a_digest.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -a_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -a_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_digest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -a_digest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -a_digest.o: ../cryptlib.h a_digest.c -a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_dup.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_dup.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_dup.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_dup.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_dup.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_dup.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_dup.o: ../cryptlib.h a_dup.c -a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_enum.o: ../cryptlib.h a_enum.c -a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h -a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_gentm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_gentm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_gentm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_gentm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_gentm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_gentm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_gentm.c -a_hdr.o: ../../e_os.h ../../include/openssl/asn1.h -a_hdr.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_hdr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_hdr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_hdr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_hdr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_hdr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_hdr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_hdr.o: ../cryptlib.h a_hdr.c -a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h -a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_i2d_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_i2d_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_i2d_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c -a_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_int.o: ../cryptlib.h a_int.c -a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h -a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_mbstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_mbstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_mbstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_mbstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_mbstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_mbstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_mbstr.c -a_meth.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_meth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_meth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_meth.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_meth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_meth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_meth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_meth.o: ../cryptlib.h a_meth.c -a_object.o: ../../e_os.h ../../include/openssl/asn1.h -a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_object.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_object.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -a_object.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c -a_octet.o: ../../e_os.h ../../include/openssl/asn1.h -a_octet.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_octet.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_octet.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_octet.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_octet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_octet.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_octet.o: ../../include/openssl/symhacks.h ../cryptlib.h a_octet.c -a_print.o: ../../e_os.h ../../include/openssl/asn1.h -a_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_print.o: ../../include/openssl/symhacks.h ../cryptlib.h a_print.c -a_set.o: ../../e_os.h ../../include/openssl/asn1.h -a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_set.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_set.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_set.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_set.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_set.o: ../cryptlib.h a_set.c -a_sign.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -a_sign.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_sign.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -a_sign.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -a_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -a_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -a_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -a_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -a_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -a_sign.o: ../cryptlib.h a_sign.c -a_strex.o: ../../e_os.h ../../include/openssl/aes.h -a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -a_strex.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h -a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -a_strex.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -a_strex.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h -a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h -a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_strnid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_strnid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -a_strnid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c -a_time.o: ../../e_os.h ../../include/openssl/asn1.h -a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_time.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_time.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_time.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_time.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_time.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_time.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_time.o: ../cryptlib.h ../o_time.h a_time.c -a_type.o: ../../e_os.h ../../include/openssl/asn1.h -a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_type.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_type.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_type.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_type.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_type.o: ../cryptlib.h a_type.c -a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h -a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_utctm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_utctm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_utctm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_utctm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_utctm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_utctm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_utctm.c -a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_utf8.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_utf8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_utf8.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_utf8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_utf8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_utf8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_utf8.o: ../cryptlib.h a_utf8.c -a_verify.o: ../../e_os.h ../../include/openssl/aes.h -a_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -a_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -a_verify.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -a_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h -a_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -a_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -a_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -a_verify.o: ../../include/openssl/opensslconf.h -a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -a_verify.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_verify.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -a_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -a_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_verify.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -a_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -a_verify.o: ../cryptlib.h a_verify.c -asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -asn1_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -asn1_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -asn1_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c -asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h -asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -asn1_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -asn1_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -asn1_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -asn1_lib.o: ../../include/openssl/opensslconf.h -asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c -asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h -asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -asn1_par.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -asn1_par.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -asn1_par.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -asn1_par.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c -asn_moid.o: ../../e_os.h ../../include/openssl/aes.h -asn_moid.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -asn_moid.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -asn_moid.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -asn_moid.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -asn_moid.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -asn_moid.o: ../../include/openssl/err.h ../../include/openssl/evp.h -asn_moid.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -asn_moid.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -asn_moid.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -asn_moid.o: ../../include/openssl/opensslconf.h -asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -asn_moid.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -asn_moid.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -asn_moid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -asn_moid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -asn_moid.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -asn_moid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -asn_moid.o: ../cryptlib.h asn_moid.c -asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h -asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -asn_pack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -asn_pack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -asn_pack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c -d2i_pr.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -d2i_pr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -d2i_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -d2i_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -d2i_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -d2i_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -d2i_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -d2i_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -d2i_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pr.c -d2i_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -d2i_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -d2i_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -d2i_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -d2i_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -d2i_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -d2i_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -d2i_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -d2i_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -d2i_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pu.c -evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h -evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -evp_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -evp_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -evp_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -evp_asn1.o: ../../include/openssl/opensslconf.h -evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c -f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -f_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -f_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -f_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -f_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -f_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -f_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -f_enum.o: ../cryptlib.h f_enum.c -f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -f_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -f_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -f_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -f_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -f_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -f_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -f_int.o: ../cryptlib.h f_int.c -f_string.o: ../../e_os.h ../../include/openssl/asn1.h -f_string.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -f_string.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -f_string.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -f_string.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c -i2d_pr.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -i2d_pr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -i2d_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -i2d_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -i2d_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -i2d_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -i2d_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -i2d_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -i2d_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -i2d_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pr.c -i2d_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -i2d_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -i2d_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -i2d_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -i2d_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -i2d_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -i2d_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -i2d_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -i2d_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -i2d_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pu.c -n_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h -n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -n_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -n_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -n_pkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -n_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -n_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -n_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -n_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -n_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -n_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -n_pkey.o: ../cryptlib.h n_pkey.c -nsseq.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -nsseq.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -nsseq.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -nsseq.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -nsseq.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -nsseq.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -nsseq.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -nsseq.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -nsseq.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -nsseq.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -nsseq.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -nsseq.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c -p5_pbe.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -p5_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p5_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p5_pbe.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p5_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p5_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p5_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -p5_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p5_pbe.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p5_pbe.o: ../cryptlib.h p5_pbe.c -p5_pbev2.o: ../../e_os.h ../../include/openssl/aes.h -p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p5_pbev2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p5_pbev2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p5_pbev2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p5_pbev2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p5_pbev2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p5_pbev2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p5_pbev2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p5_pbev2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p5_pbev2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_pbev2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_pbev2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p5_pbev2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p5_pbev2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbev2.c -p8_pkey.o: ../../e_os.h ../../include/openssl/aes.h -p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p8_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p8_pkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p8_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p8_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p8_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p8_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p8_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p8_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p8_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p8_pkey.o: ../cryptlib.h p8_pkey.c -t_bitst.o: ../../e_os.h ../../include/openssl/aes.h -t_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -t_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -t_bitst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -t_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -t_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -t_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -t_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -t_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -t_bitst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c -t_crl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_crl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_crl.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -t_crl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_crl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -t_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -t_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_crl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_crl.o: ../cryptlib.h t_crl.c -t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h -t_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -t_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h t_pkey.c -t_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_req.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -t_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_req.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_req.o: ../cryptlib.h t_req.c -t_spki.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -t_spki.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -t_spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -t_spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -t_spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -t_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -t_spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -t_spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -t_spki.o: ../cryptlib.h t_spki.c -t_x509.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_x509.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_x509.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -t_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_x509.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_x509.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_x509.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_x509.o: ../cryptlib.h t_x509.c -t_x509a.o: ../../e_os.h ../../include/openssl/aes.h -t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_x509a.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_x509a.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -t_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_x509a.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_x509a.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_x509a.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_x509a.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c -tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -tasn_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -tasn_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -tasn_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c -tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_enc.o: ../../include/openssl/opensslconf.h -tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_enc.o: ../../include/openssl/symhacks.h tasn_enc.c -tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_fre.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_fre.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_fre.o: ../../include/openssl/opensslconf.h -tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c -tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_new.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_new.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -tasn_new.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_new.o: ../../include/openssl/opensslconf.h -tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c -tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_typ.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_typ.o: ../../include/openssl/opensslconf.h -tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c -tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_utl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -tasn_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_utl.o: ../../include/openssl/opensslconf.h -tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c -x_algor.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_algor.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_algor.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_algor.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_algor.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_algor.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_algor.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_algor.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_algor.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_algor.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_algor.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_algor.o: x_algor.c -x_attrib.o: ../../e_os.h ../../include/openssl/aes.h -x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_attrib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_attrib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_attrib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_attrib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_attrib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_attrib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_attrib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_attrib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_attrib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_attrib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_attrib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_attrib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_attrib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_attrib.o: ../cryptlib.h x_attrib.c -x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h -x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_bignum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -x_bignum.o: ../../include/openssl/opensslconf.h -x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c -x_crl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_crl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_crl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_crl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_crl.c -x_exten.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_exten.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_exten.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_exten.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_exten.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_exten.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_exten.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_exten.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_exten.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_exten.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_exten.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_exten.o: x_exten.c -x_info.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_info.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_info.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_info.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_info.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_info.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_info.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_info.o: ../cryptlib.h x_info.c -x_long.o: ../../e_os.h ../../include/openssl/asn1.h -x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_long.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_long.o: ../cryptlib.h x_long.c -x_name.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_name.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_name.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_name.c -x_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -x_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_pkey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c -x_pubkey.o: ../../e_os.h ../../include/openssl/aes.h -x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_pubkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_pubkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_pubkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_pubkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_pubkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_pubkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_pubkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_pubkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_pubkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_pubkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_pubkey.o: ../cryptlib.h x_pubkey.c -x_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_req.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_req.c -x_sig.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_sig.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_sig.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_sig.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_sig.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_sig.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_sig.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_sig.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_sig.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_sig.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_sig.c -x_spki.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_spki.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_spki.c -x_val.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_val.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_val.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_val.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_val.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_val.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_val.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_val.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_val.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_val.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_val.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_val.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_val.c -x_x509.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x_x509.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_x509.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_x509.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_x509.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h x_x509.c -x_x509a.o: ../../e_os.h ../../include/openssl/aes.h -x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_x509a.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_x509a.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_x509a.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_x509a.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_x509a.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_x509a.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_x509a.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_x509a.o: ../cryptlib.h x_x509a.c diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c index 0fb9ce0c2a..34179960b8 100644 --- a/src/lib/libcrypto/asn1/a_bitstr.c +++ b/src/lib/libcrypto/asn1/a_bitstr.c @@ -223,3 +223,26 @@ int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n) return((a->data[w]&v) != 0); } +/* + * Checks if the given bit string contains only bits specified by + * the flags vector. Returns 0 if there is at least one bit set in 'a' + * which is not specified in 'flags', 1 otherwise. + * 'len' is the length of 'flags'. + */ +int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a, + unsigned char *flags, int flags_len) + { + int i, ok; + /* Check if there is one bit set at all. */ + if (!a || !a->data) return 1; + + /* Check each byte of the internal representation of the bit string. */ + ok = 1; + for (i = 0; i < a->length && ok; ++i) + { + unsigned char mask = i < flags_len ? ~flags[i] : 0xff; + /* We are done if there is an unneeded bit set. */ + ok = (a->data[i] & mask) == 0; + } + return ok; + } diff --git a/src/lib/libcrypto/asn1/a_dup.c b/src/lib/libcrypto/asn1/a_dup.c index 199d50f521..d98992548a 100644 --- a/src/lib/libcrypto/asn1/a_dup.c +++ b/src/lib/libcrypto/asn1/a_dup.c @@ -62,7 +62,7 @@ #ifndef NO_OLD_ASN1 -void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x) +void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x) { unsigned char *b,*p; const unsigned char *p2; diff --git a/src/lib/libcrypto/asn1/a_gentm.c b/src/lib/libcrypto/asn1/a_gentm.c index def79062a5..c79c6f538c 100644 --- a/src/lib/libcrypto/asn1/a_gentm.c +++ b/src/lib/libcrypto/asn1/a_gentm.c @@ -117,8 +117,8 @@ err: int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d) { - static int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0}; - static int max[9]={99, 99,12,31,23,59,59,12,59}; + static const int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0}; + static const int max[9]={99, 99,12,31,23,59,59,12,59}; char *a; int n,i,l,o; @@ -176,6 +176,11 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d) o++; } } + else + { + /* Missing time zone information. */ + goto err; + } return(o == l); err: return(0); @@ -205,6 +210,12 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, time_t t) + { + return ASN1_GENERALIZEDTIME_adj(s, t, 0, 0); + } + +ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, + time_t t, int offset_day, long offset_sec) { char *p; struct tm *ts; @@ -220,13 +231,19 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, if (ts == NULL) return(NULL); + if (offset_day || offset_sec) + { + if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) + return NULL; + } + p=(char *)s->data; if ((p == NULL) || ((size_t)s->length < len)) { p=OPENSSL_malloc(len); if (p == NULL) { - ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_SET, + ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, ERR_R_MALLOC_FAILURE); return(NULL); } diff --git a/src/lib/libcrypto/asn1/a_hdr.c b/src/lib/libcrypto/asn1/a_hdr.c deleted file mode 100644 index d1c2a7b9e3..0000000000 --- a/src/lib/libcrypto/asn1/a_hdr.c +++ /dev/null @@ -1,119 +0,0 @@ -/* crypto/asn1/a_hdr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2d_ASN1_HEADER(ASN1_HEADER *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->header, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len(a->data, a->meth->i2d); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->header, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_put(a->data, a->meth->i2d); - - M_ASN1_I2D_finish(); - } - -ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, const unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->header,d2i_ASN1_OCTET_STRING); - if (ret->meth != NULL) - { - M_ASN1_D2I_get_x(void,ret->data,ret->meth->d2i); - } - else - { - if (a != NULL) (*a)=ret; - return(ret); - } - M_ASN1_D2I_Finish(a,ASN1_HEADER_free,ASN1_F_D2I_ASN1_HEADER); - } - -ASN1_HEADER *ASN1_HEADER_new(void) - { - ASN1_HEADER *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,ASN1_HEADER); - M_ASN1_New(ret->header,M_ASN1_OCTET_STRING_new); - ret->meth=NULL; - ret->data=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_ASN1_HEADER_NEW); - } - -void ASN1_HEADER_free(ASN1_HEADER *a) - { - if (a == NULL) return; - M_ASN1_OCTET_STRING_free(a->header); - if (a->meth != NULL) - a->meth->destroy(a->data); - OPENSSL_free(a); - } diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c index f8d198efb1..c6fd204ae3 100644 --- a/src/lib/libcrypto/asn1/a_int.c +++ b/src/lib/libcrypto/asn1/a_int.c @@ -61,10 +61,10 @@ #include #include -ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x) +ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x) { return M_ASN1_INTEGER_dup(x);} -int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y) +int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y) { int neg, ret; /* Compare signs */ @@ -373,7 +373,7 @@ int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) return(1); } -long ASN1_INTEGER_get(ASN1_INTEGER *a) +long ASN1_INTEGER_get(const ASN1_INTEGER *a) { int neg=0,i; long r=0; @@ -402,7 +402,7 @@ long ASN1_INTEGER_get(ASN1_INTEGER *a) return(r); } -ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai) +ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) { ASN1_INTEGER *ret; int len,j; @@ -444,7 +444,7 @@ err: return(NULL); } -BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn) +BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) { BIGNUM *ret; diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c index 1bcd046893..1538e0a4fc 100644 --- a/src/lib/libcrypto/asn1/a_mbstr.c +++ b/src/lib/libcrypto/asn1/a_mbstr.c @@ -93,7 +93,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, int str_type; int ret; char free_out; - int outform, outlen; + int outform, outlen = 0; ASN1_STRING *dest; unsigned char *p; int nchar; diff --git a/src/lib/libcrypto/asn1/a_meth.c b/src/lib/libcrypto/asn1/a_meth.c deleted file mode 100644 index 50bea917e3..0000000000 --- a/src/lib/libcrypto/asn1/a_meth.c +++ /dev/null @@ -1,84 +0,0 @@ -/* crypto/asn1/a_meth.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -static ASN1_METHOD ia5string_meth={ - (I2D_OF(void)) i2d_ASN1_IA5STRING, - (D2I_OF(void)) d2i_ASN1_IA5STRING, - (void *(*)(void))ASN1_STRING_new, - (void (*)(void *))ASN1_STRING_free}; - -static ASN1_METHOD bit_string_meth={ - (I2D_OF(void)) i2d_ASN1_BIT_STRING, - (D2I_OF(void)) d2i_ASN1_BIT_STRING, - (void *(*)(void))ASN1_STRING_new, - (void (*)(void *))ASN1_STRING_free}; - -ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void) - { - return(&ia5string_meth); - } - -ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void) - { - return(&bit_string_meth); - } diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c index dc980421d0..e5fbe7cbb1 100644 --- a/src/lib/libcrypto/asn1/a_object.c +++ b/src/lib/libcrypto/asn1/a_object.c @@ -281,8 +281,6 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, return ret; err: ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - ASN1_OBJECT_free(ret); return(NULL); } ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, @@ -290,7 +288,19 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, { ASN1_OBJECT *ret=NULL; const unsigned char *p; + unsigned char *data; int i; + /* Sanity check OID encoding: can't have leading 0x80 in + * subidentifiers, see: X.690 8.19.2 + */ + for (i = 0, p = *pp + 1; i < len - 1; i++, p++) + { + if (*p == 0x80 && (!i || !(p[-1] & 0x80))) + { + ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING); + return NULL; + } + } /* only the ASN1_OBJECTs from the 'table' will have values * for ->sn or ->ln */ @@ -302,15 +312,22 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, else ret=(*a); p= *pp; - if ((ret->data == NULL) || (ret->length < len)) + /* detach data from object */ + data = (unsigned char *)ret->data; + ret->data = NULL; + /* once detached we can change it */ + if ((data == NULL) || (ret->length < len)) { - if (ret->data != NULL) OPENSSL_free(ret->data); - ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); - ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; - if (ret->data == NULL) + ret->length=0; + if (data != NULL) OPENSSL_free(data); + data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); + if (data == NULL) { i=ERR_R_MALLOC_FAILURE; goto err; } + ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; } - memcpy(ret->data,p,(int)len); + memcpy(data,p,(int)len); + /* reattach data to object, after which it remains const */ + ret->data =data; ret->length=(int)len; ret->sn=NULL; ret->ln=NULL; @@ -359,7 +376,7 @@ void ASN1_OBJECT_free(ASN1_OBJECT *a) } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) { - if (a->data != NULL) OPENSSL_free(a->data); + if (a->data != NULL) OPENSSL_free((void *)a->data); a->data=NULL; a->length=0; } diff --git a/src/lib/libcrypto/asn1/a_octet.c b/src/lib/libcrypto/asn1/a_octet.c index 24fd0f8e5a..e8725e44f1 100644 --- a/src/lib/libcrypto/asn1/a_octet.c +++ b/src/lib/libcrypto/asn1/a_octet.c @@ -60,10 +60,10 @@ #include "cryptlib.h" #include -ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x) +ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *x) { return M_ASN1_OCTET_STRING_dup(x); } -int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b) +int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b) { return M_ASN1_OCTET_STRING_cmp(a, b); } int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len) diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c index 958558c204..d726c8d3a8 100644 --- a/src/lib/libcrypto/asn1/a_set.c +++ b/src/lib/libcrypto/asn1/a_set.c @@ -85,8 +85,9 @@ static int SetBlobCmp(const void *elem1, const void *elem2 ) } /* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */ -int i2d_ASN1_SET(STACK *a, unsigned char **pp, i2d_of_void *i2d, int ex_tag, - int ex_class, int is_set) +int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, + i2d_of_void *i2d, int ex_tag, int ex_class, + int is_set) { int ret=0,r; int i; @@ -96,8 +97,8 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, i2d_of_void *i2d, int ex_tag, int totSize; if (a == NULL) return(0); - for (i=sk_num(a)-1; i>=0; i--) - ret+=i2d(sk_value(a,i),NULL); + for (i=sk_OPENSSL_BLOCK_num(a)-1; i>=0; i--) + ret+=i2d(sk_OPENSSL_BLOCK_value(a,i),NULL); r=ASN1_object_size(1,ret,ex_tag); if (pp == NULL) return(r); @@ -108,10 +109,10 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, i2d_of_void *i2d, int ex_tag, /* And then again by Ben */ /* And again by Steve */ - if(!is_set || (sk_num(a) < 2)) + if(!is_set || (sk_OPENSSL_BLOCK_num(a) < 2)) { - for (i=0; i #include #include +#include "asn1_locl.h" #ifndef NO_ASN1_OLD @@ -218,45 +219,47 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, { EVP_MD_CTX ctx; unsigned char *buf_in=NULL,*buf_out=NULL; - int i,inl=0,outl=0,outll=0; - X509_ALGOR *a; + int inl=0,outl=0,outll=0; + int signid, paramtype; - EVP_MD_CTX_init(&ctx); - for (i=0; i<2; i++) + if (type == NULL) { - if (i == 0) - a=algor1; - else - a=algor2; - if (a == NULL) continue; - if (type->pkey_type == NID_dsaWithSHA1 || - type->pkey_type == NID_ecdsa_with_SHA1) - { - /* special case: RFC 3279 tells us to omit 'parameters' - * with id-dsa-with-sha1 and ecdsa-with-SHA1 */ - ASN1_TYPE_free(a->parameter); - a->parameter = NULL; - } - else if ((a->parameter == NULL) || - (a->parameter->type != V_ASN1_NULL)) - { - ASN1_TYPE_free(a->parameter); - if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err; - a->parameter->type=V_ASN1_NULL; - } - ASN1_OBJECT_free(a->algorithm); - a->algorithm=OBJ_nid2obj(type->pkey_type); - if (a->algorithm == NULL) - { - ASN1err(ASN1_F_ASN1_ITEM_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE); - goto err; - } - if (a->algorithm->length == 0) + int def_nid; + if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0) + type = EVP_get_digestbynid(def_nid); + } + + if (type == NULL) + { + ASN1err(ASN1_F_ASN1_ITEM_SIGN, ASN1_R_NO_DEFAULT_DIGEST); + return 0; + } + + if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) + { + if (!pkey->ameth || + !OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(type), + pkey->ameth->pkey_id)) { - ASN1err(ASN1_F_ASN1_ITEM_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); - goto err; + ASN1err(ASN1_F_ASN1_ITEM_SIGN, + ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); + return 0; } } + else + signid = type->pkey_type; + + if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) + paramtype = V_ASN1_NULL; + else + paramtype = V_ASN1_UNDEF; + + if (algor1) + X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL); + if (algor2) + X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL); + + EVP_MD_CTX_init(&ctx); inl=ASN1_item_i2d(asn,&buf_in, it); outll=outl=EVP_PKEY_size(pkey); buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl); @@ -267,12 +270,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, goto err; } - if (!EVP_SignInit_ex(&ctx,type, NULL)) - { - outl=0; - ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB); - goto err; - } + EVP_SignInit_ex(&ctx,type, NULL); EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, (unsigned int *)&outl,pkey)) diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c index fe515b52ba..753021a7a2 100644 --- a/src/lib/libcrypto/asn1/a_strnid.c +++ b/src/lib/libcrypto/asn1/a_strnid.c @@ -67,7 +67,6 @@ static STACK_OF(ASN1_STRING_TABLE) *stable = NULL; static void st_free(ASN1_STRING_TABLE *tbl); static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, const ASN1_STRING_TABLE * const *b); -static int table_cmp(const void *a, const void *b); /* This is the global mask for the mbstring functions: this is use to @@ -158,7 +157,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, /* This table must be kept in NID order */ -static ASN1_STRING_TABLE tbl_standard[] = { +static const ASN1_STRING_TABLE tbl_standard[] = { {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0}, {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0}, @@ -186,22 +185,23 @@ static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, return (*a)->nid - (*b)->nid; } -static int table_cmp(const void *a, const void *b) +DECLARE_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table); + +static int table_cmp(const ASN1_STRING_TABLE *a, const ASN1_STRING_TABLE *b) { - const ASN1_STRING_TABLE *sa = a, *sb = b; - return sa->nid - sb->nid; + return a->nid - b->nid; } +IMPLEMENT_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table); + ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid) { int idx; ASN1_STRING_TABLE *ttmp; ASN1_STRING_TABLE fnd; fnd.nid = nid; - ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd, - (char *)tbl_standard, - sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE), - sizeof(ASN1_STRING_TABLE), table_cmp); + ttmp = OBJ_bsearch_table(&fnd, tbl_standard, + sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE)); if(ttmp) return ttmp; if(!stable) return NULL; idx = sk_ASN1_STRING_TABLE_find(stable, &fnd); diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c index 159681fbcb..e2eb9b243e 100644 --- a/src/lib/libcrypto/asn1/a_time.c +++ b/src/lib/libcrypto/asn1/a_time.c @@ -100,18 +100,29 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) { + return ASN1_TIME_adj(s, t, 0, 0); + } + +ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, + int offset_day, long offset_sec) + { struct tm *ts; struct tm data; ts=OPENSSL_gmtime(&t,&data); if (ts == NULL) { - ASN1err(ASN1_F_ASN1_TIME_SET, ASN1_R_ERROR_GETTING_TIME); + ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME); return NULL; } + if (offset_day || offset_sec) + { + if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) + return NULL; + } if((ts->tm_year >= 50) && (ts->tm_year < 150)) - return ASN1_UTCTIME_set(s, t); - return ASN1_GENERALIZEDTIME_set(s,t); + return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec); + return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec); } int ASN1_TIME_check(ASN1_TIME *t) @@ -162,3 +173,26 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE return ret; } + +int ASN1_TIME_set_string(ASN1_TIME *s, const char *str) + { + ASN1_TIME t; + + t.length = strlen(str); + t.data = (unsigned char *)str; + t.flags = 0; + + t.type = V_ASN1_UTCTIME; + + if (!ASN1_TIME_check(&t)) + { + t.type = V_ASN1_GENERALIZEDTIME; + if (!ASN1_TIME_check(&t)) + return 0; + } + + if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t)) + return 0; + + return 1; + } diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c index 36beceacdb..a45d2f9d12 100644 --- a/src/lib/libcrypto/asn1/a_type.c +++ b/src/lib/libcrypto/asn1/a_type.c @@ -77,7 +77,10 @@ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL); } a->type=type; - a->value.ptr=value; + if (type == V_ASN1_BOOLEAN) + a->value.boolean = value ? 0xff : 0; + else + a->value.ptr=value; } int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) @@ -98,7 +101,7 @@ int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) else { ASN1_STRING *sdup; - sdup = ASN1_STRING_dup((ASN1_STRING *)value); + sdup = ASN1_STRING_dup(value); if (!sdup) return 0; ASN1_TYPE_set(a, type, sdup); @@ -108,3 +111,49 @@ int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) IMPLEMENT_STACK_OF(ASN1_TYPE) IMPLEMENT_ASN1_SET_OF(ASN1_TYPE) + +/* Returns 0 if they are equal, != 0 otherwise. */ +int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b) + { + int result = -1; + + if (!a || !b || a->type != b->type) return -1; + + switch (a->type) + { + case V_ASN1_OBJECT: + result = OBJ_cmp(a->value.object, b->value.object); + break; + case V_ASN1_NULL: + result = 0; /* They do not have content. */ + break; + case V_ASN1_INTEGER: + case V_ASN1_NEG_INTEGER: + case V_ASN1_ENUMERATED: + case V_ASN1_NEG_ENUMERATED: + case V_ASN1_BIT_STRING: + case V_ASN1_OCTET_STRING: + case V_ASN1_SEQUENCE: + case V_ASN1_SET: + case V_ASN1_NUMERICSTRING: + case V_ASN1_PRINTABLESTRING: + case V_ASN1_T61STRING: + case V_ASN1_VIDEOTEXSTRING: + case V_ASN1_IA5STRING: + case V_ASN1_UTCTIME: + case V_ASN1_GENERALIZEDTIME: + case V_ASN1_GRAPHICSTRING: + case V_ASN1_VISIBLESTRING: + case V_ASN1_GENERALSTRING: + case V_ASN1_UNIVERSALSTRING: + case V_ASN1_BMPSTRING: + case V_ASN1_UTF8STRING: + case V_ASN1_OTHER: + default: + result = ASN1_STRING_cmp((ASN1_STRING *) a->value.ptr, + (ASN1_STRING *) b->value.ptr); + break; + } + + return result; + } diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c index d31c028193..072e236592 100644 --- a/src/lib/libcrypto/asn1/a_utctm.c +++ b/src/lib/libcrypto/asn1/a_utctm.c @@ -114,8 +114,8 @@ err: int ASN1_UTCTIME_check(ASN1_UTCTIME *d) { - static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0}; - static int max[8]={99,12,31,23,59,59,12,59}; + static const int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0}; + static const int max[8]={99,12,31,23,59,59,12,59}; char *a; int n,i,l,o; @@ -186,6 +186,12 @@ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) { + return ASN1_UTCTIME_adj(s, t, 0, 0); + } + +ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, + int offset_day, long offset_sec) + { char *p; struct tm *ts; struct tm data; @@ -200,13 +206,22 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) if (ts == NULL) return(NULL); + if (offset_day || offset_sec) + { + if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) + return NULL; + } + + if((ts->tm_year < 50) || (ts->tm_year >= 150)) + return NULL; + p=(char *)s->data; if ((p == NULL) || ((size_t)s->length < len)) { p=OPENSSL_malloc(len); if (p == NULL) { - ASN1err(ASN1_F_ASN1_UTCTIME_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE); return(NULL); } if (s->data != NULL) diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c index da3efaaf8d..cecdb13c70 100644 --- a/src/lib/libcrypto/asn1/a_verify.c +++ b/src/lib/libcrypto/asn1/a_verify.c @@ -60,6 +60,7 @@ #include #include "cryptlib.h" +#include "asn1_locl.h" #ifndef NO_SYS_TYPES_H # include @@ -100,12 +101,7 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, p=buf_in; i2d(data,&p); - if (!EVP_VerifyInit_ex(&ctx,type, NULL)) - { - ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); - ret=0; - goto err; - } + EVP_VerifyInit_ex(&ctx,type, NULL); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); OPENSSL_cleanse(buf_in,(unsigned int)inl); @@ -134,19 +130,34 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat void *asn, EVP_PKEY *pkey) { EVP_MD_CTX ctx; - const EVP_MD *type; + const EVP_MD *type = NULL; unsigned char *buf_in=NULL; - int ret= -1,i,inl; + int ret= -1,inl; + + int mdnid, pknid; EVP_MD_CTX_init(&ctx); - i=OBJ_obj2nid(a->algorithm); - type=EVP_get_digestbyname(OBJ_nid2sn(i)); + + /* Convert signature OID into digest and public key OIDs */ + if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) + { + ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); + goto err; + } + type=EVP_get_digestbynid(mdnid); if (type == NULL) { ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); goto err; } + /* Check public key OID matches public key type */ + if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) + { + ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE); + goto err; + } + if (!EVP_VerifyInit_ex(&ctx,type, NULL)) { ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h index e3385226d4..f7718b5a94 100644 --- a/src/lib/libcrypto/asn1/asn1.h +++ b/src/lib/libcrypto/asn1/asn1.h @@ -213,7 +213,7 @@ typedef struct asn1_object_st const char *sn,*ln; int nid; int length; - unsigned char *data; + const unsigned char *data; /* data remains const after init */ int flags; /* Should we free this one */ } ASN1_OBJECT; @@ -228,8 +228,12 @@ typedef struct asn1_object_st * complete and is a place holder for content when it had all been * accessed. The flag will be reset when content has been written to it. */ -#define ASN1_STRING_FLAG_CONT 0x020 +#define ASN1_STRING_FLAG_CONT 0x020 +/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING + * type. + */ +#define ASN1_STRING_FLAG_MSTRING 0x040 /* This is the base type that holds just about everything :-) */ typedef struct asn1_string_st { @@ -330,6 +334,13 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; type *name##_new(void); \ void name##_free(type *a); +#define DECLARE_ASN1_PRINT_FUNCTION(stname) \ + DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname) + +#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \ + int fname##_print_ctx(BIO *out, stname *x, int indent, \ + const ASN1_PCTX *pctx); + #define D2I_OF(type) type *(*)(type **,const unsigned char **,long) #define I2D_OF(type) int (*)(type *,unsigned char **) #define I2D_OF_const(type) int (*)(const type *,unsigned char **) @@ -534,28 +545,23 @@ typedef struct asn1_type_st * contain the set or sequence bytes */ ASN1_STRING * set; ASN1_STRING * sequence; - ASN1_VALUE * asn1_value; + ASN1_VALUE * asn1_value; } value; } ASN1_TYPE; DECLARE_STACK_OF(ASN1_TYPE) DECLARE_ASN1_SET_OF(ASN1_TYPE) -typedef struct asn1_method_st - { - i2d_of_void *i2d; - d2i_of_void *d2i; - void *(*create)(void); - void (*destroy)(void *); - } ASN1_METHOD; - -/* This is used when parsing some Netscape objects */ -typedef struct asn1_header_st +typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY; + +DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY) +DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY) + +typedef struct NETSCAPE_X509_st { ASN1_OCTET_STRING *header; - void *data; - ASN1_METHOD *meth; - } ASN1_HEADER; + X509 *cert; + } NETSCAPE_X509; /* This is used to contain a list of bit names */ typedef struct BIT_STRING_BITNAME_st { @@ -575,32 +581,34 @@ typedef struct BIT_STRING_BITNAME_st { ASN1_STRING_type_new(V_ASN1_BIT_STRING) #define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) #define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\ - ASN1_STRING_dup((ASN1_STRING *)a) + ASN1_STRING_dup((const ASN1_STRING *)a) #define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\ - (ASN1_STRING *)a,(ASN1_STRING *)b) + (const ASN1_STRING *)a,(const ASN1_STRING *)b) #define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) #define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\ ASN1_STRING_type_new(V_ASN1_INTEGER) #define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a) +#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\ + ASN1_STRING_dup((const ASN1_STRING *)a) #define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\ - (ASN1_STRING *)a,(ASN1_STRING *)b) + (const ASN1_STRING *)a,(const ASN1_STRING *)b) #define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\ ASN1_STRING_type_new(V_ASN1_ENUMERATED) #define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a) +#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\ + ASN1_STRING_dup((const ASN1_STRING *)a) #define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\ - (ASN1_STRING *)a,(ASN1_STRING *)b) + (const ASN1_STRING *)a,(const ASN1_STRING *)b) #define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\ ASN1_STRING_type_new(V_ASN1_OCTET_STRING) #define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) #define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\ - ASN1_STRING_dup((ASN1_STRING *)a) + ASN1_STRING_dup((const ASN1_STRING *)a) #define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\ - (ASN1_STRING *)a,(ASN1_STRING *)b) + (const ASN1_STRING *)a,(const ASN1_STRING *)b) #define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) #define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b) #define M_i2d_ASN1_OCTET_STRING(a,pp) \ @@ -684,7 +692,7 @@ typedef struct BIT_STRING_BITNAME_st { ASN1_STRING_type_new(V_ASN1_IA5STRING) #define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) #define M_ASN1_IA5STRING_dup(a) \ - (ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a) + (ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a) #define M_i2d_ASN1_IA5STRING(a,pp) \ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\ V_ASN1_UNIVERSAL) @@ -695,18 +703,20 @@ typedef struct BIT_STRING_BITNAME_st { #define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\ ASN1_STRING_type_new(V_ASN1_UTCTIME) #define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a) +#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\ + ASN1_STRING_dup((const ASN1_STRING *)a) #define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\ ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME) #define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) #define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\ - (ASN1_STRING *)a) + (const ASN1_STRING *)a) #define M_ASN1_TIME_new() (ASN1_TIME *)\ ASN1_STRING_type_new(V_ASN1_UTCTIME) #define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a) +#define M_ASN1_TIME_dup(a) (ASN1_TIME *)\ + ASN1_STRING_dup((const ASN1_STRING *)a) #define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\ ASN1_STRING_type_new(V_ASN1_GENERALSTRING) @@ -767,6 +777,7 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE) int ASN1_TYPE_get(ASN1_TYPE *a); void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value); +int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b); ASN1_OBJECT * ASN1_OBJECT_new(void ); void ASN1_OBJECT_free(ASN1_OBJECT *a); @@ -783,14 +794,15 @@ DECLARE_ASN1_SET_OF(ASN1_OBJECT) ASN1_STRING * ASN1_STRING_new(void); void ASN1_STRING_free(ASN1_STRING *a); -ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a); +int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str); +ASN1_STRING * ASN1_STRING_dup(const ASN1_STRING *a); ASN1_STRING * ASN1_STRING_type_new(int type ); -int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b); +int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b); /* Since this is used to store all sorts of things, via macros, for now, make its data void * */ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len); -int ASN1_STRING_length(ASN1_STRING *x); +int ASN1_STRING_length(const ASN1_STRING *x); void ASN1_STRING_length_set(ASN1_STRING *x, int n); int ASN1_STRING_type(ASN1_STRING *x); unsigned char * ASN1_STRING_data(ASN1_STRING *x); @@ -803,6 +815,8 @@ int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length ); int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); +int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a, + unsigned char *flags, int flags_len); #ifndef OPENSSL_NO_BIO int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs, @@ -821,13 +835,15 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp, long length); ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,const unsigned char **pp, long length); -ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x); -int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y); +ASN1_INTEGER * ASN1_INTEGER_dup(const ASN1_INTEGER *x); +int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y); DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED) int ASN1_UTCTIME_check(ASN1_UTCTIME *a); ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); +ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, + int offset_day, long offset_sec); int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); #if 0 @@ -836,11 +852,13 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); +ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, + time_t t, int offset_day, long offset_sec); int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str); DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) -ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a); -int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b); +ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a); +int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b); int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len); DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) @@ -867,14 +885,20 @@ DECLARE_ASN1_FUNCTIONS(ASN1_TIME) DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF) ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t); +ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s,time_t t, + int offset_day, long offset_sec); int ASN1_TIME_check(ASN1_TIME *t); ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out); +int ASN1_TIME_set_string(ASN1_TIME *s, const char *str); -int i2d_ASN1_SET(STACK *a, unsigned char **pp, - i2d_of_void *i2d, int ex_tag, int ex_class, int is_set); -STACK * d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length, - d2i_of_void *d2i, void (*free_func)(void *), - int ex_tag, int ex_class); +int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, + i2d_of_void *i2d, int ex_tag, int ex_class, + int is_set); +STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a, + const unsigned char **pp, + long length, d2i_of_void *d2i, + void (*free_func)(OPENSSL_BLOCK), int ex_tag, + int ex_class); #ifndef OPENSSL_NO_BIO int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); @@ -892,9 +916,9 @@ ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len, const char *sn, const char *ln); int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); -long ASN1_INTEGER_get(ASN1_INTEGER *a); -ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai); -BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn); +long ASN1_INTEGER_get(const ASN1_INTEGER *a); +ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai); +BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai,BIGNUM *bn); int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a); @@ -928,7 +952,7 @@ int ASN1_put_eoc(unsigned char **pp); int ASN1_object_size(int constructed, int length, int tag); /* Used to implement other functions */ -void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x); +void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x); #define ASN1_dup_of(type,i2d,d2i,x) \ ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \ @@ -999,29 +1023,23 @@ int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x); CHECKED_PTR_OF(const type, x))) int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); -int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a); -int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a); -int ASN1_TIME_print(BIO *fp,ASN1_TIME *a); -int ASN1_STRING_print(BIO *bp,ASN1_STRING *v); +int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a); +int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a); +int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a); +int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v); int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); +int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num, + unsigned char *buf, int off); int ASN1_parse(BIO *bp,const unsigned char *pp,long len,int indent); int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump); #endif const char *ASN1_tag2str(int tag); -/* Used to load and write netscape format cert/key */ -int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp); -ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length); -ASN1_HEADER *ASN1_HEADER_new(void ); -void ASN1_HEADER_free(ASN1_HEADER *a); +/* Used to load and write netscape format cert */ -int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); +DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509) -/* Not used that much at this point, except for the first two */ -ASN1_METHOD *X509_asn1_meth(void); -ASN1_METHOD *RSAPrivateKey_asn1_meth(void); -ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void); -ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void); +int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len); @@ -1032,9 +1050,9 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num, unsigned char *data, int max_len); -STACK *ASN1_seq_unpack(const unsigned char *buf, int len, - d2i_of_void *d2i, void (*free_func)(void *)); -unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d, +STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len, + d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK)); +unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d, unsigned char **buf, int *len ); void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i); void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it); @@ -1077,15 +1095,58 @@ void ASN1_add_oid_module(void); ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf); ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf); -typedef int asn1_output_data_fn(BIO *out, BIO *data, ASN1_VALUE *val, int flags, - const ASN1_ITEM *it); - -int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, +/* ASN1 Print flags */ + +/* Indicate missing OPTIONAL fields */ +#define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001 +/* Mark start and end of SEQUENCE */ +#define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002 +/* Mark start and end of SEQUENCE/SET OF */ +#define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004 +/* Show the ASN1 type of primitives */ +#define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008 +/* Don't show ASN1 type of ANY */ +#define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010 +/* Don't show ASN1 type of MSTRINGs */ +#define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020 +/* Don't show field names in SEQUENCE */ +#define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040 +/* Show structure names of each SEQUENCE field */ +#define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080 +/* Don't show structure name even at top level */ +#define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100 + +int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, + const ASN1_ITEM *it, const ASN1_PCTX *pctx); +ASN1_PCTX *ASN1_PCTX_new(void); +void ASN1_PCTX_free(ASN1_PCTX *p); +unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p); +void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags); +unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p); +void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags); +unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p); +void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags); +unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p); +void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags); +unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p); +void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags); + +BIO_METHOD *BIO_f_asn1(void); + +BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it); + +int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, + const ASN1_ITEM *it); +int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, + const char *hdr, + const ASN1_ITEM *it); +int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, - asn1_output_data_fn *data_fn, const ASN1_ITEM *it); ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); +int SMIME_crlf_copy(BIO *in, BIO *out, int flags); +int SMIME_text(BIO *in, BIO *out); /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -1116,6 +1177,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_ASN1_ENUMERATED_TO_BN 113 #define ASN1_F_ASN1_EX_C2I 204 #define ASN1_F_ASN1_FIND_END 190 +#define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216 #define ASN1_F_ASN1_GENERALIZEDTIME_SET 185 #define ASN1_F_ASN1_GENERATE_V3 178 #define ASN1_F_ASN1_GET_OBJECT 114 @@ -1136,7 +1198,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_ASN1_ITEM_VERIFY 197 #define ASN1_F_ASN1_MBSTRING_NCOPY 122 #define ASN1_F_ASN1_OBJECT_NEW 123 -#define ASN1_F_ASN1_OUTPUT_DATA 207 +#define ASN1_F_ASN1_OUTPUT_DATA 214 #define ASN1_F_ASN1_PACK_STRING 124 #define ASN1_F_ASN1_PCTX_NEW 205 #define ASN1_F_ASN1_PKCS5_PBE_SET 125 @@ -1150,14 +1212,17 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 #define ASN1_F_ASN1_TEMPLATE_NEW 133 #define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131 +#define ASN1_F_ASN1_TIME_ADJ 217 #define ASN1_F_ASN1_TIME_SET 175 #define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 #define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 #define ASN1_F_ASN1_UNPACK_STRING 136 +#define ASN1_F_ASN1_UTCTIME_ADJ 218 #define ASN1_F_ASN1_UTCTIME_SET 187 #define ASN1_F_ASN1_VERIFY 137 -#define ASN1_F_B64_READ_ASN1 208 -#define ASN1_F_B64_WRITE_ASN1 209 +#define ASN1_F_B64_READ_ASN1 209 +#define ASN1_F_B64_WRITE_ASN1 210 +#define ASN1_F_BIO_NEW_NDEF 208 #define ASN1_F_BITSTR_CB 180 #define ASN1_F_BN_TO_ASN1_ENUMERATED 138 #define ASN1_F_BN_TO_ASN1_INTEGER 139 @@ -1176,6 +1241,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_D2I_ASN1_TYPE_BYTES 149 #define ASN1_F_D2I_ASN1_UINTEGER 150 #define ASN1_F_D2I_ASN1_UTCTIME 151 +#define ASN1_F_D2I_AUTOPRIVATEKEY 207 #define ASN1_F_D2I_NETSCAPE_RSA 152 #define ASN1_F_D2I_NETSCAPE_RSA_2 153 #define ASN1_F_D2I_PRIVATEKEY 154 @@ -1185,6 +1251,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_D2I_X509 156 #define ASN1_F_D2I_X509_CINF 157 #define ASN1_F_D2I_X509_PKEY 159 +#define ASN1_F_I2D_ASN1_BIO_STREAM 211 #define ASN1_F_I2D_ASN1_SET 188 #define ASN1_F_I2D_ASN1_TIME 160 #define ASN1_F_I2D_DSA_PUBKEY 161 @@ -1196,10 +1263,11 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_LONG_C2I 166 #define ASN1_F_OID_MODULE_INIT 174 #define ASN1_F_PARSE_TAGGING 182 -#define ASN1_F_PKCS5_PBE2_SET 167 +#define ASN1_F_PKCS5_PBE2_SET_IV 167 #define ASN1_F_PKCS5_PBE_SET 202 -#define ASN1_F_SMIME_READ_ASN1 210 -#define ASN1_F_SMIME_TEXT 211 +#define ASN1_F_PKCS5_PBE_SET0_ALGOR 215 +#define ASN1_F_SMIME_READ_ASN1 212 +#define ASN1_F_SMIME_TEXT 213 #define ASN1_F_X509_CINF_NEW 168 #define ASN1_F_X509_CRL_ADD0_REVOKED 169 #define ASN1_F_X509_INFO_NEW 170 @@ -1211,14 +1279,14 @@ void ERR_load_ASN1_strings(void); /* Reason codes. */ #define ASN1_R_ADDING_OBJECT 171 -#define ASN1_R_ASN1_PARSE_ERROR 198 -#define ASN1_R_ASN1_SIG_PARSE_ERROR 199 +#define ASN1_R_ASN1_PARSE_ERROR 203 +#define ASN1_R_ASN1_SIG_PARSE_ERROR 204 #define ASN1_R_AUX_ERROR 100 #define ASN1_R_BAD_CLASS 101 #define ASN1_R_BAD_OBJECT_HEADER 102 #define ASN1_R_BAD_PASSWORD_READ 103 #define ASN1_R_BAD_TAG 104 -#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 210 +#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214 #define ASN1_R_BN_LIB 105 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 #define ASN1_R_BUFFER_TOO_SMALL 107 @@ -1227,6 +1295,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_DECODE_ERROR 110 #define ASN1_R_DECODING_ERROR 111 #define ASN1_R_DEPTH_EXCEEDED 174 +#define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198 #define ASN1_R_ENCODE_ERROR 112 #define ASN1_R_ERROR_GETTING_TIME 173 #define ASN1_R_ERROR_LOADING_SECTION 172 @@ -1260,9 +1329,10 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 #define ASN1_R_INVALID_BMPSTRING_LENGTH 129 #define ASN1_R_INVALID_DIGIT 130 -#define ASN1_R_INVALID_MIME_TYPE 200 +#define ASN1_R_INVALID_MIME_TYPE 205 #define ASN1_R_INVALID_MODIFIER 186 #define ASN1_R_INVALID_NUMBER 187 +#define ASN1_R_INVALID_OBJECT_ENCODING 216 #define ASN1_R_INVALID_SEPARATOR 131 #define ASN1_R_INVALID_TIME_FORMAT 132 #define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133 @@ -1270,9 +1340,9 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_IV_TOO_LARGE 135 #define ASN1_R_LENGTH_ERROR 136 #define ASN1_R_LIST_ERROR 188 -#define ASN1_R_MIME_NO_CONTENT_TYPE 201 -#define ASN1_R_MIME_PARSE_ERROR 202 -#define ASN1_R_MIME_SIG_PARSE_ERROR 203 +#define ASN1_R_MIME_NO_CONTENT_TYPE 206 +#define ASN1_R_MIME_PARSE_ERROR 207 +#define ASN1_R_MIME_SIG_PARSE_ERROR 208 #define ASN1_R_MISSING_EOC 137 #define ASN1_R_MISSING_SECOND_NUMBER 138 #define ASN1_R_MISSING_VALUE 189 @@ -1282,11 +1352,12 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_NON_HEX_CHARACTERS 141 #define ASN1_R_NOT_ASCII_FORMAT 190 #define ASN1_R_NOT_ENOUGH_DATA 142 -#define ASN1_R_NO_CONTENT_TYPE 204 +#define ASN1_R_NO_CONTENT_TYPE 209 +#define ASN1_R_NO_DEFAULT_DIGEST 201 #define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 -#define ASN1_R_NO_MULTIPART_BODY_FAILURE 205 -#define ASN1_R_NO_MULTIPART_BOUNDARY 206 -#define ASN1_R_NO_SIG_CONTENT_TYPE 207 +#define ASN1_R_NO_MULTIPART_BODY_FAILURE 210 +#define ASN1_R_NO_MULTIPART_BOUNDARY 211 +#define ASN1_R_NO_SIG_CONTENT_TYPE 212 #define ASN1_R_NULL_IS_WRONG_LENGTH 144 #define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191 #define ASN1_R_ODD_NUMBER_OF_CHARS 145 @@ -1296,8 +1367,8 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149 #define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192 #define ASN1_R_SHORT_LINE 150 -#define ASN1_R_SIG_INVALID_MIME_TYPE 208 -#define ASN1_R_STREAMING_NOT_SUPPORTED 209 +#define ASN1_R_SIG_INVALID_MIME_TYPE 213 +#define ASN1_R_STREAMING_NOT_SUPPORTED 202 #define ASN1_R_STRING_TOO_LONG 151 #define ASN1_R_STRING_TOO_SHORT 152 #define ASN1_R_TAG_VALUE_TOO_HIGH 153 @@ -1308,11 +1379,12 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157 #define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158 #define ASN1_R_UNEXPECTED_EOC 159 -#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 211 +#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215 #define ASN1_R_UNKNOWN_FORMAT 160 #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161 #define ASN1_R_UNKNOWN_OBJECT_TYPE 162 #define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163 +#define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199 #define ASN1_R_UNKNOWN_TAG 194 #define ASN1_R_UNKOWN_FORMAT 195 #define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164 @@ -1320,6 +1392,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166 #define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167 #define ASN1_R_UNSUPPORTED_TYPE 196 +#define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200 #define ASN1_R_WRONG_TAG 168 #define ASN1_R_WRONG_TYPE 169 diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c index 5f5de98eed..6e04d08f31 100644 --- a/src/lib/libcrypto/asn1/asn1_err.c +++ b/src/lib/libcrypto/asn1/asn1_err.c @@ -1,6 +1,6 @@ /* crypto/asn1/asn1_err.c */ /* ==================================================================== - * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2009 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -90,10 +90,11 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"}, {ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"}, {ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"}, +{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"}, {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"}, {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"}, {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"}, -{ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_new"}, +{ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"}, {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"}, {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"}, {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"}, @@ -112,7 +113,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"}, {ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"}, {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"}, -{ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_NEW"}, +{ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"}, {ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"}, {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"}, {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"}, @@ -124,14 +125,17 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"}, {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"}, {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"}, +{ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"}, {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"}, {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"}, {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"}, {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"}, +{ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"}, {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"}, {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"}, {ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"}, {ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"}, +{ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"}, {ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"}, {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"}, {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"}, @@ -143,13 +147,14 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"}, {ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"}, {ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"}, -{ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "d2i_ASN1_HEADER"}, +{ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "D2I_ASN1_HEADER"}, {ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"}, {ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"}, {ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"}, {ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"}, {ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"}, {ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"}, +{ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"}, {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"}, {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"}, {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"}, @@ -159,6 +164,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"}, {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"}, {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"}, +{ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"}, {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"}, {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"}, {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"}, @@ -170,8 +176,9 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"}, {ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"}, {ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"}, -{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET), "PKCS5_pbe2_set"}, +{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"}, {ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"}, +{ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"}, {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"}, {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"}, {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"}, @@ -204,6 +211,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ERR_REASON(ASN1_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(ASN1_R_DECODING_ERROR) ,"decoding error"}, {ERR_REASON(ASN1_R_DEPTH_EXCEEDED) ,"depth exceeded"}, +{ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED),"digest and key type not supported"}, {ERR_REASON(ASN1_R_ENCODE_ERROR) ,"encode error"}, {ERR_REASON(ASN1_R_ERROR_GETTING_TIME) ,"error getting time"}, {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION),"error loading section"}, @@ -240,6 +248,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ERR_REASON(ASN1_R_INVALID_MIME_TYPE) ,"invalid mime type"}, {ERR_REASON(ASN1_R_INVALID_MODIFIER) ,"invalid modifier"}, {ERR_REASON(ASN1_R_INVALID_NUMBER) ,"invalid number"}, +{ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING),"invalid object encoding"}, {ERR_REASON(ASN1_R_INVALID_SEPARATOR) ,"invalid separator"}, {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT) ,"invalid time format"}, {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),"invalid universalstring length"}, @@ -260,6 +269,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT) ,"not ascii format"}, {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) ,"not enough data"}, {ERR_REASON(ASN1_R_NO_CONTENT_TYPE) ,"no content type"}, +{ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST) ,"no default digest"}, {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE),"no matching choice type"}, {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"}, {ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"}, @@ -290,6 +300,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"}, {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) ,"unknown object type"}, {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),"unknown public key type"}, +{ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM),"unknown signature algorithm"}, {ERR_REASON(ASN1_R_UNKNOWN_TAG) ,"unknown tag"}, {ERR_REASON(ASN1_R_UNKOWN_FORMAT) ,"unkown format"}, {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),"unsupported any defined by type"}, @@ -297,6 +308,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),"unsupported encryption algorithm"}, {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),"unsupported public key type"}, {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE) ,"unsupported type"}, +{ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE),"wrong public key type"}, {ERR_REASON(ASN1_R_WRONG_TAG) ,"wrong tag"}, {ERR_REASON(ASN1_R_WRONG_TYPE) ,"wrong type"}, {0,NULL} diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c index 5af559ef8d..1bcb44aee2 100644 --- a/src/lib/libcrypto/asn1/asn1_lib.c +++ b/src/lib/libcrypto/asn1/asn1_lib.c @@ -340,20 +340,31 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length) return(1); } -ASN1_STRING *ASN1_STRING_dup(ASN1_STRING *str) +int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str) { - ASN1_STRING *ret; + if (str == NULL) + return 0; + dst->type = str->type; + if (!ASN1_STRING_set(dst,str->data,str->length)) + return 0; + dst->flags = str->flags; + return 1; + } - if (str == NULL) return(NULL); - if ((ret=ASN1_STRING_type_new(str->type)) == NULL) - return(NULL); - if (!ASN1_STRING_set(ret,str->data,str->length)) +ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str) + { + ASN1_STRING *ret; + if (!str) + return NULL; + ret=ASN1_STRING_new(); + if (!ret) + return NULL; + if (!ASN1_STRING_copy(ret,str)) { ASN1_STRING_free(ret); - return(NULL); + return NULL; } - ret->flags = str->flags; - return(ret); + return ret; } int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) @@ -427,11 +438,12 @@ ASN1_STRING *ASN1_STRING_type_new(int type) void ASN1_STRING_free(ASN1_STRING *a) { if (a == NULL) return; - if (a->data != NULL) OPENSSL_free(a->data); + if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF)) + OPENSSL_free(a->data); OPENSSL_free(a); } -int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b) +int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b) { int i; @@ -457,7 +469,7 @@ void asn1_add_error(const unsigned char *address, int offset) ERR_add_error_data(4,"address=",buf1," offset=",buf2); } -int ASN1_STRING_length(ASN1_STRING *x) +int ASN1_STRING_length(const ASN1_STRING *x) { return M_ASN1_STRING_length(x); } void ASN1_STRING_length_set(ASN1_STRING *x, int len) diff --git a/src/lib/libcrypto/asn1/asn1_mac.h b/src/lib/libcrypto/asn1/asn1_mac.h index d958ca60d9..87bd0e9e1d 100644 --- a/src/lib/libcrypto/asn1/asn1_mac.h +++ b/src/lib/libcrypto/asn1/asn1_mac.h @@ -153,6 +153,13 @@ err:\ M_ASN1_D2I_get(b,func); \ } +#define M_ASN1_D2I_get_int_opt(b,func,type) \ + if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \ + == (V_ASN1_UNIVERSAL|(type)))) \ + { \ + M_ASN1_D2I_get_int(b,func); \ + } + #define M_ASN1_D2I_get_imp(b,func, type) \ M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \ c.q=c.p; \ diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c index 8657f73d66..aaca69aebd 100644 --- a/src/lib/libcrypto/asn1/asn1_par.c +++ b/src/lib/libcrypto/asn1/asn1_par.c @@ -70,9 +70,8 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, int indent) { static const char fmt[]="%-18s"; - static const char fmt2[]="%2d %-15s"; char str[128]; - const char *p,*p2=NULL; + const char *p; if (constructed & V_ASN1_CONSTRUCTED) p="cons: "; @@ -93,14 +92,8 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, else p = ASN1_tag2str(tag); - if (p2 != NULL) - { - if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err; - } - else - { - if (BIO_printf(bp,fmt,p) <= 0) goto err; - } + if (BIO_printf(bp,fmt,p) <= 0) + goto err; return(1); err: return(0); @@ -246,7 +239,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl); if (ii < 0) { - if (BIO_write(bp,"Bad boolean\n",12)) + if (BIO_write(bp,"Bad boolean\n",12) <= 0) goto end; } BIO_printf(bp,":%d",ii); @@ -424,7 +417,7 @@ end: const char *ASN1_tag2str(int tag) { - static const char *tag2str[] = { + static const char * const tag2str[] = { "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */ "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */ "ENUMERATED", "", "UTF8STRING", "", /* 10-13 */ diff --git a/src/lib/libcrypto/asn1/asn1t.h b/src/lib/libcrypto/asn1/asn1t.h index ac14f9415b..d230e4bf70 100644 --- a/src/lib/libcrypto/asn1/asn1t.h +++ b/src/lib/libcrypto/asn1/asn1t.h @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -218,6 +218,18 @@ extern "C" { #stname \ ASN1_ITEM_end(tname) +#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \ + ;\ + ASN1_ITEM_start(tname) \ + ASN1_ITYPE_NDEF_SEQUENCE,\ + V_ASN1_SEQUENCE,\ + tname##_seq_tt,\ + sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ + &tname##_aux,\ + sizeof(stname),\ + #stname \ + ASN1_ITEM_end(tname) + /* This pair helps declare a CHOICE type. We can do: * @@ -651,8 +663,13 @@ typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); +typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval, + int indent, const char *fname, + const ASN1_PCTX *pctx); + typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); +typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx); typedef struct ASN1_COMPAT_FUNCS_st { ASN1_new_func *asn1_new; @@ -668,6 +685,7 @@ typedef struct ASN1_EXTERN_FUNCS_st { ASN1_ex_free_func *asn1_ex_clear; ASN1_ex_d2i *asn1_ex_d2i; ASN1_ex_i2d *asn1_ex_i2d; + ASN1_ex_print_func *asn1_ex_print; } ASN1_EXTERN_FUNCS; typedef struct ASN1_PRIMITIVE_FUNCS_st { @@ -678,6 +696,7 @@ typedef struct ASN1_PRIMITIVE_FUNCS_st { ASN1_ex_free_func *prim_clear; ASN1_primitive_c2i *prim_c2i; ASN1_primitive_i2c *prim_i2c; + ASN1_primitive_print *prim_print; } ASN1_PRIMITIVE_FUNCS; /* This is the ASN1_AUX structure: it handles various @@ -697,7 +716,8 @@ typedef struct ASN1_PRIMITIVE_FUNCS_st { * then an external type is more appropriate. */ -typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it); +typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it, + void *exarg); typedef struct ASN1_AUX_st { void *app_data; @@ -708,6 +728,23 @@ typedef struct ASN1_AUX_st { int enc_offset; /* Offset of ASN1_ENCODING structure */ } ASN1_AUX; +/* For print related callbacks exarg points to this structure */ +typedef struct ASN1_PRINT_ARG_st { + BIO *out; + int indent; + const ASN1_PCTX *pctx; +} ASN1_PRINT_ARG; + +/* For streaming related callbacks exarg points to this structure */ +typedef struct ASN1_STREAM_ARG_st { + /* BIO to stream through */ + BIO *out; + /* BIO with filters appended */ + BIO *ndef_bio; + /* Streaming I/O boundary */ + unsigned char **boundary; +} ASN1_STREAM_ARG; + /* Flags in ASN1_AUX */ /* Use a reference count */ @@ -727,6 +764,12 @@ typedef struct ASN1_AUX_st { #define ASN1_OP_D2I_POST 5 #define ASN1_OP_I2D_PRE 6 #define ASN1_OP_I2D_POST 7 +#define ASN1_OP_PRINT_PRE 8 +#define ASN1_OP_PRINT_POST 9 +#define ASN1_OP_STREAM_PRE 10 +#define ASN1_OP_STREAM_POST 11 +#define ASN1_OP_DETACHED_PRE 12 +#define ASN1_OP_DETACHED_POST 13 /* Macro to implement a primitive type */ #define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0) @@ -782,9 +825,22 @@ typedef struct ASN1_AUX_st { #define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) +#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname) + #define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname) +#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \ + pre stname *fname##_new(void) \ + { \ + return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ + } \ + pre void fname##_free(stname *a) \ + { \ + ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \ + } + #define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ stname *fname##_new(void) \ { \ @@ -834,6 +890,17 @@ typedef struct ASN1_AUX_st { return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \ } +#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \ + IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname) + +#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \ + int fname##_print_ctx(BIO *out, stname *x, int indent, \ + const ASN1_PCTX *pctx) \ + { \ + return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \ + ASN1_ITEM_rptr(itname), pctx); \ + } + #define IMPLEMENT_ASN1_FUNCTIONS_const(name) \ IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name) diff --git a/src/lib/libcrypto/asn1/asn_mime.c b/src/lib/libcrypto/asn1/asn_mime.c index d8d9e76cc0..c1d1b12291 100644 --- a/src/lib/libcrypto/asn1/asn_mime.c +++ b/src/lib/libcrypto/asn1/asn_mime.c @@ -59,6 +59,7 @@ #include #include #include +#include "asn1_locl.h" /* Generalised MIME like utilities for streaming ASN1. Although many * have a PKCS7/CMS like flavour others are more general purpose. @@ -86,6 +87,8 @@ STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */ DECLARE_STACK_OF(MIME_HEADER) IMPLEMENT_STACK_OF(MIME_HEADER) +static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags, + const ASN1_ITEM *it); static char * strip_ends(char *name); static char * strip_start(char *name); static char * strip_end(char *name); @@ -107,6 +110,39 @@ static void mime_hdr_free(MIME_HEADER *hdr); #define MAX_SMLEN 1024 #define mime_debug(x) /* x */ +/* Output an ASN1 structure in BER format streaming if necessary */ + +int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, + const ASN1_ITEM *it) + { + /* If streaming create stream BIO and copy all content through it */ + if (flags & SMIME_STREAM) + { + BIO *bio, *tbio; + bio = BIO_new_NDEF(out, val, it); + if (!bio) + { + ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM,ERR_R_MALLOC_FAILURE); + return 0; + } + SMIME_crlf_copy(in, bio, flags); + (void)BIO_flush(bio); + /* Free up successive BIOs until we hit the old output BIO */ + do + { + tbio = BIO_pop(bio); + BIO_free(bio); + bio = tbio; + } while (bio != out); + } + /* else just write out ASN1 structure which will have all content + * stored internally + */ + else + ASN1_item_i2d_bio(it, out, val); + return 1; + } + /* Base 64 read and write of ASN1 structure */ static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags, @@ -123,13 +159,26 @@ static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags, /* prepend the b64 BIO so all data is base64 encoded. */ out = BIO_push(b64, out); - r = ASN1_item_i2d_bio(it, out, val); + r = i2d_ASN1_bio_stream(out, val, in, flags, it); (void)BIO_flush(out); BIO_pop(out); BIO_free(b64); return r; } +/* Streaming ASN1 PEM write */ + +int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, + const char *hdr, + const ASN1_ITEM *it) + { + int r; + BIO_printf(out, "-----BEGIN %s-----\n", hdr); + r = B64_write_ASN1(out, val, in, flags, it); + BIO_printf(out, "-----END %s-----\n", hdr); + return r; + } + static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it) { BIO *b64; @@ -152,7 +201,8 @@ static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it) static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) { - int i, have_unknown = 0, write_comma, md_nid; + const EVP_MD *md; + int i, have_unknown = 0, write_comma, ret = 0, md_nid; have_unknown = 0; write_comma = 0; for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) @@ -161,6 +211,21 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) BIO_write(out, ",", 1); write_comma = 1; md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm); + md = EVP_get_digestbynid(md_nid); + if (md && md->md_ctrl) + { + int rv; + char *micstr; + rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr); + if (rv > 0) + { + BIO_puts(out, micstr); + OPENSSL_free(micstr); + continue; + } + if (rv != -2) + goto err; + } switch(md_nid) { case NID_sha1: @@ -183,6 +248,11 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) BIO_puts(out, "sha-512"); break; + case NID_id_GostR3411_94: + BIO_puts(out, "gostr3411-94"); + goto err; + break; + default: if (have_unknown) write_comma = 0; @@ -196,16 +266,18 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) } } - return 1; + ret = 1; + err: + + return ret; } /* SMIME sender */ -int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, +int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, - asn1_output_data_fn *data_fn, const ASN1_ITEM *it) { char bound[33], c; @@ -243,7 +315,7 @@ int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, mime_eol, mime_eol); /* Now write out the first part */ BIO_printf(bio, "------%s%s", bound, mime_eol); - if (!data_fn(bio, data, val, flags, it)) + if (!asn1_output_data(bio, data, val, flags, it)) return 0; BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol); @@ -296,8 +368,6 @@ int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, return 1; } -#if 0 - /* Handle output of ASN1 data */ @@ -350,8 +420,6 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags, } -#endif - /* SMIME reader: handle multipart/signed and opaque signing. * in multipart case the content is placed in a memory BIO * pointed to by "bcont". In opaque this is set to NULL diff --git a/src/lib/libcrypto/asn1/asn_pack.c b/src/lib/libcrypto/asn1/asn_pack.c index f1a5a05632..ad738217d7 100644 --- a/src/lib/libcrypto/asn1/asn_pack.c +++ b/src/lib/libcrypto/asn1/asn_pack.c @@ -66,10 +66,10 @@ /* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */ -STACK *ASN1_seq_unpack(const unsigned char *buf, int len, - d2i_of_void *d2i,void (*free_func)(void *)) +STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len, + d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK)) { - STACK *sk; + STACK_OF(OPENSSL_BLOCK) *sk; const unsigned char *pbuf; pbuf = buf; if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func, @@ -82,7 +82,7 @@ STACK *ASN1_seq_unpack(const unsigned char *buf, int len, * OPENSSL_malloc'ed buffer */ -unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d, +unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d, unsigned char **buf, int *len) { int safelen; diff --git a/src/lib/libcrypto/asn1/charmap.h b/src/lib/libcrypto/asn1/charmap.h index bd020a9562..b55e638725 100644 --- a/src/lib/libcrypto/asn1/charmap.h +++ b/src/lib/libcrypto/asn1/charmap.h @@ -2,7 +2,7 @@ * Mask of various character properties */ -static unsigned char char_type[] = { +static const unsigned char char_type[] = { 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 120, 0, 1,40, 0, 0, 0,16,16,16, 0,25,25,16,16,16, diff --git a/src/lib/libcrypto/asn1/d2i_pr.c b/src/lib/libcrypto/asn1/d2i_pr.c index 207ccda5ac..2828944777 100644 --- a/src/lib/libcrypto/asn1/d2i_pr.c +++ b/src/lib/libcrypto/asn1/d2i_pr.c @@ -61,16 +61,12 @@ #include #include #include -#include -#ifndef OPENSSL_NO_RSA -#include -#endif -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_EC -#include +#ifndef OPENSSL_NO_ENGINE +#include #endif +#include +#include +#include "asn1_locl.h" EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) @@ -85,47 +81,43 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, return(NULL); } } - else ret= *a; - - ret->save_type=type; - ret->type=EVP_PKEY_type(type); - switch (ret->type) + else { -#ifndef OPENSSL_NO_RSA - case EVP_PKEY_RSA: - if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL, - (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ + ret= *a; +#ifndef OPENSSL_NO_ENGINE + if (ret->engine) { - ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); - goto err; + ENGINE_finish(ret->engine); + ret->engine = NULL; } - break; #endif -#ifndef OPENSSL_NO_DSA - case EVP_PKEY_DSA: - if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL, - (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ + } + + if (!EVP_PKEY_set_type(ret, type)) + { + ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); + goto err; + } + + if (!ret->ameth->old_priv_decode || + !ret->ameth->old_priv_decode(ret, pp, length)) + { + if (ret->ameth->priv_decode) { - ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); - goto err; - } - break; -#endif -#ifndef OPENSSL_NO_EC - case EVP_PKEY_EC: - if ((ret->pkey.ec = d2i_ECPrivateKey(NULL, - (const unsigned char **)pp, length)) == NULL) + PKCS8_PRIV_KEY_INFO *p8=NULL; + p8=d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length); + if (!p8) goto err; + EVP_PKEY_free(ret); + ret = EVP_PKCS82PKEY(p8); + PKCS8_PRIV_KEY_INFO_free(p8); + + } + else { - ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB); + ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); goto err; } - break; -#endif - default: - ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); - goto err; - /* break; */ - } + } if (a != NULL) (*a)=ret; return(ret); err: @@ -146,8 +138,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, * by analyzing it we can determine the passed structure: this * assumes the input is surrounded by an ASN1 SEQUENCE. */ - inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE, - ASN1_TYPE_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); + inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length); /* Since we only need to discern "traditional format" RSA and DSA * keys we can just count the elements. */ @@ -155,6 +146,24 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, keytype = EVP_PKEY_DSA; else if (sk_ASN1_TYPE_num(inkey) == 4) keytype = EVP_PKEY_EC; + else if (sk_ASN1_TYPE_num(inkey) == 3) + { /* This seems to be PKCS8, not traditional format */ + PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length); + EVP_PKEY *ret; + + sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); + if (!p8) + { + ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return NULL; + } + ret = EVP_PKCS82PKEY(p8); + PKCS8_PRIV_KEY_INFO_free(p8); + if (a) { + *a = ret; + } + return ret; + } else keytype = EVP_PKEY_RSA; sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); return d2i_PrivateKey(keytype, a, pp, length); diff --git a/src/lib/libcrypto/asn1/d2i_pu.c b/src/lib/libcrypto/asn1/d2i_pu.c index 3694f51a8c..c8f39ceb03 100644 --- a/src/lib/libcrypto/asn1/d2i_pu.c +++ b/src/lib/libcrypto/asn1/d2i_pu.c @@ -87,9 +87,13 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, } else ret= *a; - ret->save_type=type; - ret->type=EVP_PKEY_type(type); - switch (ret->type) + if (!EVP_PKEY_set_type(ret, type)) + { + ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB); + goto err; + } + + switch (EVP_PKEY_id(ret)) { #ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: diff --git a/src/lib/libcrypto/asn1/f.c b/src/lib/libcrypto/asn1/f.c deleted file mode 100644 index 82bccdfd51..0000000000 --- a/src/lib/libcrypto/asn1/f.c +++ /dev/null @@ -1,80 +0,0 @@ -/* crypto/asn1/f.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include - -main() - { - ASN1_TYPE *at; - char buf[512]; - int n; - long l; - - at=ASN1_TYPE_new(); - - n=ASN1_TYPE_set_int_octetstring(at,98736,"01234567",8); - printf("%d\n",n); - n=ASN1_TYPE_get_int_octetstring(at,&l,buf,8); - buf[8]='\0'; - printf("%ld %d %d\n",l,n,buf[8]); - buf[8]='\0'; - printf("%s\n",buf); - ERR_load_crypto_strings(); - ERR_print_errors_fp(stderr); - } diff --git a/src/lib/libcrypto/asn1/i2d_pr.c b/src/lib/libcrypto/asn1/i2d_pr.c index 0be52c5b76..e398b62666 100644 --- a/src/lib/libcrypto/asn1/i2d_pr.c +++ b/src/lib/libcrypto/asn1/i2d_pr.c @@ -58,41 +58,22 @@ #include #include "cryptlib.h" -#include #include -#include -#ifndef OPENSSL_NO_RSA -#include -#endif -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_EC -#include -#endif +#include +#include "asn1_locl.h" int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) { -#ifndef OPENSSL_NO_RSA - if (a->type == EVP_PKEY_RSA) + if (a->ameth && a->ameth->old_priv_encode) { - return(i2d_RSAPrivateKey(a->pkey.rsa,pp)); + return a->ameth->old_priv_encode(a, pp); } - else -#endif -#ifndef OPENSSL_NO_DSA - if (a->type == EVP_PKEY_DSA) - { - return(i2d_DSAPrivateKey(a->pkey.dsa,pp)); - } -#endif -#ifndef OPENSSL_NO_EC - if (a->type == EVP_PKEY_EC) - { - return(i2d_ECPrivateKey(a->pkey.ec, pp)); - } -#endif - + if (a->ameth && a->ameth->priv_encode) { + PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a); + int ret = i2d_PKCS8_PRIV_KEY_INFO(p8,pp); + PKCS8_PRIV_KEY_INFO_free(p8); + return ret; + } ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); return(-1); } diff --git a/src/lib/libcrypto/asn1/nsseq.c b/src/lib/libcrypto/asn1/nsseq.c index e551c57d59..b8c4202230 100644 --- a/src/lib/libcrypto/asn1/nsseq.c +++ b/src/lib/libcrypto/asn1/nsseq.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -62,7 +62,8 @@ #include #include -static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { if(operation == ASN1_OP_NEW_POST) { NETSCAPE_CERT_SEQUENCE *nsseq; diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c index c4582f8041..94bc38b99f 100644 --- a/src/lib/libcrypto/asn1/p5_pbe.c +++ b/src/lib/libcrypto/asn1/p5_pbe.c @@ -71,61 +71,78 @@ ASN1_SEQUENCE(PBEPARAM) = { IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) -/* Return an algorithm identifier for a PKCS#5 PBE algorithm */ -X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, - int saltlen) -{ +/* Set an algorithm identifier for a PKCS#5 PBE algorithm */ + +int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, + const unsigned char *salt, int saltlen) + { PBEPARAM *pbe=NULL; - ASN1_OBJECT *al; - X509_ALGOR *algor; - ASN1_TYPE *astype=NULL; + ASN1_STRING *pbe_str=NULL; + unsigned char *sstr; - if (!(pbe = PBEPARAM_new ())) { - ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); + pbe = PBEPARAM_new(); + if (!pbe) + { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); goto err; - } - if(iter <= 0) iter = PKCS5_DEFAULT_ITER; - if (!ASN1_INTEGER_set(pbe->iter, iter)) { - ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); + } + if(iter <= 0) + iter = PKCS5_DEFAULT_ITER; + if (!ASN1_INTEGER_set(pbe->iter, iter)) + { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); goto err; - } - if (!saltlen) saltlen = PKCS5_SALT_LEN; - if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { - ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); + } + if (!saltlen) + saltlen = PKCS5_SALT_LEN; + if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) + { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); goto err; - } - pbe->salt->length = saltlen; - if (salt) memcpy (pbe->salt->data, salt, saltlen); - else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0) + } + sstr = ASN1_STRING_data(pbe->salt); + if (salt) + memcpy(sstr, salt, saltlen); + else if (RAND_pseudo_bytes(sstr, saltlen) < 0) goto err; - if (!(astype = ASN1_TYPE_new())) { - ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); + if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) + { + ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); goto err; - } + } - astype->type = V_ASN1_SEQUENCE; - if(!ASN1_pack_string_of(PBEPARAM, pbe, i2d_PBEPARAM, - &astype->value.sequence)) { - ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); - goto err; - } - PBEPARAM_free (pbe); + PBEPARAM_free(pbe); pbe = NULL; - - al = OBJ_nid2obj(alg); /* never need to free al */ - if (!(algor = X509_ALGOR_new())) { - ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); - goto err; - } - ASN1_OBJECT_free(algor->algorithm); - algor->algorithm = al; - algor->parameter = astype; - return (algor); + if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str)) + return 1; + err: - if (pbe != NULL) PBEPARAM_free(pbe); - if (astype != NULL) ASN1_TYPE_free(astype); + if (pbe != NULL) + PBEPARAM_free(pbe); + if (pbe_str != NULL) + ASN1_STRING_free(pbe_str); + return 0; + } + +/* Return an algorithm identifier for a PKCS#5 PBE algorithm */ + +X509_ALGOR *PKCS5_pbe_set(int alg, int iter, + const unsigned char *salt, int saltlen) + { + X509_ALGOR *ret; + ret = X509_ALGOR_new(); + if (!ret) + { + ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); + return NULL; + } + + if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) + return ret; + + X509_ALGOR_free(ret); return NULL; -} + } diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c index 2b0516afee..cb49b6651d 100644 --- a/src/lib/libcrypto/asn1/p5_pbev2.c +++ b/src/lib/libcrypto/asn1/p5_pbev2.c @@ -82,10 +82,13 @@ IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM) /* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: * yes I know this is horrible! + * + * Extended version to allow application supplied PRF NID and IV. */ -X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen) +X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, + unsigned char *salt, int saltlen, + unsigned char *aiv, int prf_nid) { X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL; int alg_nid; @@ -98,7 +101,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, alg_nid = EVP_CIPHER_type(cipher); if(alg_nid == NID_undef) { - ASN1err(ASN1_F_PKCS5_PBE2_SET, + ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); goto err; } @@ -113,20 +116,33 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, if(!(scheme->parameter = ASN1_TYPE_new())) goto merr; /* Create random IV */ - if (EVP_CIPHER_iv_length(cipher) && - RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) - goto err; + if (EVP_CIPHER_iv_length(cipher)) + { + if (aiv) + memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher)); + else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) + goto err; + } EVP_CIPHER_CTX_init(&ctx); - /* Dummy cipherinit to just setup the IV */ + /* Dummy cipherinit to just setup the IV, and PRF */ EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0); if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { - ASN1err(ASN1_F_PKCS5_PBE2_SET, + ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ASN1_R_ERROR_SETTING_CIPHER_PARAMS); EVP_CIPHER_CTX_cleanup(&ctx); goto err; } + /* If prf NID unspecified see if cipher has a preference. + * An error is OK here: just means use default PRF. + */ + if ((prf_nid == -1) && + EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) + { + ERR_clear_error(); + prf_nid = NID_hmacWithSHA1; + } EVP_CIPHER_CTX_cleanup(&ctx); if(!(kdf = PBKDF2PARAM_new())) goto merr; @@ -154,7 +170,15 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, EVP_CIPHER_key_length(cipher))) goto merr; } - /* prf can stay NULL because we are using hmacWithSHA1 */ + /* prf can stay NULL if we are using hmacWithSHA1 */ + if (prf_nid != NID_hmacWithSHA1) + { + kdf->prf = X509_ALGOR_new(); + if (!kdf->prf) + goto merr; + X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), + V_ASN1_NULL, NULL); + } /* Now setup the PBE2PARAM keyfunc structure */ @@ -164,7 +188,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr; - if(!ASN1_pack_string_of(PBKDF2PARAM, kdf, i2d_PBKDF2PARAM, + if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM), &pbe2->keyfunc->parameter->value.sequence)) goto merr; pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE; @@ -180,7 +204,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, /* Encode PBE2PARAM into parameter */ - if(!ASN1_pack_string_of(PBE2PARAM, pbe2, i2d_PBE2PARAM, + if(!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM), &ret->parameter->value.sequence)) goto merr; ret->parameter->type = V_ASN1_SEQUENCE; @@ -190,7 +214,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, return ret; merr: - ASN1err(ASN1_F_PKCS5_PBE2_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,ERR_R_MALLOC_FAILURE); err: PBE2PARAM_free(pbe2); @@ -203,3 +227,9 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, return NULL; } + +X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, + unsigned char *salt, int saltlen) + { + return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1); + } diff --git a/src/lib/libcrypto/asn1/p8_key.c b/src/lib/libcrypto/asn1/p8_key.c deleted file mode 100644 index 3a31248e14..0000000000 --- a/src/lib/libcrypto/asn1/p8_key.c +++ /dev/null @@ -1,131 +0,0 @@ -/* crypto/asn1/p8_key.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2d_X509_KEY(X509 *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF); - M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF); - M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -X509 *d2i_X509_KEY(X509 **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509 *,X509_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF); - M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509); - } - -X509 *X509_KEY_new(void) - { - X509_KEY *ret=NULL; - - M_ASN1_New_OPENSSL_malloc(ret,X509_KEY); - ret->references=1; - ret->type=NID - M_ASN1_New(ret->cert_info,X509_CINF_new); - M_ASN1_New(ret->sig_alg,X509_ALGOR_new); - M_ASN1_New(ret->signature,ASN1_BIT_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_NEW); - } - -void X509_KEY_free(X509 *a) - { - int i; - - if (a == NULL) return; - - i=CRYPTO_add_lock(&a->references,-1,CRYPTO_LOCK_X509_KEY); -#ifdef REF_PRINT - REF_PRINT("X509_KEY",a); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_KEY_free, bad reference count\n"); - abort(); - } -#endif - - X509_CINF_free(a->cert_info); - X509_ALGOR_free(a->sig_alg); - ASN1_BIT_STRING_free(a->signature); - OPENSSL_free(a); - } - diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c index 0a1957556e..17b68d386d 100644 --- a/src/lib/libcrypto/asn1/p8_pkey.c +++ b/src/lib/libcrypto/asn1/p8_pkey.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -62,7 +62,8 @@ #include /* Minor tweak to operation: zero private key data */ -static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { /* Since the structure must still be valid use ASN1_OP_FREE_PRE */ if(operation == ASN1_OP_FREE_PRE) { @@ -82,3 +83,73 @@ ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = { } ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) + +int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, + int version, + int ptype, void *pval, + unsigned char *penc, int penclen) + { + unsigned char **ppenc = NULL; + if (version >= 0) + { + if (!ASN1_INTEGER_set(priv->version, version)) + return 0; + } + if (penc) + { + int pmtype; + ASN1_OCTET_STRING *oct; + oct = ASN1_OCTET_STRING_new(); + if (!oct) + return 0; + oct->data = penc; + ppenc = &oct->data; + oct->length = penclen; + if (priv->broken == PKCS8_NO_OCTET) + pmtype = V_ASN1_SEQUENCE; + else + pmtype = V_ASN1_OCTET_STRING; + ASN1_TYPE_set(priv->pkey, pmtype, oct); + } + if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) + { + /* If call fails do not swallow 'enc' */ + if (ppenc) + *ppenc = NULL; + return 0; + } + return 1; + } + +int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, + const unsigned char **pk, int *ppklen, + X509_ALGOR **pa, + PKCS8_PRIV_KEY_INFO *p8) + { + if (ppkalg) + *ppkalg = p8->pkeyalg->algorithm; + if(p8->pkey->type == V_ASN1_OCTET_STRING) + { + p8->broken = PKCS8_OK; + if (pk) + { + *pk = p8->pkey->value.octet_string->data; + *ppklen = p8->pkey->value.octet_string->length; + } + } + else if (p8->pkey->type == V_ASN1_SEQUENCE) + { + p8->broken = PKCS8_NO_OCTET; + if (pk) + { + *pk = p8->pkey->value.sequence->data; + *ppklen = p8->pkey->value.sequence->length; + } + } + else + return 0; + if (pa) + *pa = p8->pkeyalg; + return 1; + } + diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c index afb95d6712..9dd18f6579 100644 --- a/src/lib/libcrypto/asn1/t_pkey.c +++ b/src/lib/libcrypto/asn1/t_pkey.c @@ -55,520 +55,15 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * Binary polynomial ECC support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ #include #include "cryptlib.h" #include #include #include -#ifndef OPENSSL_NO_RSA -#include -#endif -#ifndef OPENSSL_NO_DH -#include -#endif -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_EC -#include -#endif - -static int print(BIO *fp,const char *str, const BIGNUM *num, - unsigned char *buf,int off); -#ifndef OPENSSL_NO_EC -static int print_bin(BIO *fp, const char *str, const unsigned char *num, - size_t len, int off); -#endif -#ifndef OPENSSL_NO_RSA -#ifndef OPENSSL_NO_FP_API -int RSA_print_fp(FILE *fp, const RSA *x, int off) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=RSA_print(b,x,off); - BIO_free(b); - return(ret); - } -#endif - -int RSA_print(BIO *bp, const RSA *x, int off) - { - char str[128]; - const char *s; - unsigned char *m=NULL; - int ret=0, mod_len = 0; - size_t buf_len=0, i; - - if (x->n) - buf_len = (size_t)BN_num_bytes(x->n); - if (x->e) - if (buf_len < (i = (size_t)BN_num_bytes(x->e))) - buf_len = i; - if (x->d) - if (buf_len < (i = (size_t)BN_num_bytes(x->d))) - buf_len = i; - if (x->p) - if (buf_len < (i = (size_t)BN_num_bytes(x->p))) - buf_len = i; - if (x->q) - if (buf_len < (i = (size_t)BN_num_bytes(x->q))) - buf_len = i; - if (x->dmp1) - if (buf_len < (i = (size_t)BN_num_bytes(x->dmp1))) - buf_len = i; - if (x->dmq1) - if (buf_len < (i = (size_t)BN_num_bytes(x->dmq1))) - buf_len = i; - if (x->iqmp) - if (buf_len < (i = (size_t)BN_num_bytes(x->iqmp))) - buf_len = i; - - m=(unsigned char *)OPENSSL_malloc(buf_len+10); - if (m == NULL) - { - RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (x->n != NULL) - mod_len = BN_num_bits(x->n); - - if (x->d != NULL) - { - if(!BIO_indent(bp,off,128)) - goto err; - if (BIO_printf(bp,"Private-Key: (%d bit)\n", mod_len) - <= 0) goto err; - } - - if (x->d == NULL) - BIO_snprintf(str,sizeof str,"Modulus (%d bit):", mod_len); - else - BUF_strlcpy(str,"modulus:",sizeof str); - if (!print(bp,str,x->n,m,off)) goto err; - s=(x->d == NULL)?"Exponent:":"publicExponent:"; - if ((x->e != NULL) && !print(bp,s,x->e,m,off)) - goto err; - if ((x->d != NULL) && !print(bp,"privateExponent:",x->d,m,off)) - goto err; - if ((x->p != NULL) && !print(bp,"prime1:",x->p,m,off)) - goto err; - if ((x->q != NULL) && !print(bp,"prime2:",x->q,m,off)) - goto err; - if ((x->dmp1 != NULL) && !print(bp,"exponent1:",x->dmp1,m,off)) - goto err; - if ((x->dmq1 != NULL) && !print(bp,"exponent2:",x->dmq1,m,off)) - goto err; - if ((x->iqmp != NULL) && !print(bp,"coefficient:",x->iqmp,m,off)) - goto err; - ret=1; -err: - if (m != NULL) OPENSSL_free(m); - return(ret); - } -#endif /* OPENSSL_NO_RSA */ - -#ifndef OPENSSL_NO_DSA -#ifndef OPENSSL_NO_FP_API -int DSA_print_fp(FILE *fp, const DSA *x, int off) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=DSA_print(b,x,off); - BIO_free(b); - return(ret); - } -#endif - -int DSA_print(BIO *bp, const DSA *x, int off) - { - unsigned char *m=NULL; - int ret=0; - size_t buf_len=0,i; - - if (x->p) - buf_len = (size_t)BN_num_bytes(x->p); - else - { - DSAerr(DSA_F_DSA_PRINT,DSA_R_MISSING_PARAMETERS); - goto err; - } - if (x->q) - if (buf_len < (i = (size_t)BN_num_bytes(x->q))) - buf_len = i; - if (x->g) - if (buf_len < (i = (size_t)BN_num_bytes(x->g))) - buf_len = i; - if (x->priv_key) - if (buf_len < (i = (size_t)BN_num_bytes(x->priv_key))) - buf_len = i; - if (x->pub_key) - if (buf_len < (i = (size_t)BN_num_bytes(x->pub_key))) - buf_len = i; - - m=(unsigned char *)OPENSSL_malloc(buf_len+10); - if (m == NULL) - { - DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (x->priv_key != NULL) - { - if(!BIO_indent(bp,off,128)) - goto err; - if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p)) - <= 0) goto err; - } - - if ((x->priv_key != NULL) && !print(bp,"priv:",x->priv_key,m,off)) - goto err; - if ((x->pub_key != NULL) && !print(bp,"pub: ",x->pub_key,m,off)) - goto err; - if ((x->p != NULL) && !print(bp,"P: ",x->p,m,off)) goto err; - if ((x->q != NULL) && !print(bp,"Q: ",x->q,m,off)) goto err; - if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err; - ret=1; -err: - if (m != NULL) OPENSSL_free(m); - return(ret); - } -#endif /* !OPENSSL_NO_DSA */ - -#ifndef OPENSSL_NO_EC -#ifndef OPENSSL_NO_FP_API -int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - ECerr(EC_F_ECPKPARAMETERS_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = ECPKParameters_print(b, x, off); - BIO_free(b); - return(ret); - } - -int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB); - return(0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = EC_KEY_print(b, x, off); - BIO_free(b); - return(ret); - } -#endif - -int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) - { - unsigned char *buffer=NULL; - size_t buf_len=0, i; - int ret=0, reason=ERR_R_BIO_LIB; - BN_CTX *ctx=NULL; - const EC_POINT *point=NULL; - BIGNUM *p=NULL, *a=NULL, *b=NULL, *gen=NULL, - *order=NULL, *cofactor=NULL; - const unsigned char *seed; - size_t seed_len=0; - - static const char *gen_compressed = "Generator (compressed):"; - static const char *gen_uncompressed = "Generator (uncompressed):"; - static const char *gen_hybrid = "Generator (hybrid):"; - - if (!x) - { - reason = ERR_R_PASSED_NULL_PARAMETER; - goto err; - } - - if (EC_GROUP_get_asn1_flag(x)) - { - /* the curve parameter are given by an asn1 OID */ - int nid; - - if (!BIO_indent(bp, off, 128)) - goto err; - - nid = EC_GROUP_get_curve_name(x); - if (nid == 0) - goto err; - - if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0) - goto err; - if (BIO_printf(bp, "\n") <= 0) - goto err; - } - else - { - /* explicit parameters */ - int is_char_two = 0; - point_conversion_form_t form; - int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x)); - - if (tmp_nid == NID_X9_62_characteristic_two_field) - is_char_two = 1; - - if ((p = BN_new()) == NULL || (a = BN_new()) == NULL || - (b = BN_new()) == NULL || (order = BN_new()) == NULL || - (cofactor = BN_new()) == NULL) - { - reason = ERR_R_MALLOC_FAILURE; - goto err; - } - - if (is_char_two) - { - if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx)) - { - reason = ERR_R_EC_LIB; - goto err; - } - } - else /* prime field */ - { - if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) - { - reason = ERR_R_EC_LIB; - goto err; - } - } - - if ((point = EC_GROUP_get0_generator(x)) == NULL) - { - reason = ERR_R_EC_LIB; - goto err; - } - if (!EC_GROUP_get_order(x, order, NULL) || - !EC_GROUP_get_cofactor(x, cofactor, NULL)) - { - reason = ERR_R_EC_LIB; - goto err; - } - - form = EC_GROUP_get_point_conversion_form(x); - - if ((gen = EC_POINT_point2bn(x, point, - form, NULL, ctx)) == NULL) - { - reason = ERR_R_EC_LIB; - goto err; - } - - buf_len = (size_t)BN_num_bytes(p); - if (buf_len < (i = (size_t)BN_num_bytes(a))) - buf_len = i; - if (buf_len < (i = (size_t)BN_num_bytes(b))) - buf_len = i; - if (buf_len < (i = (size_t)BN_num_bytes(gen))) - buf_len = i; - if (buf_len < (i = (size_t)BN_num_bytes(order))) - buf_len = i; - if (buf_len < (i = (size_t)BN_num_bytes(cofactor))) - buf_len = i; - - if ((seed = EC_GROUP_get0_seed(x)) != NULL) - seed_len = EC_GROUP_get_seed_len(x); - - buf_len += 10; - if ((buffer = OPENSSL_malloc(buf_len)) == NULL) - { - reason = ERR_R_MALLOC_FAILURE; - goto err; - } - - if (!BIO_indent(bp, off, 128)) - goto err; - - /* print the 'short name' of the field type */ - if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid)) - <= 0) - goto err; - - if (is_char_two) - { - /* print the 'short name' of the base type OID */ - int basis_type = EC_GROUP_get_basis_type(x); - if (basis_type == 0) - goto err; - - if (!BIO_indent(bp, off, 128)) - goto err; - - if (BIO_printf(bp, "Basis Type: %s\n", - OBJ_nid2sn(basis_type)) <= 0) - goto err; - - /* print the polynomial */ - if ((p != NULL) && !print(bp, "Polynomial:", p, buffer, - off)) - goto err; - } - else - { - if ((p != NULL) && !print(bp, "Prime:", p, buffer,off)) - goto err; - } - if ((a != NULL) && !print(bp, "A: ", a, buffer, off)) - goto err; - if ((b != NULL) && !print(bp, "B: ", b, buffer, off)) - goto err; - if (form == POINT_CONVERSION_COMPRESSED) - { - if ((gen != NULL) && !print(bp, gen_compressed, gen, - buffer, off)) - goto err; - } - else if (form == POINT_CONVERSION_UNCOMPRESSED) - { - if ((gen != NULL) && !print(bp, gen_uncompressed, gen, - buffer, off)) - goto err; - } - else /* form == POINT_CONVERSION_HYBRID */ - { - if ((gen != NULL) && !print(bp, gen_hybrid, gen, - buffer, off)) - goto err; - } - if ((order != NULL) && !print(bp, "Order: ", order, - buffer, off)) goto err; - if ((cofactor != NULL) && !print(bp, "Cofactor: ", cofactor, - buffer, off)) goto err; - if (seed && !print_bin(bp, "Seed:", seed, seed_len, off)) - goto err; - } - ret=1; -err: - if (!ret) - ECerr(EC_F_ECPKPARAMETERS_PRINT, reason); - if (p) - BN_free(p); - if (a) - BN_free(a); - if (b) - BN_free(b); - if (gen) - BN_free(gen); - if (order) - BN_free(order); - if (cofactor) - BN_free(cofactor); - if (ctx) - BN_CTX_free(ctx); - if (buffer != NULL) - OPENSSL_free(buffer); - return(ret); - } -int EC_KEY_print(BIO *bp, const EC_KEY *x, int off) - { - unsigned char *buffer=NULL; - size_t buf_len=0, i; - int ret=0, reason=ERR_R_BIO_LIB; - BIGNUM *pub_key=NULL, *order=NULL; - BN_CTX *ctx=NULL; - const EC_GROUP *group; - const EC_POINT *public_key; - const BIGNUM *priv_key; - - if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) - { - reason = ERR_R_PASSED_NULL_PARAMETER; - goto err; - } - - public_key = EC_KEY_get0_public_key(x); - if ((pub_key = EC_POINT_point2bn(group, public_key, - EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) - { - reason = ERR_R_EC_LIB; - goto err; - } - - buf_len = (size_t)BN_num_bytes(pub_key); - priv_key = EC_KEY_get0_private_key(x); - if (priv_key != NULL) - { - if ((i = (size_t)BN_num_bytes(priv_key)) > buf_len) - buf_len = i; - } - - buf_len += 10; - if ((buffer = OPENSSL_malloc(buf_len)) == NULL) - { - reason = ERR_R_MALLOC_FAILURE; - goto err; - } - - if (priv_key != NULL) - { - if (!BIO_indent(bp, off, 128)) - goto err; - if ((order = BN_new()) == NULL) - goto err; - if (!EC_GROUP_get_order(group, order, NULL)) - goto err; - if (BIO_printf(bp, "Private-Key: (%d bit)\n", - BN_num_bits(order)) <= 0) goto err; - } - - if ((priv_key != NULL) && !print(bp, "priv:", priv_key, - buffer, off)) - goto err; - if ((pub_key != NULL) && !print(bp, "pub: ", pub_key, - buffer, off)) - goto err; - if (!ECPKParameters_print(bp, group, off)) - goto err; - ret=1; -err: - if (!ret) - ECerr(EC_F_EC_KEY_PRINT, reason); - if (pub_key) - BN_free(pub_key); - if (order) - BN_free(order); - if (ctx) - BN_CTX_free(ctx); - if (buffer != NULL) - OPENSSL_free(buffer); - return(ret); - } -#endif /* OPENSSL_NO_EC */ - -static int print(BIO *bp, const char *number, const BIGNUM *num, unsigned char *buf, - int off) +int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num, + unsigned char *buf, int off) { int n,i; const char *neg; @@ -617,223 +112,3 @@ static int print(BIO *bp, const char *number, const BIGNUM *num, unsigned char * } return(1); } - -#ifndef OPENSSL_NO_EC -static int print_bin(BIO *fp, const char *name, const unsigned char *buf, - size_t len, int off) - { - size_t i; - char str[128]; - - if (buf == NULL) - return 1; - if (off) - { - if (off > 128) - off=128; - memset(str,' ',off); - if (BIO_write(fp, str, off) <= 0) - return 0; - } - - if (BIO_printf(fp,"%s", name) <= 0) - return 0; - - for (i=0; ip) - buf_len = (size_t)BN_num_bytes(x->p); - else - { - reason = ERR_R_PASSED_NULL_PARAMETER; - goto err; - } - if (x->g) - if (buf_len < (i = (size_t)BN_num_bytes(x->g))) - buf_len = i; - m=(unsigned char *)OPENSSL_malloc(buf_len+10); - if (m == NULL) - { - reason=ERR_R_MALLOC_FAILURE; - goto err; - } - - if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n", - BN_num_bits(x->p)) <= 0) - goto err; - if (!print(bp,"prime:",x->p,m,4)) goto err; - if (!print(bp,"generator:",x->g,m,4)) goto err; - if (x->length != 0) - { - if (BIO_printf(bp," recommended-private-length: %d bits\n", - (int)x->length) <= 0) goto err; - } - ret=1; - if (0) - { -err: - DHerr(DH_F_DHPARAMS_PRINT,reason); - } - if (m != NULL) OPENSSL_free(m); - return(ret); - } -#endif - -#ifndef OPENSSL_NO_DSA -#ifndef OPENSSL_NO_FP_API -int DSAparams_print_fp(FILE *fp, const DSA *x) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=DSAparams_print(b, x); - BIO_free(b); - return(ret); - } -#endif - -int DSAparams_print(BIO *bp, const DSA *x) - { - unsigned char *m=NULL; - int ret=0; - size_t buf_len=0,i; - - if (x->p) - buf_len = (size_t)BN_num_bytes(x->p); - else - { - DSAerr(DSA_F_DSAPARAMS_PRINT,DSA_R_MISSING_PARAMETERS); - goto err; - } - if (x->q) - if (buf_len < (i = (size_t)BN_num_bytes(x->q))) - buf_len = i; - if (x->g) - if (buf_len < (i = (size_t)BN_num_bytes(x->g))) - buf_len = i; - m=(unsigned char *)OPENSSL_malloc(buf_len+10); - if (m == NULL) - { - DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (BIO_printf(bp,"DSA-Parameters: (%d bit)\n", - BN_num_bits(x->p)) <= 0) - goto err; - if (!print(bp,"p:",x->p,m,4)) goto err; - if ((x->q != NULL) && !print(bp,"q:",x->q,m,4)) goto err; - if ((x->g != NULL) && !print(bp,"g:",x->g,m,4)) goto err; - ret=1; -err: - if (m != NULL) OPENSSL_free(m); - return(ret); - } - -#endif /* !OPENSSL_NO_DSA */ - -#ifndef OPENSSL_NO_EC -#ifndef OPENSSL_NO_FP_API -int ECParameters_print_fp(FILE *fp, const EC_KEY *x) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB); - return(0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = ECParameters_print(b, x); - BIO_free(b); - return(ret); - } -#endif - -int ECParameters_print(BIO *bp, const EC_KEY *x) - { - int reason=ERR_R_EC_LIB, ret=0; - BIGNUM *order=NULL; - const EC_GROUP *group; - - if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) - { - reason = ERR_R_PASSED_NULL_PARAMETER;; - goto err; - } - - if ((order = BN_new()) == NULL) - { - reason = ERR_R_MALLOC_FAILURE; - goto err; - } - - if (!EC_GROUP_get_order(group, order, NULL)) - { - reason = ERR_R_EC_LIB; - goto err; - } - - if (BIO_printf(bp, "ECDSA-Parameters: (%d bit)\n", - BN_num_bits(order)) <= 0) - goto err; - if (!ECPKParameters_print(bp, group, 4)) - goto err; - ret=1; -err: - if (order) - BN_free(order); - ECerr(EC_F_ECPARAMETERS_PRINT, reason); - return(ret); - } - -#endif diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c index 5557e06584..ea1794e3e0 100644 --- a/src/lib/libcrypto/asn1/t_req.c +++ b/src/lib/libcrypto/asn1/t_req.c @@ -149,34 +149,10 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long ERR_print_errors(bp); } else -#ifndef OPENSSL_NO_RSA - if (pkey->type == EVP_PKEY_RSA) - { - BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", - BN_num_bits(pkey->pkey.rsa->n)); - RSA_print(bp,pkey->pkey.rsa,16); - } - else -#endif -#ifndef OPENSSL_NO_DSA - if (pkey->type == EVP_PKEY_DSA) { - BIO_printf(bp,"%12sDSA Public Key:\n",""); - DSA_print(bp,pkey->pkey.dsa,16); + EVP_PKEY_print_public(bp, pkey, 16, NULL); + EVP_PKEY_free(pkey); } - else -#endif -#ifndef OPENSSL_NO_EC - if (pkey->type == EVP_PKEY_EC) - { - BIO_printf(bp, "%12sEC Public Key: \n",""); - EC_KEY_print(bp, pkey->pkey.ec, 16); - } - else -#endif - BIO_printf(bp,"%12sUnknown Public Key:\n",""); - - EVP_PKEY_free(pkey); } if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) diff --git a/src/lib/libcrypto/asn1/t_spki.c b/src/lib/libcrypto/asn1/t_spki.c index a73369b949..079c081a81 100644 --- a/src/lib/libcrypto/asn1/t_spki.c +++ b/src/lib/libcrypto/asn1/t_spki.c @@ -82,36 +82,11 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki) (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); pkey = X509_PUBKEY_get(spki->spkac->pubkey); if(!pkey) BIO_printf(out, " Unable to load public key\n"); - else { -#ifndef OPENSSL_NO_RSA - if (pkey->type == EVP_PKEY_RSA) - { - BIO_printf(out," RSA Public Key: (%d bit)\n", - BN_num_bits(pkey->pkey.rsa->n)); - RSA_print(out,pkey->pkey.rsa,2); - } - else -#endif -#ifndef OPENSSL_NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - BIO_printf(out," DSA Public Key:\n"); - DSA_print(out,pkey->pkey.dsa,2); - } - else -#endif -#ifndef OPENSSL_NO_EC - if (pkey->type == EVP_PKEY_EC) + else { - BIO_printf(out, " EC Public Key:\n"); - EC_KEY_print(out, pkey->pkey.ec,2); - } - else -#endif - - BIO_printf(out," Unknown Public Key:\n"); + EVP_PKEY_print_public(out, pkey, 4, NULL); EVP_PKEY_free(pkey); - } + } chal = spki->spkac->challenge; if(chal->length) BIO_printf(out, " Challenge String: %s\n", chal->data); diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c index 8f746f9c05..e061f2ffad 100644 --- a/src/lib/libcrypto/asn1/t_x509.c +++ b/src/lib/libcrypto/asn1/t_x509.c @@ -111,7 +111,6 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) ASN1_INTEGER *bs; EVP_PKEY *pkey=NULL; const char *neg; - ASN1_STRING *str=NULL; if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { mlch = '\n'; @@ -215,34 +214,10 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) ERR_print_errors(bp); } else -#ifndef OPENSSL_NO_RSA - if (pkey->type == EVP_PKEY_RSA) - { - BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", - BN_num_bits(pkey->pkey.rsa->n)); - RSA_print(bp,pkey->pkey.rsa,16); - } - else -#endif -#ifndef OPENSSL_NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - BIO_printf(bp,"%12sDSA Public Key:\n",""); - DSA_print(bp,pkey->pkey.dsa,16); - } - else -#endif -#ifndef OPENSSL_NO_EC - if (pkey->type == EVP_PKEY_EC) { - BIO_printf(bp, "%12sEC Public Key:\n",""); - EC_KEY_print(bp, pkey->pkey.ec, 16); + EVP_PKEY_print_public(bp, pkey, 16, NULL); + EVP_PKEY_free(pkey); } - else -#endif - BIO_printf(bp,"%12sUnknown Public Key:\n",""); - - EVP_PKEY_free(pkey); } if (!(cflag & X509_FLAG_NO_EXTENSIONS)) @@ -259,7 +234,6 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) } ret=1; err: - if (str != NULL) ASN1_STRING_free(str); if (m != NULL) OPENSSL_free(m); return(ret); } @@ -329,14 +303,15 @@ int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig) return 1; } -int ASN1_STRING_print(BIO *bp, ASN1_STRING *v) +int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v) { int i,n; - char buf[80],*p; + char buf[80]; + const char *p; if (v == NULL) return(0); n=0; - p=(char *)v->data; + p=(const char *)v->data; for (i=0; ilength; i++) { if ((p[i] > '~') || ((p[i] < ' ') && @@ -358,7 +333,7 @@ int ASN1_STRING_print(BIO *bp, ASN1_STRING *v) return(1); } -int ASN1_TIME_print(BIO *bp, ASN1_TIME *tm) +int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) { if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm); if(tm->type == V_ASN1_GENERALIZEDTIME) @@ -373,12 +348,14 @@ static const char *mon[12]= "Jul","Aug","Sep","Oct","Nov","Dec" }; -int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm) +int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm) { char *v; int gmt=0; int i; int y=0,M=0,d=0,h=0,m=0,s=0; + char *f = NULL; + int f_len = 0; i=tm->length; v=(char *)tm->data; @@ -396,10 +373,21 @@ int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm) if (tm->length >= 14 && (v[12] >= '0') && (v[12] <= '9') && (v[13] >= '0') && (v[13] <= '9')) + { s= (v[12]-'0')*10+(v[13]-'0'); + /* Check for fractions of seconds. */ + if (tm->length >= 15 && v[14] == '.') + { + int l = tm->length; + f = &v[14]; /* The decimal point. */ + f_len = 1; + while (14 + f_len < l && f[f_len] >= '0' && f[f_len] <= '9') + ++f_len; + } + } - if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s", - mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0) + if (BIO_printf(bp,"%s %2d %02d:%02d:%02d%.*s %d%s", + mon[M-1],d,h,m,s,f_len,f,y,(gmt)?" GMT":"") <= 0) return(0); else return(1); @@ -408,15 +396,15 @@ err: return(0); } -int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm) +int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm) { - char *v; + const char *v; int gmt=0; int i; int y=0,M=0,d=0,h=0,m=0,s=0; i=tm->length; - v=(char *)tm->data; + v=(const char *)tm->data; if (i < 10) goto err; if (v[i-1] == 'Z') gmt=1; diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c index 48bc1c0d4d..3bee439968 100644 --- a/src/lib/libcrypto/asn1/tasn_dec.c +++ b/src/lib/libcrypto/asn1/tasn_dec.c @@ -114,6 +114,8 @@ unsigned long ASN1_tag2bit(int tag) /* Macro to initialize and invalidate the cache */ #define asn1_tlc_clear(c) if (c) (c)->valid = 0 +/* Version to avoid compiler warning about 'c' always non-NULL */ +#define asn1_tlc_clear_nc(c) (c)->valid = 0 /* Decode an ASN1 item, this currently behaves just * like a standard 'd2i' function. 'in' points to @@ -130,7 +132,7 @@ ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, ASN1_VALUE *ptmpval = NULL; if (!pval) pval = &ptmpval; - c.valid = 0; + asn1_tlc_clear_nc(&c); if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) return *pval; return NULL; @@ -140,7 +142,7 @@ int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt) { ASN1_TLC c; - c.valid = 0; + asn1_tlc_clear_nc(&c); return asn1_template_ex_d2i(pval, in, len, tt, 0, &c); } @@ -306,7 +308,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, case ASN1_ITYPE_CHOICE: - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) goto auxerr; /* Allocate structure */ @@ -356,7 +358,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, asn1_set_choice_selector(pval, i, it); *in = p; - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL)) goto auxerr; return 1; @@ -403,7 +405,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, goto err; } - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) goto auxerr; /* Get each field entry */ @@ -505,7 +507,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, if (!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr; *in = p; - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL)) goto auxerr; return 1; @@ -665,11 +667,12 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, else { /* We've got a valid STACK: free up any items present */ - STACK *sktmp = (STACK *)*val; + STACK_OF(ASN1_VALUE) *sktmp + = (STACK_OF(ASN1_VALUE) *)*val; ASN1_VALUE *vtmp; - while(sk_num(sktmp) > 0) + while(sk_ASN1_VALUE_num(sktmp) > 0) { - vtmp = (ASN1_VALUE *)sk_pop(sktmp); + vtmp = sk_ASN1_VALUE_pop(sktmp); ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item)); } @@ -710,7 +713,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, goto err; } len -= p - q; - if (!sk_push((STACK *)*val, (char *)skfield)) + if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, + skfield)) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE); diff --git a/src/lib/libcrypto/asn1/tasn_enc.c b/src/lib/libcrypto/asn1/tasn_enc.c index 2721f904a6..936ad1f767 100644 --- a/src/lib/libcrypto/asn1/tasn_enc.c +++ b/src/lib/libcrypto/asn1/tasn_enc.c @@ -158,7 +158,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); case ASN1_ITYPE_CHOICE: - if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) return 0; i = asn1_get_choice_selector(pval, it); if ((i >= 0) && (i < it->tcount)) @@ -171,7 +171,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, -1, aclass); } /* Fixme: error condition if selector out of range */ - if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL)) return 0; break; @@ -216,7 +216,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, aclass = (aclass & ~ASN1_TFLG_TAG_CLASS) | V_ASN1_UNIVERSAL; } - if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) return 0; /* First work out sequence content length */ for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) @@ -250,7 +250,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, } if (ndef == 2) ASN1_put_eoc(out); - if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL)) return 0; return seqlen; @@ -569,7 +569,8 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, ASN1_STRING *strtmp; ASN1_OBJECT *otmp; int utype; - unsigned char *cont, c; + const unsigned char *cont; + unsigned char c; int len; const ASN1_PRIMITIVE_FUNCS *pf; pf = it->funcs; diff --git a/src/lib/libcrypto/asn1/tasn_fre.c b/src/lib/libcrypto/asn1/tasn_fre.c index d7c017fa1d..77d3092d31 100644 --- a/src/lib/libcrypto/asn1/tasn_fre.c +++ b/src/lib/libcrypto/asn1/tasn_fre.c @@ -110,7 +110,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c case ASN1_ITYPE_CHOICE: if (asn1_cb) { - i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); + i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL); if (i == 2) return; } @@ -123,7 +123,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c ASN1_template_free(pchval, tt); } if (asn1_cb) - asn1_cb(ASN1_OP_FREE_POST, pval, it); + asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); if (!combine) { OPENSSL_free(*pval); @@ -149,7 +149,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c return; if (asn1_cb) { - i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); + i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL); if (i == 2) return; } @@ -170,7 +170,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c ASN1_template_free(pseqval, seqtt); } if (asn1_cb) - asn1_cb(ASN1_OP_FREE_POST, pval, it); + asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); if (!combine) { OPENSSL_free(*pval); diff --git a/src/lib/libcrypto/asn1/tasn_new.c b/src/lib/libcrypto/asn1/tasn_new.c index 5c6a2ebd4d..0d9e78cc7c 100644 --- a/src/lib/libcrypto/asn1/tasn_new.c +++ b/src/lib/libcrypto/asn1/tasn_new.c @@ -68,7 +68,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine); static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); +static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it) { @@ -146,7 +146,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, case ASN1_ITYPE_CHOICE: if (asn1_cb) { - i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); + i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL); if (!i) goto auxerr; if (i==2) @@ -166,7 +166,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, memset(*pval, 0, it->size); } asn1_set_choice_selector(pval, -1, it); - if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL)) goto auxerr; break; @@ -174,7 +174,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, case ASN1_ITYPE_SEQUENCE: if (asn1_cb) { - i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); + i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL); if (!i) goto auxerr; if (i==2) @@ -201,7 +201,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, if (!ASN1_template_new(pseqval, tt)) goto memerr; } - if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL)) goto auxerr; break; } @@ -325,6 +325,7 @@ static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) { ASN1_TYPE *typ; + ASN1_STRING *str; int utype; if (it && it->funcs) @@ -345,10 +346,7 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) return 1; case V_ASN1_BOOLEAN: - if (it) - *(ASN1_BOOLEAN *)pval = it->size; - else - *(ASN1_BOOLEAN *)pval = -1; + *(ASN1_BOOLEAN *)pval = it->size; return 1; case V_ASN1_NULL: @@ -365,7 +363,10 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) break; default: - *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype); + str = ASN1_STRING_type_new(utype); + if (it->itype == ASN1_ITYPE_MSTRING && str) + str->flags |= ASN1_STRING_FLAG_MSTRING; + *pval = (ASN1_VALUE *)str; break; } if (*pval) @@ -373,7 +374,7 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) return 0; } -void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) +static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) { int utype; if (it && it->funcs) diff --git a/src/lib/libcrypto/asn1/tasn_prn.c b/src/lib/libcrypto/asn1/tasn_prn.c index b9c96a6dbe..453698012d 100644 --- a/src/lib/libcrypto/asn1/tasn_prn.c +++ b/src/lib/libcrypto/asn1/tasn_prn.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000,2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -58,141 +58,570 @@ #include +#include "cryptlib.h" #include +#include #include #include #include -#include +#include +#include "asn1_locl.h" -/* Print routines. Print out a whole structure from a template. +/* Print routines. */ -static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name); +/* ASN1_PCTX routines */ -int ASN1_item_print(BIO *out, void *fld, int indent, const ASN1_ITEM *it) -{ - return asn1_item_print_nm(out, fld, indent, it, it->sname); -} +ASN1_PCTX default_pctx = + { + ASN1_PCTX_FLAGS_SHOW_ABSENT, /* flags */ + 0, /* nm_flags */ + 0, /* cert_flags */ + 0, /* oid_flags */ + 0 /* str_flags */ + }; + -static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name) -{ - ASN1_STRING *str; +ASN1_PCTX *ASN1_PCTX_new(void) + { + ASN1_PCTX *ret; + ret = OPENSSL_malloc(sizeof(ASN1_PCTX)); + if (ret == NULL) + { + ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE); + return NULL; + } + ret->flags = 0; + ret->nm_flags = 0; + ret->cert_flags = 0; + ret->oid_flags = 0; + ret->str_flags = 0; + return ret; + } + +void ASN1_PCTX_free(ASN1_PCTX *p) + { + OPENSSL_free(p); + } + +unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p) + { + return p->flags; + } + +void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags) + { + p->flags = flags; + } + +unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p) + { + return p->nm_flags; + } + +void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags) + { + p->nm_flags = flags; + } + +unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p) + { + return p->cert_flags; + } + +void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags) + { + p->cert_flags = flags; + } + +unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p) + { + return p->oid_flags; + } + +void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags) + { + p->oid_flags = flags; + } + +unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p) + { + return p->str_flags; + } + +void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags) + { + p->str_flags = flags; + } + +/* Main print routines */ + +static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, + const ASN1_ITEM *it, + const char *fname, const char *sname, + int nohdr, const ASN1_PCTX *pctx); + +int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, + const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx); + +static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld, + const ASN1_ITEM *it, int indent, + const char *fname, const char *sname, + const ASN1_PCTX *pctx); + +static int asn1_print_fsname(BIO *out, int indent, + const char *fname, const char *sname, + const ASN1_PCTX *pctx); + +int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, + const ASN1_ITEM *it, const ASN1_PCTX *pctx) + { + const char *sname; + if (pctx == NULL) + pctx = &default_pctx; + if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME) + sname = NULL; + else + sname = it->sname; + return asn1_item_print_ctx(out, &ifld, indent, it, + NULL, sname, 0, pctx); + } + +static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, + const ASN1_ITEM *it, + const char *fname, const char *sname, + int nohdr, const ASN1_PCTX *pctx) + { const ASN1_TEMPLATE *tt; - void *tmpfld; + const ASN1_EXTERN_FUNCS *ef; + ASN1_VALUE **tmpfld; + const ASN1_AUX *aux = it->funcs; + ASN1_aux_cb *asn1_cb; + ASN1_PRINT_ARG parg; int i; - if(!fld) { - BIO_printf(out, "%*s%s ABSENT\n", indent, "", name); + if (aux && aux->asn1_cb) + { + parg.out = out; + parg.indent = indent; + parg.pctx = pctx; + asn1_cb = aux->asn1_cb; + } + else asn1_cb = 0; + + if(*fld == NULL) + { + if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) + { + if (!nohdr && !asn1_print_fsname(out, indent, + fname, sname, pctx)) + return 0; + if (BIO_puts(out, "\n") <= 0) + return 0; + } return 1; - } - switch(it->itype) { + } + switch(it->itype) + { case ASN1_ITYPE_PRIMITIVE: if(it->templates) - return ASN1_template_print(out, fld, indent, it->templates); - return asn1_primitive_print(out, fld, it->utype, indent, name); - break; - + { + if (!asn1_template_print_ctx(out, fld, indent, + it->templates, pctx)) + return 0; + } + /* fall thru */ case ASN1_ITYPE_MSTRING: - str = fld; - return asn1_primitive_print(out, fld, str->type, indent, name); + if (!asn1_primitive_print(out, fld, it, + indent, fname, sname,pctx)) + return 0; + break; case ASN1_ITYPE_EXTERN: - BIO_printf(out, "%*s%s:EXTERNAL TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT"); - return 1; - case ASN1_ITYPE_COMPAT: - BIO_printf(out, "%*s%s:COMPATIBLE TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT"); - return 1; - + if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx)) + return 0; + /* Use new style print routine if possible */ + ef = it->funcs; + if (ef && ef->asn1_ex_print) + { + i = ef->asn1_ex_print(out, fld, indent, "", pctx); + if (!i) + return 0; + if ((i == 2) && (BIO_puts(out, "\n") <= 0)) + return 0; + return 1; + } + else if (sname && + BIO_printf(out, ":EXTERNAL TYPE %s\n", sname) <= 0) + return 0; + break; case ASN1_ITYPE_CHOICE: +#if 0 + if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx)) + return 0; +#endif /* CHOICE type, get selector */ i = asn1_get_choice_selector(fld, it); /* This should never happen... */ - if((i < 0) || (i >= it->tcount)) { - BIO_printf(out, "%s selector [%d] out of range\n", it->sname, i); + if((i < 0) || (i >= it->tcount)) + { + if (BIO_printf(out, + "ERROR: selector [%d] invalid\n", i) <= 0) + return 0; return 1; - } + } tt = it->templates + i; - tmpfld = asn1_get_field(fld, tt); - return ASN1_template_print(out, tmpfld, indent, tt); + tmpfld = asn1_get_field_ptr(fld, tt); + if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx)) + return 0; + break; case ASN1_ITYPE_SEQUENCE: - BIO_printf(out, "%*s%s {\n", indent, "", name); - /* Get each field entry */ - for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) { - tmpfld = asn1_get_field(fld, tt); - ASN1_template_print(out, tmpfld, indent + 2, tt); - } - BIO_printf(out, "%*s}\n", indent, ""); - return 1; + case ASN1_ITYPE_NDEF_SEQUENCE: + if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx)) + return 0; + if (fname || sname) + { + if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) + { + if (BIO_puts(out, " {\n") <= 0) + return 0; + } + else + { + if (BIO_puts(out, "\n") <= 0) + return 0; + } + } + + if (asn1_cb) + { + i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg); + if (i == 0) + return 0; + if (i == 2) + return 1; + } + + /* Print each field entry */ + for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) + { + const ASN1_TEMPLATE *seqtt; + seqtt = asn1_do_adb(fld, tt, 1); + tmpfld = asn1_get_field_ptr(fld, seqtt); + if (!asn1_template_print_ctx(out, tmpfld, + indent + 2, seqtt, pctx)) + return 0; + } + if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) + { + if (BIO_printf(out, "%*s}\n", indent, "") < 0) + return 0; + } + + if (asn1_cb) + { + i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg); + if (i == 0) + return 0; + } + break; default: + BIO_printf(out, "Unprocessed type %d\n", it->itype); return 0; + } + + return 1; } -} -int ASN1_template_print(BIO *out, void *fld, int indent, const ASN1_TEMPLATE *tt) -{ +int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, + const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx) + { int i, flags; -#if 0 - if(!fld) return 0; -#endif + const char *sname, *fname; flags = tt->flags; - if(flags & ASN1_TFLG_SK_MASK) { + if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME) + sname = ASN1_ITEM_ptr(tt->item)->sname; + else + sname = NULL; + if(pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME) + fname = NULL; + else + fname = tt->field_name; + if(flags & ASN1_TFLG_SK_MASK) + { char *tname; - void *skitem; + ASN1_VALUE *skitem; + STACK_OF(ASN1_VALUE) *stack; + /* SET OF, SEQUENCE OF */ - if(flags & ASN1_TFLG_SET_OF) tname = "SET"; - else tname = "SEQUENCE"; - if(fld) { - BIO_printf(out, "%*s%s OF %s {\n", indent, "", tname, tt->field_name); - for(i = 0; i < sk_num(fld); i++) { - skitem = sk_value(fld, i); - asn1_item_print_nm(out, skitem, indent + 2, tt->item, ""); + if (fname) + { + if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) + { + if(flags & ASN1_TFLG_SET_OF) + tname = "SET"; + else + tname = "SEQUENCE"; + if (BIO_printf(out, "%*s%s OF %s {\n", + indent, "", tname, tt->field_name) <= 0) + return 0; + } + else if (BIO_printf(out, "%*s%s:\n", indent, "", + fname) <= 0) + return 0; + } + stack = (STACK_OF(ASN1_VALUE) *)*fld; + for(i = 0; i < sk_ASN1_VALUE_num(stack); i++) + { + if ((i > 0) && (BIO_puts(out, "\n") <= 0)) + return 0; + + skitem = sk_ASN1_VALUE_value(stack, i); + if (!asn1_item_print_ctx(out, &skitem, indent + 2, + ASN1_ITEM_ptr(tt->item), NULL, NULL, 1, pctx)) + return 0; + } + if (!i && BIO_printf(out, "%*s\n", indent + 2, "") <= 0) + return 0; + if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) + { + if (BIO_printf(out, "%*s}\n", indent, "") <= 0) + return 0; } - BIO_printf(out, "%*s}\n", indent, ""); - } else - BIO_printf(out, "%*s%s OF %s ABSENT\n", indent, "", tname, tt->field_name); return 1; + } + return asn1_item_print_ctx(out, fld, indent, ASN1_ITEM_ptr(tt->item), + fname, sname, 0, pctx); } - return asn1_item_print_nm(out, fld, indent, tt->item, tt->field_name); -} - -static int asn1_primitive_print(BIO *out, void *fld, long utype, int indent, const char *name) -{ - ASN1_STRING *str = fld; - if(fld) { - if(utype == V_ASN1_BOOLEAN) { - int *bool = fld; -if(*bool == -1) printf("BOOL MISSING\n"); - BIO_printf(out, "%*s%s:%s", indent, "", "BOOLEAN", *bool ? "TRUE" : "FALSE"); - } else if((utype == V_ASN1_INTEGER) - || (utype == V_ASN1_ENUMERATED)) { - char *s, *nm; - s = i2s_ASN1_INTEGER(NULL, fld); - if(utype == V_ASN1_INTEGER) nm = "INTEGER"; - else nm = "ENUMERATED"; - BIO_printf(out, "%*s%s:%s", indent, "", nm, s); - OPENSSL_free(s); - } else if(utype == V_ASN1_NULL) { - BIO_printf(out, "%*s%s", indent, "", "NULL"); - } else if(utype == V_ASN1_UTCTIME) { - BIO_printf(out, "%*s%s:%s:", indent, "", name, "UTCTIME"); - ASN1_UTCTIME_print(out, str); - } else if(utype == V_ASN1_GENERALIZEDTIME) { - BIO_printf(out, "%*s%s:%s:", indent, "", name, "GENERALIZEDTIME"); - ASN1_GENERALIZEDTIME_print(out, str); - } else if(utype == V_ASN1_OBJECT) { - char objbuf[80], *ln; - ln = OBJ_nid2ln(OBJ_obj2nid(fld)); - if(!ln) ln = ""; - OBJ_obj2txt(objbuf, sizeof objbuf, fld, 1); - BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf); - } else { - BIO_printf(out, "%*s%s:", indent, "", name); - ASN1_STRING_print_ex(out, str, ASN1_STRFLGS_DUMP_UNKNOWN|ASN1_STRFLGS_SHOW_TYPE); + +static int asn1_print_fsname(BIO *out, int indent, + const char *fname, const char *sname, + const ASN1_PCTX *pctx) + { + static char spaces[] = " "; + const int nspaces = sizeof(spaces) - 1; + +#if 0 + if (!sname && !fname) + return 1; +#endif + + while (indent > nspaces) + { + if (BIO_write(out, spaces, nspaces) != nspaces) + return 0; + indent -= nspaces; + } + if (BIO_write(out, spaces, indent) != indent) + return 0; + if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME) + sname = NULL; + if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME) + fname = NULL; + if (!sname && !fname) + return 1; + if (fname) + { + if (BIO_puts(out, fname) <= 0) + return 0; } - BIO_printf(out, "\n"); - } else BIO_printf(out, "%*s%s [ABSENT]\n", indent, "", name); + if (sname) + { + if (fname) + { + if (BIO_printf(out, " (%s)", sname) <= 0) + return 0; + } + else + { + if (BIO_puts(out, sname) <= 0) + return 0; + } + } + if (BIO_write(out, ": ", 2) != 2) + return 0; return 1; -} + } + +static int asn1_print_boolean_ctx(BIO *out, const int bool, + const ASN1_PCTX *pctx) + { + const char *str; + switch (bool) + { + case -1: + str = "BOOL ABSENT"; + break; + + case 0: + str = "FALSE"; + break; + + default: + str = "TRUE"; + break; + + } + + if (BIO_puts(out, str) <= 0) + return 0; + return 1; + + } + +static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str, + const ASN1_PCTX *pctx) + { + char *s; + int ret = 1; + s = i2s_ASN1_INTEGER(NULL, str); + if (BIO_puts(out, s) <= 0) + ret = 0; + OPENSSL_free(s); + return ret; + } + +static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid, + const ASN1_PCTX *pctx) + { + char objbuf[80]; + const char *ln; + ln = OBJ_nid2ln(OBJ_obj2nid(oid)); + if(!ln) + ln = ""; + OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1); + if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0) + return 0; + return 1; + } + +static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent, + const ASN1_PCTX *pctx) + { + if (str->type == V_ASN1_BIT_STRING) + { + if (BIO_printf(out, " (%ld unused bits)\n", + str->flags & 0x7) <= 0) + return 0; + } + else if (BIO_puts(out, "\n") <= 0) + return 0; + if ((str->length > 0) + && BIO_dump_indent(out, (char *)str->data, str->length, + indent + 2) <= 0) + return 0; + return 1; + } + +static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld, + const ASN1_ITEM *it, int indent, + const char *fname, const char *sname, + const ASN1_PCTX *pctx) + { + long utype; + ASN1_STRING *str; + int ret = 1, needlf = 1; + const char *pname; + const ASN1_PRIMITIVE_FUNCS *pf; + pf = it->funcs; + if (!asn1_print_fsname(out, indent, fname, sname, pctx)) + return 0; + if (pf && pf->prim_print) + return pf->prim_print(out, fld, it, indent, pctx); + str = (ASN1_STRING *)*fld; + if (it->itype == ASN1_ITYPE_MSTRING) + utype = str->type & ~V_ASN1_NEG; + else + utype = it->utype; + if (utype == V_ASN1_ANY) + { + ASN1_TYPE *atype = (ASN1_TYPE *)*fld; + utype = atype->type; + fld = &atype->value.asn1_value; + str = (ASN1_STRING *)*fld; + if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE) + pname = NULL; + else + pname = ASN1_tag2str(utype); + } + else + { + if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE) + pname = ASN1_tag2str(utype); + else + pname = NULL; + } + + if (utype == V_ASN1_NULL) + { + if (BIO_puts(out, "NULL\n") <= 0) + return 0; + return 1; + } + + if (pname) + { + if (BIO_puts(out, pname) <= 0) + return 0; + if (BIO_puts(out, ":") <= 0) + return 0; + } + + switch (utype) + { + case V_ASN1_BOOLEAN: + { + int bool = *(int *)fld; + if (bool == -1) + bool = it->size; + ret = asn1_print_boolean_ctx(out, bool, pctx); + } + break; + + case V_ASN1_INTEGER: + case V_ASN1_ENUMERATED: + ret = asn1_print_integer_ctx(out, str, pctx); + break; + + case V_ASN1_UTCTIME: + ret = ASN1_UTCTIME_print(out, str); + break; + + case V_ASN1_GENERALIZEDTIME: + ret = ASN1_GENERALIZEDTIME_print(out, str); + break; + + case V_ASN1_OBJECT: + ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx); + break; + + case V_ASN1_OCTET_STRING: + case V_ASN1_BIT_STRING: + ret = asn1_print_obstring_ctx(out, str, indent, pctx); + needlf = 0; + break; + + case V_ASN1_SEQUENCE: + case V_ASN1_SET: + case V_ASN1_OTHER: + if (BIO_puts(out, "\n") <= 0) + return 0; + if (ASN1_parse_dump(out, str->data, str->length, + indent, 0) <= 0) + ret = 0; + needlf = 0; + break; + + default: + ret = ASN1_STRING_print_ex(out, str, pctx->str_flags); + + } + if (!ret) + return 0; + if (needlf && BIO_puts(out, "\n") <= 0) + return 0; + return 1; + } diff --git a/src/lib/libcrypto/asn1/tasn_typ.c b/src/lib/libcrypto/asn1/tasn_typ.c index 6252213d15..6fb1c372da 100644 --- a/src/lib/libcrypto/asn1/tasn_typ.c +++ b/src/lib/libcrypto/asn1/tasn_typ.c @@ -135,3 +135,14 @@ IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0) /* Special, OCTET STRING with indefinite length constructed support */ IMPLEMENT_ASN1_TYPE_ex(ASN1_OCTET_STRING_NDEF, ASN1_OCTET_STRING, ASN1_TFLG_NDEF) + +ASN1_ITEM_TEMPLATE(ASN1_SEQUENCE_ANY) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, ASN1_SEQUENCE_ANY, ASN1_ANY) +ASN1_ITEM_TEMPLATE_END(ASN1_SEQUENCE_ANY) + +ASN1_ITEM_TEMPLATE(ASN1_SET_ANY) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, ASN1_SET_ANY, ASN1_ANY) +ASN1_ITEM_TEMPLATE_END(ASN1_SET_ANY) + +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SET_ANY, ASN1_SET_ANY) diff --git a/src/lib/libcrypto/asn1/x_cinf.c b/src/lib/libcrypto/asn1/x_cinf.c deleted file mode 100644 index 339a110eef..0000000000 --- a/src/lib/libcrypto/asn1/x_cinf.c +++ /dev/null @@ -1,201 +0,0 @@ -/* crypto/asn1/x_cinf.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2d_X509_CINF(X509_CINF *a, unsigned char **pp) - { - int v1=0,v2=0; - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1); - M_ASN1_I2D_len(a->serialNumber, i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->signature, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->issuer, i2d_X509_NAME); - M_ASN1_I2D_len(a->validity, i2d_X509_VAL); - M_ASN1_I2D_len(a->subject, i2d_X509_NAME); - M_ASN1_I2D_len(a->key, i2d_X509_PUBKEY); - M_ASN1_I2D_len_IMP_opt(a->issuerUID, i2d_ASN1_BIT_STRING); - M_ASN1_I2D_len_IMP_opt(a->subjectUID, i2d_ASN1_BIT_STRING); - M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, - i2d_X509_EXTENSION,3, - V_ASN1_SEQUENCE,v2); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1); - M_ASN1_I2D_put(a->serialNumber, i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->signature, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->issuer, i2d_X509_NAME); - M_ASN1_I2D_put(a->validity, i2d_X509_VAL); - M_ASN1_I2D_put(a->subject, i2d_X509_NAME); - M_ASN1_I2D_put(a->key, i2d_X509_PUBKEY); - M_ASN1_I2D_put_IMP_opt(a->issuerUID, i2d_ASN1_BIT_STRING,1); - M_ASN1_I2D_put_IMP_opt(a->subjectUID, i2d_ASN1_BIT_STRING,2); - M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, - i2d_X509_EXTENSION,3, - V_ASN1_SEQUENCE,v2); - - M_ASN1_I2D_finish(); - } - -X509_CINF *d2i_X509_CINF(X509_CINF **a, unsigned char **pp, long length) - { - int ver=0; - M_ASN1_D2I_vars(a,X509_CINF *,X509_CINF_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - /* we have the optional version field */ - if (M_ASN1_next == (V_ASN1_CONTEXT_SPECIFIC | V_ASN1_CONSTRUCTED | 0)) - { - M_ASN1_D2I_get_EXP_opt(ret->version,d2i_ASN1_INTEGER,0); - if (ret->version->data != NULL) - ver=ret->version->data[0]; - } - else - { - if (ret->version != NULL) - { - M_ASN1_INTEGER_free(ret->version); - ret->version=NULL; - } - } - M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->signature,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME); - M_ASN1_D2I_get(ret->validity,d2i_X509_VAL); - M_ASN1_D2I_get(ret->subject,d2i_X509_NAME); - M_ASN1_D2I_get(ret->key,d2i_X509_PUBKEY); - if (ver >= 1) /* version 2 extensions */ - { - if (ret->issuerUID != NULL) - { - M_ASN1_BIT_STRING_free(ret->issuerUID); - ret->issuerUID=NULL; - } - if (ret->subjectUID != NULL) - { - M_ASN1_BIT_STRING_free(ret->subjectUID); - ret->subjectUID=NULL; - } - M_ASN1_D2I_get_IMP_opt(ret->issuerUID,d2i_ASN1_BIT_STRING, 1, - V_ASN1_BIT_STRING); - M_ASN1_D2I_get_IMP_opt(ret->subjectUID,d2i_ASN1_BIT_STRING, 2, - V_ASN1_BIT_STRING); - } -/* Note: some broken certificates include extensions but don't set - * the version number properly. By bypassing this check they can - * be parsed. - */ - -#ifdef VERSION_EXT_CHECK - if (ver >= 2) /* version 3 extensions */ -#endif - { - if (ret->extensions != NULL) - while (sk_X509_EXTENSION_num(ret->extensions)) - X509_EXTENSION_free( - sk_X509_EXTENSION_pop(ret->extensions)); - M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions, - d2i_X509_EXTENSION, - X509_EXTENSION_free,3, - V_ASN1_SEQUENCE); - } - M_ASN1_D2I_Finish(a,X509_CINF_free,ASN1_F_D2I_X509_CINF); - } - -X509_CINF *X509_CINF_new(void) - { - X509_CINF *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_CINF); - ret->version=NULL; - M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new); - M_ASN1_New(ret->signature,X509_ALGOR_new); - M_ASN1_New(ret->issuer,X509_NAME_new); - M_ASN1_New(ret->validity,X509_VAL_new); - M_ASN1_New(ret->subject,X509_NAME_new); - M_ASN1_New(ret->key,X509_PUBKEY_new); - ret->issuerUID=NULL; - ret->subjectUID=NULL; - ret->extensions=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_CINF_NEW); - } - -void X509_CINF_free(X509_CINF *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - M_ASN1_INTEGER_free(a->serialNumber); - X509_ALGOR_free(a->signature); - X509_NAME_free(a->issuer); - X509_VAL_free(a->validity); - X509_NAME_free(a->subject); - X509_PUBKEY_free(a->key); - M_ASN1_BIT_STRING_free(a->issuerUID); - M_ASN1_BIT_STRING_free(a->subjectUID); - sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - OPENSSL_free(a); - } - diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c index 70d56a67f2..c51c690ba9 100644 --- a/src/lib/libcrypto/asn1/x_crl.c +++ b/src/lib/libcrypto/asn1/x_crl.c @@ -58,11 +58,14 @@ #include #include "cryptlib.h" +#include "asn1_locl.h" #include #include +#include static int X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b); +static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp); ASN1_SEQUENCE(X509_REVOKED) = { ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER), @@ -70,11 +73,26 @@ ASN1_SEQUENCE(X509_REVOKED) = { ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION) } ASN1_SEQUENCE_END(X509_REVOKED) +static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r); +static int def_crl_lookup(X509_CRL *crl, + X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer); + +static X509_CRL_METHOD int_crl_meth = + { + 0, + 0,0, + def_crl_lookup, + def_crl_verify + }; + +static const X509_CRL_METHOD *default_crl_method = &int_crl_meth; + /* The X509_CRL_INFO structure needs a bit of customisation. * Since we cache the original encoding the signature wont be affected by * reordering of the revoked field. */ -static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { X509_CRL_INFO *a = (X509_CRL_INFO *)*pval; @@ -101,7 +119,237 @@ ASN1_SEQUENCE_enc(X509_CRL_INFO, enc, crl_inf_cb) = { ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0) } ASN1_SEQUENCE_END_enc(X509_CRL_INFO, X509_CRL_INFO) -ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = { +/* Set CRL entry issuer according to CRL certificate issuer extension. + * Check for unhandled critical CRL entry extensions. + */ + +static int crl_set_issuers(X509_CRL *crl) + { + + int i, j; + GENERAL_NAMES *gens, *gtmp; + STACK_OF(X509_REVOKED) *revoked; + + revoked = X509_CRL_get_REVOKED(crl); + + gens = NULL; + for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) + { + X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i); + STACK_OF(X509_EXTENSION) *exts; + ASN1_ENUMERATED *reason; + X509_EXTENSION *ext; + gtmp = X509_REVOKED_get_ext_d2i(rev, + NID_certificate_issuer, + &j, NULL); + if (!gtmp && (j != -1)) + { + crl->flags |= EXFLAG_INVALID; + return 1; + } + + if (gtmp) + { + gens = gtmp; + if (!crl->issuers) + { + crl->issuers = sk_GENERAL_NAMES_new_null(); + if (!crl->issuers) + return 0; + } + if (!sk_GENERAL_NAMES_push(crl->issuers, gtmp)) + return 0; + } + rev->issuer = gens; + + reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason, + &j, NULL); + if (!reason && (j != -1)) + { + crl->flags |= EXFLAG_INVALID; + return 1; + } + + if (reason) + { + rev->reason = ASN1_ENUMERATED_get(reason); + ASN1_ENUMERATED_free(reason); + } + else + rev->reason = CRL_REASON_NONE; + + /* Check for critical CRL entry extensions */ + + exts = rev->extensions; + + for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) + { + ext = sk_X509_EXTENSION_value(exts, j); + if (ext->critical > 0) + { + if (OBJ_obj2nid(ext->object) == + NID_certificate_issuer) + continue; + crl->flags |= EXFLAG_CRITICAL; + break; + } + } + + + } + + return 1; + + } + +/* The X509_CRL structure needs a bit of customisation. Cache some extensions + * and hash of the whole CRL. + */ +static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) + { + X509_CRL *crl = (X509_CRL *)*pval; + STACK_OF(X509_EXTENSION) *exts; + X509_EXTENSION *ext; + int idx; + + switch(operation) + { + case ASN1_OP_NEW_POST: + crl->idp = NULL; + crl->akid = NULL; + crl->flags = 0; + crl->idp_flags = 0; + crl->idp_reasons = CRLDP_ALL_REASONS; + crl->meth = default_crl_method; + crl->meth_data = NULL; + crl->issuers = NULL; + crl->crl_number = NULL; + crl->base_crl_number = NULL; + break; + + case ASN1_OP_D2I_POST: +#ifndef OPENSSL_NO_SHA + X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL); +#endif + crl->idp = X509_CRL_get_ext_d2i(crl, + NID_issuing_distribution_point, NULL, NULL); + if (crl->idp) + setup_idp(crl, crl->idp); + + crl->akid = X509_CRL_get_ext_d2i(crl, + NID_authority_key_identifier, NULL, NULL); + + crl->crl_number = X509_CRL_get_ext_d2i(crl, + NID_crl_number, NULL, NULL); + + crl->base_crl_number = X509_CRL_get_ext_d2i(crl, + NID_delta_crl, NULL, NULL); + /* Delta CRLs must have CRL number */ + if (crl->base_crl_number && !crl->crl_number) + crl->flags |= EXFLAG_INVALID; + + /* See if we have any unhandled critical CRL extensions and + * indicate this in a flag. We only currently handle IDP so + * anything else critical sets the flag. + * + * This code accesses the X509_CRL structure directly: + * applications shouldn't do this. + */ + + exts = crl->crl->extensions; + + for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) + { + int nid; + ext = sk_X509_EXTENSION_value(exts, idx); + nid = OBJ_obj2nid(ext->object); + if (nid == NID_freshest_crl) + crl->flags |= EXFLAG_FRESHEST; + if (ext->critical > 0) + { + /* We handle IDP and deltas */ + if ((nid == NID_issuing_distribution_point) + || (nid == NID_delta_crl)) + break;; + crl->flags |= EXFLAG_CRITICAL; + break; + } + } + + + if (!crl_set_issuers(crl)) + return 0; + + if (crl->meth->crl_init) + { + if (crl->meth->crl_init(crl) == 0) + return 0; + } + break; + + case ASN1_OP_FREE_POST: + if (crl->meth->crl_free) + { + if (!crl->meth->crl_free(crl)) + return 0; + } + if (crl->akid) + AUTHORITY_KEYID_free(crl->akid); + if (crl->idp) + ISSUING_DIST_POINT_free(crl->idp); + ASN1_INTEGER_free(crl->crl_number); + ASN1_INTEGER_free(crl->base_crl_number); + sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free); + break; + } + return 1; + } + +/* Convert IDP into a more convenient form */ + +static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp) + { + int idp_only = 0; + /* Set various flags according to IDP */ + crl->idp_flags |= IDP_PRESENT; + if (idp->onlyuser > 0) + { + idp_only++; + crl->idp_flags |= IDP_ONLYUSER; + } + if (idp->onlyCA > 0) + { + idp_only++; + crl->idp_flags |= IDP_ONLYCA; + } + if (idp->onlyattr > 0) + { + idp_only++; + crl->idp_flags |= IDP_ONLYATTR; + } + + if (idp_only > 1) + crl->idp_flags |= IDP_INVALID; + + if (idp->indirectCRL > 0) + crl->idp_flags |= IDP_INDIRECT; + + if (idp->onlysomereasons) + { + crl->idp_flags |= IDP_REASONS; + if (idp->onlysomereasons->length > 0) + crl->idp_reasons = idp->onlysomereasons->data[0]; + if (idp->onlysomereasons->length > 1) + crl->idp_reasons |= + (idp->onlysomereasons->data[1] << 8); + crl->idp_reasons &= CRLDP_ALL_REASONS; + } + + DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl)); + } + +ASN1_SEQUENCE_ref(X509_CRL, crl_cb, CRYPTO_LOCK_X509_CRL) = { ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO), ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR), ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING) @@ -134,6 +382,145 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev) return 1; } +int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r) + { + if (crl->meth->crl_verify) + return crl->meth->crl_verify(crl, r); + return 0; + } + +int X509_CRL_get0_by_serial(X509_CRL *crl, + X509_REVOKED **ret, ASN1_INTEGER *serial) + { + if (crl->meth->crl_lookup) + return crl->meth->crl_lookup(crl, ret, serial, NULL); + return 0; + } + +int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x) + { + if (crl->meth->crl_lookup) + return crl->meth->crl_lookup(crl, ret, + X509_get_serialNumber(x), + X509_get_issuer_name(x)); + return 0; + } + +static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r) + { + return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO), + crl->sig_alg, crl->signature,crl->crl,r)); + } + +static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm, + X509_REVOKED *rev) + { + int i; + + if (!rev->issuer) + { + if (!nm) + return 1; + if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl))) + return 1; + return 0; + } + + if (!nm) + nm = X509_CRL_get_issuer(crl); + + for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) + { + GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i); + if (gen->type != GEN_DIRNAME) + continue; + if (!X509_NAME_cmp(nm, gen->d.directoryName)) + return 1; + } + return 0; + + } + +static int def_crl_lookup(X509_CRL *crl, + X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer) + { + X509_REVOKED rtmp, *rev; + int idx; + rtmp.serialNumber = serial; + /* Sort revoked into serial number order if not already sorted. + * Do this under a lock to avoid race condition. + */ + if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) + { + CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL); + sk_X509_REVOKED_sort(crl->crl->revoked); + CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL); + } + idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp); + if(idx < 0) + return 0; + /* Need to look for matching name */ + for(;idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) + { + rev = sk_X509_REVOKED_value(crl->crl->revoked, idx); + if (ASN1_INTEGER_cmp(rev->serialNumber, serial)) + return 0; + if (crl_revoked_issuer_match(crl, issuer, rev)) + { + if (ret) + *ret = rev; + if (rev->reason == CRL_REASON_REMOVE_FROM_CRL) + return 2; + return 1; + } + } + return 0; + } + +void X509_CRL_set_default_method(const X509_CRL_METHOD *meth) + { + if (meth == NULL) + default_crl_method = &int_crl_meth; + else + default_crl_method = meth; + } + +X509_CRL_METHOD *X509_CRL_METHOD_new( + int (*crl_init)(X509_CRL *crl), + int (*crl_free)(X509_CRL *crl), + int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, + ASN1_INTEGER *ser, X509_NAME *issuer), + int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)) + { + X509_CRL_METHOD *m; + m = OPENSSL_malloc(sizeof(X509_CRL_METHOD)); + if (!m) + return NULL; + m->crl_init = crl_init; + m->crl_free = crl_free; + m->crl_lookup = crl_lookup; + m->crl_verify = crl_verify; + m->flags = X509_CRL_METHOD_DYNAMIC; + return m; + } + +void X509_CRL_METHOD_free(X509_CRL_METHOD *m) + { + if (!(m->flags & X509_CRL_METHOD_DYNAMIC)) + return; + OPENSSL_free(m); + } + +void X509_CRL_set_meth_data(X509_CRL *crl, void *dat) + { + crl->meth_data = dat; + } + +void *X509_CRL_get_meth_data(X509_CRL *crl) + { + return crl->meth_data; + } + IMPLEMENT_STACK_OF(X509_REVOKED) IMPLEMENT_ASN1_SET_OF(X509_REVOKED) IMPLEMENT_STACK_OF(X509_CRL) diff --git a/src/lib/libcrypto/asn1/x_long.c b/src/lib/libcrypto/asn1/x_long.c index bf35457c1f..75317418e1 100644 --- a/src/lib/libcrypto/asn1/x_long.c +++ b/src/lib/libcrypto/asn1/x_long.c @@ -71,6 +71,7 @@ static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it); static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); +static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx); static ASN1_PRIMITIVE_FUNCS long_pf = { NULL, 0, @@ -78,7 +79,8 @@ static ASN1_PRIMITIVE_FUNCS long_pf = { long_free, long_free, /* Clear should set to initial value */ long_c2i, - long_i2c + long_i2c, + long_print }; ASN1_ITEM_start(LONG) @@ -169,3 +171,9 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, memcpy(cp, <mp, sizeof(long)); return 1; } + +static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, + int indent, const ASN1_PCTX *pctx) + { + return BIO_printf(out, "%ld\n", *(long *)pval); + } diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c index 04380abc3f..caa4409feb 100644 --- a/src/lib/libcrypto/asn1/x_name.c +++ b/src/lib/libcrypto/asn1/x_name.c @@ -57,18 +57,36 @@ */ #include +#include #include "cryptlib.h" #include #include +#include "asn1_locl.h" -static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx); +typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY; +DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY) -static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); +static int x509_name_ex_d2i(ASN1_VALUE **val, + const unsigned char **in, long len, + const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx); + +static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, + const ASN1_ITEM *it, int tag, int aclass); static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it); static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it); static int x509_name_encode(X509_NAME *a); +static int x509_name_canon(X509_NAME *a); +static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in); +static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname, + unsigned char **in); + + +static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, + int indent, + const char *fname, + const ASN1_PCTX *pctx); ASN1_SEQUENCE(X509_NAME_ENTRY) = { ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT), @@ -102,7 +120,8 @@ const ASN1_EXTERN_FUNCS x509_name_ff = { x509_name_ex_free, 0, /* Default clear behaviour is OK */ x509_name_ex_d2i, - x509_name_ex_i2d + x509_name_ex_i2d, + x509_name_ex_print }; IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff) @@ -118,6 +137,8 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL) goto memerr; if((ret->bytes = BUF_MEM_new()) == NULL) goto memerr; + ret->canon_enc = NULL; + ret->canon_enclen = 0; ret->modified=1; *val = (ASN1_VALUE *)ret; return 1; @@ -142,25 +163,19 @@ static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) BUF_MEM_free(a->bytes); sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free); + if (a->canon_enc) + OPENSSL_free(a->canon_enc); OPENSSL_free(a); *pval = NULL; } -/* Used with sk_pop_free() to free up the internal representation. - * NB: we only free the STACK and not its contents because it is - * already present in the X509_NAME structure. - */ - -static void sk_internal_free(void *a) -{ - sk_free(a); -} - -static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx) +static int x509_name_ex_d2i(ASN1_VALUE **val, + const unsigned char **in, long len, const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx) { const unsigned char *p = *in, *q; - union { STACK *s; ASN1_VALUE *a; } intname = {NULL}; + union { STACK_OF(STACK_OF_X509_NAME_ENTRY) *s; + ASN1_VALUE *a; } intname = {NULL}; union { X509_NAME *x; ASN1_VALUE *a; } nm = {NULL}; int i, j, ret; STACK_OF(X509_NAME_ENTRY) *entries; @@ -181,8 +196,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len memcpy(nm.x->bytes->data, q, p - q); /* Convert internal representation to X509_NAME structure */ - for(i = 0; i < sk_num(intname.s); i++) { - entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname.s, i); + for(i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) { + entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i); for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) { entry = sk_X509_NAME_ENTRY_value(entries, j); entry->set = i; @@ -191,7 +206,10 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len } sk_X509_NAME_ENTRY_free(entries); } - sk_free(intname.s); + sk_STACK_OF_X509_NAME_ENTRY_free(intname.s); + ret = x509_name_canon(nm.x); + if (!ret) + goto err; nm.x->modified = 0; *val = nm.a; *in = p; @@ -206,8 +224,12 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT int ret; X509_NAME *a = (X509_NAME *)*val; if(a->modified) { - ret = x509_name_encode((X509_NAME *)a); - if(ret < 0) return ret; + ret = x509_name_encode(a); + if(ret < 0) + return ret; + ret = x509_name_canon(a); + if(ret < 0) + return ret; } ret = a->bytes->length; if(out != NULL) { @@ -217,22 +239,35 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT return ret; } +static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne) + { + sk_X509_NAME_ENTRY_free(ne); + } + +static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne) + { + sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free); + } + static int x509_name_encode(X509_NAME *a) { - union { STACK *s; ASN1_VALUE *a; } intname = {NULL}; + union { STACK_OF(STACK_OF_X509_NAME_ENTRY) *s; + ASN1_VALUE *a; } intname = {NULL}; int len; unsigned char *p; STACK_OF(X509_NAME_ENTRY) *entries = NULL; X509_NAME_ENTRY *entry; int i, set = -1; - intname.s = sk_new_null(); + intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null(); if(!intname.s) goto memerr; for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { entry = sk_X509_NAME_ENTRY_value(a->entries, i); if(entry->set != set) { entries = sk_X509_NAME_ENTRY_new_null(); if(!entries) goto memerr; - if(!sk_push(intname.s, (char *)entries)) goto memerr; + if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, + entries)) + goto memerr; set = entry->set; } if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr; @@ -243,15 +278,222 @@ static int x509_name_encode(X509_NAME *a) p=(unsigned char *)a->bytes->data; ASN1_item_ex_i2d(&intname.a, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); - sk_pop_free(intname.s, sk_internal_free); + sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, + local_sk_X509_NAME_ENTRY_free); a->modified = 0; return len; - memerr: - sk_pop_free(intname.s, sk_internal_free); +memerr: + sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, + local_sk_X509_NAME_ENTRY_free); ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE); return -1; } +static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, + int indent, + const char *fname, + const ASN1_PCTX *pctx) + { + if (X509_NAME_print_ex(out, (X509_NAME *)*pval, + indent, pctx->nm_flags) <= 0) + return 0; + return 2; + } + +/* This function generates the canonical encoding of the Name structure. + * In it all strings are converted to UTF8, leading, trailing and + * multiple spaces collapsed, converted to lower case and the leading + * SEQUENCE header removed. + * + * In future we could also normalize the UTF8 too. + * + * By doing this comparison of Name structures can be rapidly + * perfomed by just using memcmp() of the canonical encoding. + * By omitting the leading SEQUENCE name constraints of type + * dirName can also be checked with a simple memcmp(). + */ + +static int x509_name_canon(X509_NAME *a) + { + unsigned char *p; + STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL; + STACK_OF(X509_NAME_ENTRY) *entries = NULL; + X509_NAME_ENTRY *entry, *tmpentry = NULL; + int i, set = -1, ret = 0; + + if (a->canon_enc) + { + OPENSSL_free(a->canon_enc); + a->canon_enc = NULL; + } + /* Special case: empty X509_NAME => null encoding */ + if (sk_X509_NAME_ENTRY_num(a->entries) == 0) + { + a->canon_enclen = 0; + return 1; + } + intname = sk_STACK_OF_X509_NAME_ENTRY_new_null(); + if(!intname) + goto err; + for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) + { + entry = sk_X509_NAME_ENTRY_value(a->entries, i); + if(entry->set != set) + { + entries = sk_X509_NAME_ENTRY_new_null(); + if(!entries) + goto err; + if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) + goto err; + set = entry->set; + } + tmpentry = X509_NAME_ENTRY_new(); + tmpentry->object = OBJ_dup(entry->object); + if (!asn1_string_canon(tmpentry->value, entry->value)) + goto err; + if(!sk_X509_NAME_ENTRY_push(entries, tmpentry)) + goto err; + tmpentry = NULL; + } + + /* Finally generate encoding */ + + a->canon_enclen = i2d_name_canon(intname, NULL); + + p = OPENSSL_malloc(a->canon_enclen); + + if (!p) + goto err; + + a->canon_enc = p; + + i2d_name_canon(intname, &p); + + ret = 1; + + err: + + if (tmpentry) + X509_NAME_ENTRY_free(tmpentry); + if (intname) + sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname, + local_sk_X509_NAME_ENTRY_pop_free); + return ret; + } + +/* Bitmap of all the types of string that will be canonicalized. */ + +#define ASN1_MASK_CANON \ + (B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \ + | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \ + | B_ASN1_VISIBLESTRING) + + +static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in) + { + unsigned char *to, *from; + int len, i; + + /* If type not in bitmask just copy string across */ + if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) + { + out->type = in->type; + if (!ASN1_STRING_set(out, in->data, in->length)) + return 0; + return 1; + } + + out->type = V_ASN1_UTF8STRING; + out->length = ASN1_STRING_to_UTF8(&out->data, in); + if (out->length == -1) + return 0; + + to = out->data; + from = to; + + len = out->length; + + /* Convert string in place to canonical form. + * Ultimately we may need to handle a wider range of characters + * but for now ignore anything with MSB set and rely on the + * isspace() and tolower() functions. + */ + + /* Ignore leading spaces */ + while((len > 0) && !(*from & 0x80) && isspace(*from)) + { + from++; + len--; + } + + to = from + len - 1; + + /* Ignore trailing spaces */ + while ((len > 0) && !(*to & 0x80) && isspace(*to)) + { + to--; + len--; + } + + to = out->data; + + i = 0; + while(i < len) + { + /* If MSB set just copy across */ + if (*from & 0x80) + { + *to++ = *from++; + i++; + } + /* Collapse multiple spaces */ + else if (isspace(*from)) + { + /* Copy one space across */ + *to++ = ' '; + /* Ignore subsequent spaces. Note: don't need to + * check len here because we know the last + * character is a non-space so we can't overflow. + */ + do + { + from++; + i++; + } + while(!(*from & 0x80) && isspace(*from)); + } + else + { + *to++ = tolower(*from++); + i++; + } + } + + out->length = to - out->data; + + return 1; + + } + +static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname, + unsigned char **in) + { + int i, len, ltmp; + ASN1_VALUE *v; + STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname; + + len = 0; + for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) + { + v = sk_ASN1_VALUE_value(intname, i); + ltmp = ASN1_item_ex_i2d(&v, in, + ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1); + if (ltmp < 0) + return ltmp; + len += ltmp; + } + return len; + } int X509_NAME_set(X509_NAME **xn, X509_NAME *name) { diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c index 91c2756116..d42b6a2c54 100644 --- a/src/lib/libcrypto/asn1/x_pubkey.c +++ b/src/lib/libcrypto/asn1/x_pubkey.c @@ -60,6 +60,7 @@ #include "cryptlib.h" #include #include +#include "asn1_locl.h" #ifndef OPENSSL_NO_RSA #include #endif @@ -68,7 +69,8 @@ #endif /* Minor tweak to operation: free up EVP_PKEY */ -static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { if (operation == ASN1_OP_FREE_POST) { @@ -88,169 +90,42 @@ IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY) int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) { X509_PUBKEY *pk=NULL; - X509_ALGOR *a; - ASN1_OBJECT *o; - unsigned char *s,*p = NULL; - int i; if (x == NULL) return(0); - if ((pk=X509_PUBKEY_new()) == NULL) goto err; - a=pk->algor; + if ((pk=X509_PUBKEY_new()) == NULL) goto error; - /* set the algorithm id */ - if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err; - ASN1_OBJECT_free(a->algorithm); - a->algorithm=o; - - /* Set the parameter list */ - if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA)) + if (pkey->ameth) { - if ((a->parameter == NULL) || - (a->parameter->type != V_ASN1_NULL)) + if (pkey->ameth->pub_encode) { - ASN1_TYPE_free(a->parameter); - if (!(a->parameter=ASN1_TYPE_new())) + if (!pkey->ameth->pub_encode(pk, pkey)) { - X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); - goto err; + X509err(X509_F_X509_PUBKEY_SET, + X509_R_PUBLIC_KEY_ENCODE_ERROR); + goto error; } - a->parameter->type=V_ASN1_NULL; - } - } -#ifndef OPENSSL_NO_DSA - else if (pkey->type == EVP_PKEY_DSA) - { - unsigned char *pp; - DSA *dsa; - - dsa=pkey->pkey.dsa; - dsa->write_params=0; - ASN1_TYPE_free(a->parameter); - if ((i=i2d_DSAparams(dsa,NULL)) <= 0) - goto err; - if (!(p=(unsigned char *)OPENSSL_malloc(i))) - { - X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); - goto err; - } - pp=p; - i2d_DSAparams(dsa,&pp); - if (!(a->parameter=ASN1_TYPE_new())) - { - OPENSSL_free(p); - X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); - goto err; - } - a->parameter->type=V_ASN1_SEQUENCE; - if (!(a->parameter->value.sequence=ASN1_STRING_new())) - { - OPENSSL_free(p); - X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); - goto err; } - if (!ASN1_STRING_set(a->parameter->value.sequence,p,i)) + else { - OPENSSL_free(p); - X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); - goto err; + X509err(X509_F_X509_PUBKEY_SET, + X509_R_METHOD_NOT_SUPPORTED); + goto error; } - OPENSSL_free(p); } -#endif -#ifndef OPENSSL_NO_EC - else if (pkey->type == EVP_PKEY_EC) - { - int nid=0; - unsigned char *pp; - EC_KEY *ec_key; - const EC_GROUP *group; - - ec_key = pkey->pkey.ec; - ASN1_TYPE_free(a->parameter); - - if ((a->parameter = ASN1_TYPE_new()) == NULL) - { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB); - goto err; - } - - group = EC_KEY_get0_group(ec_key); - if (EC_GROUP_get_asn1_flag(group) - && (nid = EC_GROUP_get_curve_name(group))) - { - /* just set the OID */ - a->parameter->type = V_ASN1_OBJECT; - a->parameter->value.object = OBJ_nid2obj(nid); - } - else /* explicit parameters */ - { - if ((i = i2d_ECParameters(ec_key, NULL)) == 0) - { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB); - goto err; - } - if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) - { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE); - goto err; - } - pp = p; - if (!i2d_ECParameters(ec_key, &pp)) - { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB); - OPENSSL_free(p); - goto err; - } - a->parameter->type = V_ASN1_SEQUENCE; - if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL) - { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB); - OPENSSL_free(p); - goto err; - } - ASN1_STRING_set(a->parameter->value.sequence, p, i); - OPENSSL_free(p); - } - } -#endif - else if (1) + else { X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM); - goto err; + goto error; } - if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err; - if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) - { - X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); - goto err; - } - p=s; - i2d_PublicKey(pkey,&p); - if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) - { - X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); - goto err; - } - /* Set number of unused bits to zero */ - pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); - pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; - - OPENSSL_free(s); - -#if 0 - CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); - pk->pkey=pkey; -#endif - if (*x != NULL) X509_PUBKEY_free(*x); *x=pk; return 1; -err: +error: if (pk != NULL) X509_PUBKEY_free(pk); return 0; } @@ -258,119 +133,50 @@ err: EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) { EVP_PKEY *ret=NULL; - long j; - int type; - const unsigned char *p; -#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) - const unsigned char *cp; - X509_ALGOR *a; -#endif - if (key == NULL) goto err; + if (key == NULL) goto error; if (key->pkey != NULL) { CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); - return(key->pkey); + return key->pkey; } - if (key->public_key == NULL) goto err; + if (key->public_key == NULL) goto error; - type=OBJ_obj2nid(key->algor->algorithm); if ((ret = EVP_PKEY_new()) == NULL) { X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); - goto err; + goto error; } - ret->type = EVP_PKEY_type(type); - - /* the parameters must be extracted before the public key (ECDSA!) */ - -#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) - a=key->algor; -#endif - if (0) - ; -#ifndef OPENSSL_NO_DSA - else if (ret->type == EVP_PKEY_DSA) + if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) { - if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) - { - if ((ret->pkey.dsa = DSA_new()) == NULL) - { - X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); - goto err; - } - ret->pkey.dsa->write_params=0; - cp=p=a->parameter->value.sequence->data; - j=a->parameter->value.sequence->length; - if (!d2i_DSAparams(&ret->pkey.dsa, &cp, (long)j)) - goto err; - } - ret->save_parameters=1; + X509err(X509_F_X509_PUBKEY_GET,X509_R_UNSUPPORTED_ALGORITHM); + goto error; } -#endif -#ifndef OPENSSL_NO_EC - else if (ret->type == EVP_PKEY_EC) + + if (ret->ameth->pub_decode) { - if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) + if (!ret->ameth->pub_decode(ret, key)) { - /* type == V_ASN1_SEQUENCE => we have explicit parameters - * (e.g. parameters in the X9_62_EC_PARAMETERS-structure ) - */ - if ((ret->pkey.ec= EC_KEY_new()) == NULL) - { - X509err(X509_F_X509_PUBKEY_GET, - ERR_R_MALLOC_FAILURE); - goto err; - } - cp = p = a->parameter->value.sequence->data; - j = a->parameter->value.sequence->length; - if (!d2i_ECParameters(&ret->pkey.ec, &cp, (long)j)) - { - X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB); - goto err; - } - } - else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT)) - { - /* type == V_ASN1_OBJECT => the parameters are given - * by an asn1 OID - */ - EC_KEY *ec_key; - EC_GROUP *group; - - if (ret->pkey.ec == NULL) - ret->pkey.ec = EC_KEY_new(); - ec_key = ret->pkey.ec; - if (ec_key == NULL) - goto err; - group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); - if (group == NULL) - goto err; - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); - if (EC_KEY_set_group(ec_key, group) == 0) - goto err; - EC_GROUP_free(group); + X509err(X509_F_X509_PUBKEY_GET, + X509_R_PUBLIC_KEY_DECODE_ERROR); + goto error; } - /* the case implicitlyCA is currently not implemented */ - ret->save_parameters = 1; } -#endif - - p=key->public_key->data; - j=key->public_key->length; - if (!d2i_PublicKey(type, &ret, &p, (long)j)) + else { - X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB); - goto err; + X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED); + goto error; } key->pkey = ret; CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY); - return(ret); -err: + + return ret; + + error: if (ret != NULL) EVP_PKEY_free(ret); return(NULL); @@ -529,3 +335,39 @@ int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp) return(ret); } #endif + +int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, + int ptype, void *pval, + unsigned char *penc, int penclen) + { + if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval)) + return 0; + if (penc) + { + if (pub->public_key->data) + OPENSSL_free(pub->public_key->data); + pub->public_key->data = penc; + pub->public_key->length = penclen; + /* Set number of unused bits to zero */ + pub->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); + pub->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; + } + return 1; + } + +int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, + const unsigned char **pk, int *ppklen, + X509_ALGOR **pa, + X509_PUBKEY *pub) + { + if (ppkalg) + *ppkalg = pub->algor->algorithm; + if (pk) + { + *pk = pub->public_key->data; + *ppklen = pub->public_key->length; + } + if (pa) + *pa = pub->algor; + return 1; + } diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c index 59ca8ce329..d57555827c 100644 --- a/src/lib/libcrypto/asn1/x_req.c +++ b/src/lib/libcrypto/asn1/x_req.c @@ -79,7 +79,8 @@ * */ -static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval; diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c index e118696625..dafd3cc921 100644 --- a/src/lib/libcrypto/asn1/x_x509.c +++ b/src/lib/libcrypto/asn1/x_x509.c @@ -81,7 +81,8 @@ IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) extern void policy_cache_free(X509_POLICY_CACHE *cache); -static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { X509 *ret = (X509 *)*pval; @@ -99,6 +100,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) ret->rfc3779_asid = NULL; #endif ret->aux = NULL; + ret->crldp = NULL; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); break; @@ -112,7 +114,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) X509_CERT_AUX_free(ret->aux); ASN1_OCTET_STRING_free(ret->skid); AUTHORITY_KEYID_free(ret->akid); + CRL_DIST_POINTS_free(ret->crldp); policy_cache_free(ret->policy_cache); + GENERAL_NAMES_free(ret->altname); + NAME_CONSTRAINTS_free(ret->nc); #ifndef OPENSSL_NO_RFC3779 sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); ASIdentifiers_free(ret->rfc3779_asid); @@ -136,19 +141,6 @@ ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = { IMPLEMENT_ASN1_FUNCTIONS(X509) IMPLEMENT_ASN1_DUP_FUNCTION(X509) -static ASN1_METHOD meth= - { - (I2D_OF(void)) i2d_X509, - (D2I_OF(void)) d2i_X509, - (void *(*)(void))X509_new, - (void (*)(void *)) X509_free - }; - -ASN1_METHOD *X509_asn1_meth(void) - { - return(&meth); - } - int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) { diff --git a/src/lib/libcrypto/bf/Makefile.ssl b/src/lib/libcrypto/bf/Makefile.ssl deleted file mode 100644 index be3ad77a05..0000000000 --- a/src/lib/libcrypto/bf/Makefile.ssl +++ /dev/null @@ -1,115 +0,0 @@ -# -# SSLeay/crypto/blowfish/Makefile -# - -DIR= bf -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -BF_ENC= bf_enc.o -# or use -#DES_ENC= bx86-elf.o - -CFLAGS= $(INCLUDES) $(CFLAG) -ASFLAGS= $(INCLUDES) $(ASFLAG) - -GENERAL=Makefile -TEST=bftest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c -LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o - -SRC= $(LIBSRC) - -EXHEADER= blowfish.h -HEADER= bf_pi.h bf_locl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -# elf -asm/bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > bx86-elf.s) - -# a.out -asm/bx86-out.o: asm/bx86unix.cpp - $(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o - -# bsdi -asm/bx86bsdi.o: asm/bx86unix.cpp - $(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o - -asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: installs - -installs: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/bx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -bf_cfb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h -bf_cfb64.o: ../../include/openssl/opensslconf.h bf_cfb64.c bf_locl.h -bf_ecb.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h -bf_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bf_ecb.o: bf_ecb.c bf_locl.h -bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h -bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h -bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h -bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c -bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h -bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c diff --git a/src/lib/libcrypto/bf/asm/bf-586.pl b/src/lib/libcrypto/bf/asm/bf-586.pl index b5a4760d09..1f9b345aee 100644 --- a/src/lib/libcrypto/bf/asm/bf-586.pl +++ b/src/lib/libcrypto/bf/asm/bf-586.pl @@ -1,6 +1,7 @@ #!/usr/local/bin/perl -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; require "cbc.pl"; diff --git a/src/lib/libcrypto/bf/bf_skey.c b/src/lib/libcrypto/bf/bf_skey.c index 6ac2aeb279..3673cdee6e 100644 --- a/src/lib/libcrypto/bf/bf_skey.c +++ b/src/lib/libcrypto/bf/bf_skey.c @@ -59,15 +59,10 @@ #include #include #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - #include "bf_locl.h" #include "bf_pi.h" -FIPS_NON_FIPS_VCIPHER_Init(BF) +void BF_set_key(BF_KEY *key, int len, const unsigned char *data) { int i; BF_LONG *p,ri,in[2]; diff --git a/src/lib/libcrypto/bf/blowfish.h b/src/lib/libcrypto/bf/blowfish.h index d24ffccb65..b97e76f9a3 100644 --- a/src/lib/libcrypto/bf/blowfish.h +++ b/src/lib/libcrypto/bf/blowfish.h @@ -79,7 +79,7 @@ extern "C" { * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! */ -#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) +#if defined(__LP32__) #define BF_LONG unsigned long #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) #define BF_LONG unsigned long @@ -104,9 +104,7 @@ typedef struct bf_key_st BF_LONG S[4*256]; } BF_KEY; -#ifdef OPENSSL_FIPS -void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data); -#endif + void BF_set_key(BF_KEY *key, int len, const unsigned char *data); void BF_encrypt(BF_LONG *data,const BF_KEY *key); diff --git a/src/lib/libcrypto/bio/Makefile.ssl b/src/lib/libcrypto/bio/Makefile.ssl deleted file mode 100644 index d0b9e297b0..0000000000 --- a/src/lib/libcrypto/bio/Makefile.ssl +++ /dev/null @@ -1,216 +0,0 @@ -# -# SSLeay/crypto/bio/Makefile -# - -DIR= bio -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= bio_lib.c bio_cb.c bio_err.c \ - bss_mem.c bss_null.c bss_fd.c \ - bss_file.c bss_sock.c bss_conn.c \ - bf_null.c bf_buff.c b_print.c b_dump.c \ - b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c -# bf_lbuf.c -LIBOBJ= bio_lib.o bio_cb.o bio_err.o \ - bss_mem.o bss_null.o bss_fd.o \ - bss_file.o bss_sock.o bss_conn.o \ - bf_null.o bf_buff.o b_print.o b_dump.o \ - b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o -# bf_lbuf.o - -SRC= $(LIBSRC) - -EXHEADER= bio.h -HEADER= bss_file.c $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER); \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -b_dump.o: ../../e_os.h ../../include/openssl/bio.h -b_dump.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -b_dump.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -b_dump.o: ../cryptlib.h b_dump.c -b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -b_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -b_print.o: ../cryptlib.h b_print.c -b_sock.o: ../../e_os.h ../../include/openssl/bio.h -b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -b_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -b_sock.o: ../cryptlib.h b_sock.c -bf_buff.o: ../../e_os.h ../../include/openssl/bio.h -bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bf_buff.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bf_buff.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bf_buff.o: ../cryptlib.h bf_buff.c -bf_nbio.o: ../../e_os.h ../../include/openssl/bio.h -bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bf_nbio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bf_nbio.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bf_nbio.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bf_nbio.o: ../cryptlib.h bf_nbio.c -bf_null.o: ../../e_os.h ../../include/openssl/bio.h -bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bf_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bf_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bf_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bf_null.o: ../cryptlib.h bf_null.c -bio_cb.o: ../../e_os.h ../../include/openssl/bio.h -bio_cb.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bio_cb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_cb.o: ../cryptlib.h bio_cb.c -bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -bio_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bio_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_err.o: bio_err.c -bio_lib.o: ../../e_os.h ../../include/openssl/bio.h -bio_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bio_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_lib.o: ../cryptlib.h bio_lib.c -bss_acpt.o: ../../e_os.h ../../include/openssl/bio.h -bss_acpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_acpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_acpt.o: ../cryptlib.h bss_acpt.c -bss_bio.o: ../../e_os.h ../../include/openssl/bio.h -bss_bio.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bss_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bss_bio.o: ../../include/openssl/symhacks.h bss_bio.c -bss_conn.o: ../../e_os.h ../../include/openssl/bio.h -bss_conn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_conn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_conn.o: ../cryptlib.h bss_conn.c -bss_fd.o: ../../e_os.h ../../include/openssl/bio.h -bss_fd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_fd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_fd.o: ../cryptlib.h bss_fd.c -bss_file.o: ../../e_os.h ../../include/openssl/bio.h -bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_file.o: ../cryptlib.h bss_file.c -bss_log.o: ../../e_os.h ../../include/openssl/bio.h -bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_log.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_log.o: ../cryptlib.h bss_log.c -bss_mem.o: ../../e_os.h ../../include/openssl/bio.h -bss_mem.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_mem.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_mem.o: ../cryptlib.h bss_mem.c -bss_null.o: ../../e_os.h ../../include/openssl/bio.h -bss_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_null.o: ../cryptlib.h bss_null.c -bss_sock.o: ../../e_os.h ../../include/openssl/bio.h -bss_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_sock.o: ../cryptlib.h bss_sock.c diff --git a/src/lib/libcrypto/bio/b_print.c b/src/lib/libcrypto/bio/b_print.c index 2fffcfc025..143a7cfefa 100644 --- a/src/lib/libcrypto/bio/b_print.c +++ b/src/lib/libcrypto/bio/b_print.c @@ -115,8 +115,8 @@ #define LDOUBLE double #endif -#if HAVE_LONG_LONG -# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) +#ifdef HAVE_LONG_LONG +# if defined(_WIN32) && !defined(__GNUC__) # define LLONG __int64 # else # define LLONG long long @@ -808,7 +808,6 @@ int BIO_vprintf (BIO *bio, const char *format, va_list args) } /* As snprintf is not available everywhere, we provide our own implementation. - * In case of overflow or error, this returns -1. * This function has nothing to do with BIOs, but it's closely related * to BIO_printf, and we need *some* name prefix ... * (XXX the function should be renamed, but to what?) */ @@ -833,10 +832,10 @@ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) _dopr(&buf, NULL, &n, &retlen, &truncated, format, args); if (truncated) - /* In case of truncation, return -1 unlike traditional snprintf. + /* In case of truncation, return -1 like traditional snprintf. * (Current drafts for ISO/IEC 9899 say snprintf should return * the number of characters that would have been written, - * had the buffer been large enough, as it did historically.) */ + * had the buffer been large enough.) */ return -1; else return (retlen <= INT_MAX) ? (int)retlen : -1; diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c index ead477d8a2..12b0a53a81 100644 --- a/src/lib/libcrypto/bio/b_sock.c +++ b/src/lib/libcrypto/bio/b_sock.c @@ -72,11 +72,9 @@ NETDB_DEFINE_CONTEXT #ifndef OPENSSL_NO_SOCK -#ifdef OPENSSL_SYS_WIN16 -#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -#else +#include + #define SOCKET_PROTOCOL IPPROTO_TCP -#endif #ifdef SO_MAXCONN #define MAX_LISTEN SO_MAXCONN @@ -90,6 +88,17 @@ NETDB_DEFINE_CONTEXT static int wsa_init_done=0; #endif +/* + * WSAAPI specifier is required to make indirect calls to run-time + * linked WinSock 2 functions used in this module, to be specific + * [get|free]addrinfo and getnameinfo. This is because WinSock uses + * uses non-C calling convention, __stdcall vs. __cdecl, on x86 + * Windows. On non-WinSock platforms WSAAPI needs to be void. + */ +#ifndef WSAAPI +#define WSAAPI +#endif + #if 0 static unsigned long BIO_ghbn_hits=0L; static unsigned long BIO_ghbn_miss=0L; @@ -226,6 +235,10 @@ int BIO_sock_error(int sock) int j,i; int size; +#if defined(OPENSSL_SYS_BEOS_R5) + return 0; +#endif + size=sizeof(int); /* Note: under Windows the third parameter is of type (char *) * whereas under other systems it is (void *) if you don't have @@ -466,7 +479,12 @@ int BIO_sock_init(void) wsa_init_done=1; memset(&wsa_state,0,sizeof(wsa_state)); - if (WSAStartup(0x0101,&wsa_state)!=0) + /* Not making wsa_state available to the rest of the + * code is formally wrong. But the structures we use + * are [beleived to be] invariable among Winsock DLLs, + * while API availability is [expected to be] probed + * at run-time with DSO_global_lookup. */ + if (WSAStartup(0x0202,&wsa_state)!=0) { err=WSAGetLastError(); SYSerr(SYS_F_WSASTARTUP,err); @@ -510,8 +528,8 @@ void BIO_sock_cleanup(void) if (wsa_init_done) { wsa_init_done=0; -#ifndef OPENSSL_SYS_WINCE - WSACancelBlockingCall(); /* Winsock 1.1 specific */ +#if 0 /* this call is claimed to be non-present in Winsock2 */ + WSACancelBlockingCall(); #endif WSACleanup(); } @@ -581,12 +599,18 @@ static int get_ip(const char *str, unsigned char ip[4]) int BIO_get_accept_socket(char *host, int bind_mode) { int ret=0; - struct sockaddr_in server,client; - int s=INVALID_SOCKET,cs; + union { + struct sockaddr sa; + struct sockaddr_in sa_in; +#if OPENSSL_USE_IPV6 + struct sockaddr_in6 sa_in6; +#endif + } server,client; + int s=INVALID_SOCKET,cs,addrlen; unsigned char ip[4]; unsigned short port; char *str=NULL,*e; - const char *h,*p; + char *h,*p; unsigned long l; int err_num; @@ -600,8 +624,7 @@ int BIO_get_accept_socket(char *host, int bind_mode) { if (*e == ':') { - p= &(e[1]); - *e='\0'; + p=e; } else if (*e == '/') { @@ -609,21 +632,70 @@ int BIO_get_accept_socket(char *host, int bind_mode) break; } } - - if (p == NULL) + if (p) *p++='\0'; /* points at last ':', '::port' is special [see below] */ + else p=h,h=NULL; + +#ifdef EAI_FAMILY + do { + static union { void *p; + int (WSAAPI *f)(const char *,const char *, + const struct addrinfo *, + struct addrinfo **); + } p_getaddrinfo = {NULL}; + static union { void *p; + void (WSAAPI *f)(struct addrinfo *); + } p_freeaddrinfo = {NULL}; + struct addrinfo *res,hint; + + if (p_getaddrinfo.p==NULL) + { + if ((p_getaddrinfo.p=DSO_global_lookup("getaddrinfo"))==NULL || + (p_freeaddrinfo.p=DSO_global_lookup("freeaddrinfo"))==NULL) + p_getaddrinfo.p=(void*)-1; + } + if (p_getaddrinfo.p==(void *)-1) break; + + /* '::port' enforces IPv6 wildcard listener. Some OSes, + * e.g. Solaris, default to IPv6 without any hint. Also + * note that commonly IPv6 wildchard socket can service + * IPv4 connections just as well... */ + memset(&hint,0,sizeof(hint)); + if (h) { - p=h; - h="*"; + if (strchr(h,':')) + { + if (h[1]=='\0') h=NULL; +#if OPENSSL_USE_IPV6 + hint.ai_family = AF_INET6; +#else + h=NULL; +#endif + } + else if (h[0]=='*' && h[1]=='\0') + h=NULL; } + if ((*p_getaddrinfo.f)(h,p,&hint,&res)) break; + + addrlen = res->ai_addrlen<=sizeof(server) ? + res->ai_addrlen : + sizeof(server); + memcpy(&server, res->ai_addr, addrlen); + + (*p_freeaddrinfo.f)(res); + goto again; + } while (0); +#endif + if (!BIO_get_port(p,&port)) goto err; memset((char *)&server,0,sizeof(server)); - server.sin_family=AF_INET; - server.sin_port=htons(port); + server.sa_in.sin_family=AF_INET; + server.sa_in.sin_port=htons(port); + addrlen = sizeof(server.sa_in); - if (strcmp(h,"*") == 0) - server.sin_addr.s_addr=INADDR_ANY; + if (h == NULL || strcmp(h,"*") == 0) + server.sa_in.sin_addr.s_addr=INADDR_ANY; else { if (!BIO_get_host_ip(h,&(ip[0]))) goto err; @@ -632,11 +704,11 @@ int BIO_get_accept_socket(char *host, int bind_mode) ((unsigned long)ip[1]<<16L)| ((unsigned long)ip[2]<< 8L)| ((unsigned long)ip[3]); - server.sin_addr.s_addr=htonl(l); + server.sa_in.sin_addr.s_addr=htonl(l); } again: - s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + s=socket(server.sa.sa_family,SOCK_STREAM,SOCKET_PROTOCOL); if (s == INVALID_SOCKET) { SYSerr(SYS_F_SOCKET,get_last_socket_error()); @@ -654,22 +726,42 @@ again: bind_mode=BIO_BIND_NORMAL; } #endif - if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) + if (bind(s,&server.sa,addrlen) == -1) { #ifdef SO_REUSEADDR err_num=get_last_socket_error(); if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) && +#ifdef OPENSSL_SYS_WINDOWS + /* Some versions of Windows define EADDRINUSE to + * a dummy value. + */ + (err_num == WSAEADDRINUSE)) +#else (err_num == EADDRINUSE)) +#endif { - memcpy((char *)&client,(char *)&server,sizeof(server)); - if (strcmp(h,"*") == 0) - client.sin_addr.s_addr=htonl(0x7F000001); - cs=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + client = server; + if (h == NULL || strcmp(h,"*") == 0) + { +#if OPENSSL_USE_IPV6 + if (client.sa.sa_family == AF_INET6) + { + memset(&client.sa_in6.sin6_addr,0,sizeof(client.sa_in6.sin6_addr)); + client.sa_in6.sin6_addr.s6_addr[15]=1; + } + else +#endif + if (client.sa.sa_family == AF_INET) + { + client.sa_in.sin_addr.s_addr=htonl(0x7F000001); + } + else goto err; + } + cs=socket(client.sa.sa_family,SOCK_STREAM,SOCKET_PROTOCOL); if (cs != INVALID_SOCKET) { int ii; - ii=connect(cs,(struct sockaddr *)&client, - sizeof(client)); + ii=connect(cs,&client.sa,addrlen); closesocket(cs); if (ii == INVALID_SOCKET) { @@ -708,20 +800,52 @@ err: int BIO_accept(int sock, char **addr) { int ret=INVALID_SOCKET; - static struct sockaddr_in from; unsigned long l; unsigned short port; - int len; char *p; - memset((char *)&from,0,sizeof(from)); - len=sizeof(from); - /* Note: under VMS with SOCKETSHR the fourth parameter is currently - * of type (int *) whereas under other systems it is (void *) if - * you don't have a cast it will choke the compiler: if you do - * have a cast then you can either go for (int *) or (void *). + struct { + /* + * As for following union. Trouble is that there are platforms + * that have socklen_t and there are platforms that don't, on + * some platforms socklen_t is int and on some size_t. So what + * one can do? One can cook #ifdef spaghetti, which is nothing + * but masochistic. Or one can do union between int and size_t. + * One naturally does it primarily for 64-bit platforms where + * sizeof(int) != sizeof(size_t). But would it work? Note that + * if size_t member is initialized to 0, then later int member + * assignment naturally does the job on little-endian platforms + * regardless accept's expectations! What about big-endians? + * If accept expects int*, then it works, and if size_t*, then + * length value would appear as unreasonably large. But this + * won't prevent it from filling in the address structure. The + * trouble of course would be if accept returns more data than + * actual buffer can accomodate and overwrite stack... That's + * where early OPENSSL_assert comes into picture. Besides, the + * only 64-bit big-endian platform found so far that expects + * size_t* is HP-UX, where stack grows towards higher address. + * */ - ret=accept(sock,(struct sockaddr *)&from,(void *)&len); + union { size_t s; int i; } len; + union { + struct sockaddr sa; + struct sockaddr_in sa_in; +#if OPENSSL_USE_IPV6 + struct sockaddr_in6 sa_in6; +#endif + } from; + } sa; + + sa.len.s=0; + sa.len.i=sizeof(sa.from); + memset(&sa.from,0,sizeof(sa.from)); + ret=accept(sock,&sa.from.sa,(void *)&sa.len); + if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0) + { + OPENSSL_assert(sa.len.s<=sizeof(sa.from)); + sa.len.i = (int)sa.len.s; + /* use sa.len.i from this point */ + } if (ret == INVALID_SOCKET) { if(BIO_sock_should_retry(ret)) return -2; @@ -732,8 +856,46 @@ int BIO_accept(int sock, char **addr) if (addr == NULL) goto end; - l=ntohl(from.sin_addr.s_addr); - port=ntohs(from.sin_port); +#ifdef EAI_FAMILY + do { + char h[NI_MAXHOST],s[NI_MAXSERV]; + size_t nl; + static union { void *p; + int (WSAAPI *f)(const struct sockaddr *,size_t/*socklen_t*/, + char *,size_t,char *,size_t,int); + } p_getnameinfo = {NULL}; + /* 2nd argument to getnameinfo is specified to + * be socklen_t. Unfortunately there is a number + * of environments where socklen_t is not defined. + * As it's passed by value, it's safe to pass it + * as size_t... */ + + if (p_getnameinfo.p==NULL) + { + if ((p_getnameinfo.p=DSO_global_lookup("getnameinfo"))==NULL) + p_getnameinfo.p=(void*)-1; + } + if (p_getnameinfo.p==(void *)-1) break; + + if ((*p_getnameinfo.f)(&sa.from.sa,sa.len.i,h,sizeof(h),s,sizeof(s), + NI_NUMERICHOST|NI_NUMERICSERV)) break; + nl = strlen(h)+strlen(s)+2; + p = *addr; + if (p) { *p = '\0'; p = OPENSSL_realloc(p,nl); } + else { p = OPENSSL_malloc(nl); } + if (p==NULL) + { + BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE); + goto end; + } + *addr = p; + BIO_snprintf(*addr,nl,"%s:%s",h,s); + goto end; + } while(0); +#endif + if (sa.from.sa.sa_family != AF_INET) goto end; + l=ntohl(sa.from.sa_in.sin_addr.s_addr); + port=ntohs(sa.from.sa_in.sin_port); if (*addr == NULL) { if ((p=OPENSSL_malloc(24)) == NULL) diff --git a/src/lib/libcrypto/bio/bio.h b/src/lib/libcrypto/bio/bio.h index cecb6a7207..152802fbdf 100644 --- a/src/lib/libcrypto/bio/bio.h +++ b/src/lib/libcrypto/bio/bio.h @@ -95,6 +95,7 @@ extern "C" { #define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */ #define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */ #define BIO_TYPE_DGRAM (21|0x0400|0x0100) +#define BIO_TYPE_ASN1 (22|0x0200) /* filter */ #define BIO_TYPE_COMP (23|0x0200) /* filter */ #define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */ @@ -156,8 +157,11 @@ extern "C" { * previous write * operation */ +#define BIO_CTRL_DGRAM_GET_PEER 46 #define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */ +#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45 /* Next DTLS handshake timeout to + * adjust socket timeouts */ /* modifiers */ #define BIO_FP_READ 0x02 @@ -262,7 +266,6 @@ int BIO_method_type(const BIO *b); typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long); -#ifndef OPENSSL_SYS_WIN16 typedef struct bio_method_st { int type; @@ -276,21 +279,6 @@ typedef struct bio_method_st int (*destroy)(BIO *); long (*callback_ctrl)(BIO *, int, bio_info_cb *); } BIO_METHOD; -#else -typedef struct bio_method_st - { - int type; - const char *name; - int (_far *bwrite)(); - int (_far *bread)(); - int (_far *bputs)(); - int (_far *bgets)(); - long (_far *ctrl)(); - int (_far *create)(); - int (_far *destroy)(); - long (_far *callback_ctrl)(); - } BIO_METHOD; -#endif struct bio_st { @@ -331,6 +319,9 @@ typedef struct bio_f_buffer_ctx_struct int obuf_off; /* write/read offset */ } BIO_F_BUFFER_CTX; +/* Prefix and suffix callback in ASN1 BIO */ +typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg); + /* connect BIO stuff */ #define BIO_CONN_S_BEFORE 1 #define BIO_CONN_S_GET_IP 2 @@ -393,6 +384,13 @@ typedef struct bio_f_buffer_ctx_struct #define BIO_C_RESET_READ_REQUEST 147 #define BIO_C_SET_MD_CTX 148 +#define BIO_C_SET_PREFIX 149 +#define BIO_C_GET_PREFIX 150 +#define BIO_C_SET_SUFFIX 151 +#define BIO_C_GET_SUFFIX 152 + +#define BIO_C_SET_EX_ARG 153 +#define BIO_C_GET_EX_ARG 154 #define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg) #define BIO_get_app_data(s) BIO_get_ex_data(s,0) @@ -405,7 +403,7 @@ typedef struct bio_f_buffer_ctx_struct #define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0) #define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1) #define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2) -#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3) +#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0) #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) @@ -414,7 +412,7 @@ typedef struct bio_f_buffer_ctx_struct #define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name) #define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0) /* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */ -#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL) +#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL) #define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio) #define BIO_BIND_NORMAL 0 @@ -541,6 +539,8 @@ int BIO_ctrl_reset_read_request(BIO *b); (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL) #define BIO_dgram_send_timedout(b) \ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL) +#define BIO_dgram_get_peer(b,peer) \ + (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer) #define BIO_dgram_set_peer(b,peer) \ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer) @@ -554,22 +554,21 @@ int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, unsigned long BIO_number_read(BIO *bio); unsigned long BIO_number_written(BIO *bio); +/* For BIO_f_asn1() */ +int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, + asn1_ps_func *prefix_free); +int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix, + asn1_ps_func **pprefix_free); +int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, + asn1_ps_func *suffix_free); +int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, + asn1_ps_func **psuffix_free); + # ifndef OPENSSL_NO_FP_API -# if defined(OPENSSL_SYS_WIN16) && defined(_WINDLL) -BIO_METHOD *BIO_s_file_internal(void); -BIO *BIO_new_file_internal(char *filename, char *mode); -BIO *BIO_new_fp_internal(FILE *stream, int close_flag); -# define BIO_s_file BIO_s_file_internal -# define BIO_new_file BIO_new_file_internal -# define BIO_new_fp BIO_new_fp_internal -# else /* FP_API */ BIO_METHOD *BIO_s_file(void ); BIO *BIO_new_file(const char *filename, const char *mode); BIO *BIO_new_fp(FILE *stream, int close_flag); -# define BIO_s_file_internal BIO_s_file -# define BIO_new_file_internal BIO_new_file -# define BIO_new_fp_internal BIO_s_file -# endif /* FP_API */ +# define BIO_s_file_internal BIO_s_file # endif BIO * BIO_new(BIO_METHOD *type); int BIO_set(BIO *a,BIO_METHOD *type); @@ -598,13 +597,8 @@ int BIO_nread(BIO *bio, char **buf, int num); int BIO_nwrite0(BIO *bio, char **buf); int BIO_nwrite(BIO *bio, char **buf, int num); -#ifndef OPENSSL_SYS_WIN16 long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi, long argl,long ret); -#else -long _far _loadds BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi, - long argl,long ret); -#endif BIO_METHOD *BIO_s_mem(void); BIO *BIO_new_mem_buf(void *buf, int len); diff --git a/src/lib/libcrypto/bio/bio_cb.c b/src/lib/libcrypto/bio/bio_cb.c index 6f4254a114..9bcbc321d9 100644 --- a/src/lib/libcrypto/bio/bio_cb.c +++ b/src/lib/libcrypto/bio/bio_cb.c @@ -85,28 +85,32 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp, break; case BIO_CB_READ: if (bio->method->type & BIO_TYPE_DESCRIPTOR) - BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s fd=%d\n", - bio->num,argi,bio->method->name,bio->num); + BIO_snprintf(p,p_maxlen,"read(%d,%lu) - %s fd=%d\n", + bio->num,(unsigned long)argi, + bio->method->name,bio->num); else - BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s\n", - bio->num,argi,bio->method->name); + BIO_snprintf(p,p_maxlen,"read(%d,%lu) - %s\n", + bio->num,(unsigned long)argi, + bio->method->name); break; case BIO_CB_WRITE: if (bio->method->type & BIO_TYPE_DESCRIPTOR) - BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s fd=%d\n", - bio->num,argi,bio->method->name,bio->num); + BIO_snprintf(p,p_maxlen,"write(%d,%lu) - %s fd=%d\n", + bio->num,(unsigned long)argi, + bio->method->name,bio->num); else - BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s\n", - bio->num,argi,bio->method->name); + BIO_snprintf(p,p_maxlen,"write(%d,%lu) - %s\n", + bio->num,(unsigned long)argi, + bio->method->name); break; case BIO_CB_PUTS: BIO_snprintf(p,p_maxlen,"puts() - %s\n",bio->method->name); break; case BIO_CB_GETS: - BIO_snprintf(p,p_maxlen,"gets(%d) - %s\n",argi,bio->method->name); + BIO_snprintf(p,p_maxlen,"gets(%lu) - %s\n",(unsigned long)argi,bio->method->name); break; case BIO_CB_CTRL: - BIO_snprintf(p,p_maxlen,"ctrl(%d) - %s\n",argi,bio->method->name); + BIO_snprintf(p,p_maxlen,"ctrl(%lu) - %s\n",(unsigned long)argi,bio->method->name); break; case BIO_CB_RETURN|BIO_CB_READ: BIO_snprintf(p,p_maxlen,"read return %ld\n",ret); diff --git a/src/lib/libcrypto/bio/bio_err.c b/src/lib/libcrypto/bio/bio_err.c index 6603f1c74d..a224edd5a0 100644 --- a/src/lib/libcrypto/bio/bio_err.c +++ b/src/lib/libcrypto/bio/bio_err.c @@ -1,6 +1,6 @@ /* crypto/bio/bio_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/src/lib/libcrypto/bio/bio_lib.c b/src/lib/libcrypto/bio/bio_lib.c index 3f52ae953c..77f4de9c32 100644 --- a/src/lib/libcrypto/bio/bio_lib.c +++ b/src/lib/libcrypto/bio/bio_lib.c @@ -429,7 +429,7 @@ BIO *BIO_push(BIO *b, BIO *bio) if (bio != NULL) bio->prev_bio=lb; /* called to do internal processing */ - BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL); + BIO_ctrl(b,BIO_CTRL_PUSH,0,lb); return(b); } @@ -441,7 +441,7 @@ BIO *BIO_pop(BIO *b) if (b == NULL) return(NULL); ret=b->next_bio; - BIO_ctrl(b,BIO_CTRL_POP,0,NULL); + BIO_ctrl(b,BIO_CTRL_POP,0,b); if (b->prev_bio != NULL) b->prev_bio->next_bio=b->next_bio; diff --git a/src/lib/libcrypto/bio/bss_acpt.c b/src/lib/libcrypto/bio/bss_acpt.c index d090b7272f..826f761143 100644 --- a/src/lib/libcrypto/bio/bss_acpt.c +++ b/src/lib/libcrypto/bio/bss_acpt.c @@ -100,8 +100,8 @@ static int acpt_new(BIO *h); static int acpt_free(BIO *data); static int acpt_state(BIO *b, BIO_ACCEPT *c); static void acpt_close_socket(BIO *data); -BIO_ACCEPT *BIO_ACCEPT_new(void ); -void BIO_ACCEPT_free(BIO_ACCEPT *a); +static BIO_ACCEPT *BIO_ACCEPT_new(void ); +static void BIO_ACCEPT_free(BIO_ACCEPT *a); #define ACPT_S_BEFORE 1 #define ACPT_S_GET_ACCEPT_SOCKET 2 @@ -141,7 +141,7 @@ static int acpt_new(BIO *bi) return(1); } -BIO_ACCEPT *BIO_ACCEPT_new(void) +static BIO_ACCEPT *BIO_ACCEPT_new(void) { BIO_ACCEPT *ret; @@ -154,7 +154,7 @@ BIO_ACCEPT *BIO_ACCEPT_new(void) return(ret); } -void BIO_ACCEPT_free(BIO_ACCEPT *a) +static void BIO_ACCEPT_free(BIO_ACCEPT *a) { if(a == NULL) return; diff --git a/src/lib/libcrypto/bio/bss_dgram.c b/src/lib/libcrypto/bio/bss_dgram.c index c3da6dc82f..eb7e365467 100644 --- a/src/lib/libcrypto/bio/bss_dgram.c +++ b/src/lib/libcrypto/bio/bss_dgram.c @@ -66,7 +66,13 @@ #include +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) +#include +#endif + +#ifdef OPENSSL_SYS_LINUX #define IP_MTU 14 /* linux is lame */ +#endif #ifdef WATT32 #define sock_write SockWrite /* Watt-32 uses same names */ @@ -84,6 +90,8 @@ static int dgram_clear(BIO *bio); static int BIO_dgram_should_retry(int s); +static void get_current_time(struct timeval *t); + static BIO_METHOD methods_dgramp= { BIO_TYPE_DGRAM, @@ -100,10 +108,18 @@ static BIO_METHOD methods_dgramp= typedef struct bio_dgram_data_st { - struct sockaddr peer; + union { + struct sockaddr sa; + struct sockaddr_in sa_in; +#if OPENSSL_USE_IPV6 + struct sockaddr_in6 sa_in6; +#endif + } peer; unsigned int connected; unsigned int _errno; unsigned int mtu; + struct timeval next_timeout; + struct timeval socket_timeout; } bio_dgram_data; BIO_METHOD *BIO_s_datagram(void) @@ -165,31 +181,140 @@ static int dgram_clear(BIO *a) } return(1); } - + +static void dgram_adjust_rcv_timeout(BIO *b) + { +#if defined(SO_RCVTIMEO) + bio_dgram_data *data = (bio_dgram_data *)b->ptr; + int sz = sizeof(int); + + /* Is a timer active? */ + if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) + { + struct timeval timenow, timeleft; + + /* Read current socket timeout */ +#ifdef OPENSSL_SYS_WINDOWS + int timeout; + if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, + (void*)&timeout, &sz) < 0) + { perror("getsockopt"); } + else + { + data->socket_timeout.tv_sec = timeout / 1000; + data->socket_timeout.tv_usec = (timeout % 1000) * 1000; + } +#else + if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, + &(data->socket_timeout), (void *)&sz) < 0) + { perror("getsockopt"); } +#endif + + /* Get current time */ + get_current_time(&timenow); + + /* Calculate time left until timer expires */ + memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval)); + timeleft.tv_sec -= timenow.tv_sec; + timeleft.tv_usec -= timenow.tv_usec; + if (timeleft.tv_usec < 0) + { + timeleft.tv_sec--; + timeleft.tv_usec += 1000000; + } + + if (timeleft.tv_sec < 0) + { + timeleft.tv_sec = 0; + timeleft.tv_usec = 1; + } + + /* Adjust socket timeout if next handhake message timer + * will expire earlier. + */ + if ((data->socket_timeout.tv_sec == 0 && data->socket_timeout.tv_usec == 0) || + (data->socket_timeout.tv_sec > timeleft.tv_sec) || + (data->socket_timeout.tv_sec == timeleft.tv_sec && + data->socket_timeout.tv_usec >= timeleft.tv_usec)) + { +#ifdef OPENSSL_SYS_WINDOWS + timeout = timeleft.tv_sec * 1000 + timeleft.tv_usec / 1000; + if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, + (void*)&timeout, sizeof(timeout)) < 0) + { perror("setsockopt"); } +#else + if ( setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &timeleft, + sizeof(struct timeval)) < 0) + { perror("setsockopt"); } +#endif + } + } +#endif + } + +static void dgram_reset_rcv_timeout(BIO *b) + { +#if defined(SO_RCVTIMEO) + bio_dgram_data *data = (bio_dgram_data *)b->ptr; + + /* Is a timer active? */ + if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) + { +#ifdef OPENSSL_SYS_WINDOWS + int timeout = data->socket_timeout.tv_sec * 1000 + + data->socket_timeout.tv_usec / 1000; + if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, + (void*)&timeout, sizeof(timeout)) < 0) + { perror("setsockopt"); } +#else + if ( setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &(data->socket_timeout), + sizeof(struct timeval)) < 0) + { perror("setsockopt"); } +#endif + } +#endif + } + static int dgram_read(BIO *b, char *out, int outl) { int ret=0; bio_dgram_data *data = (bio_dgram_data *)b->ptr; - struct sockaddr peer; - int peerlen = sizeof(peer); + struct { + /* + * See commentary in b_sock.c. + */ + union { size_t s; int i; } len; + union { + struct sockaddr sa; + struct sockaddr_in sa_in; +#if OPENSSL_USE_IPV6 + struct sockaddr_in6 sa_in6; +#endif + } peer; + } sa; + + sa.len.s=0; + sa.len.i=sizeof(sa.peer); if (out != NULL) { clear_socket_error(); - memset(&peer, 0x00, peerlen); - /* Last arg in recvfrom is signed on some platforms and - * unsigned on others. It is of type socklen_t on some - * but this is not universal. Cast to (void *) to avoid - * compiler warnings. - */ - ret=recvfrom(b->num,out,outl,0,&peer,(void *)&peerlen); + memset(&sa.peer, 0x00, sizeof(sa.peer)); + dgram_adjust_rcv_timeout(b); + ret=recvfrom(b->num,out,outl,0,&sa.peer.sa,(void *)&sa.len); + if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0) + { + OPENSSL_assert(sa.len.s<=sizeof(sa.peer)); + sa.len.i = (int)sa.len.s; + } + dgram_reset_rcv_timeout(b); - if ( ! data->connected && ret > 0) - BIO_ctrl(b, BIO_CTRL_DGRAM_CONNECT, 0, &peer); + if ( ! data->connected && ret >= 0) + BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer); BIO_clear_retry_flags(b); - if (ret <= 0) + if (ret < 0) { if (BIO_dgram_should_retry(ret)) { @@ -207,19 +332,29 @@ static int dgram_write(BIO *b, const char *in, int inl) bio_dgram_data *data = (bio_dgram_data *)b->ptr; clear_socket_error(); - if ( data->connected ) - ret=writesocket(b->num,in,inl); - else + if ( data->connected ) + ret=writesocket(b->num,in,inl); + else + { + int peerlen = sizeof(data->peer); + + if (data->peer.sa.sa_family == AF_INET) + peerlen = sizeof(data->peer.sa_in); +#if OPENSSL_USE_IVP6 + else if (data->peer.sa.sa_family == AF_INET6) + peerlen = sizeof(data->peer.sa_in6); +#endif #if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK) - ret=sendto(b->num, (char *)in, inl, 0, &data->peer, sizeof(data->peer)); + ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen); #else - ret=sendto(b->num, in, inl, 0, &data->peer, sizeof(data->peer)); + ret=sendto(b->num, in, inl, 0, &data->peer.sa, peerlen); #endif + } BIO_clear_retry_flags(b); if (ret <= 0) { - if (BIO_sock_should_retry(ret)) + if (BIO_dgram_should_retry(ret)) { BIO_set_retry_write(b); data->_errno = get_last_socket_error(); @@ -240,8 +375,20 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) int *ip; struct sockaddr *to = NULL; bio_dgram_data *data = NULL; +#if defined(IP_MTU_DISCOVER) || defined(IP_MTU) long sockopt_val = 0; unsigned int sockopt_len = 0; +#endif +#ifdef OPENSSL_SYS_LINUX + socklen_t addr_len; + union { + struct sockaddr sa; + struct sockaddr_in s4; +#if OPENSSL_USE_IPV6 + struct sockaddr_in6 s6; +#endif + } addr; +#endif data = (bio_dgram_data *)b->ptr; @@ -294,30 +441,110 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) else { #endif - memcpy(&(data->peer),to, sizeof(struct sockaddr)); + switch (to->sa_family) + { + case AF_INET: + memcpy(&data->peer,to,sizeof(data->peer.sa_in)); + break; +#if OPENSSL_USE_IPV6 + case AF_INET6: + memcpy(&data->peer,to,sizeof(data->peer.sa_in6)); + break; +#endif + default: + memcpy(&data->peer,to,sizeof(data->peer.sa)); + break; + } #if 0 } #endif break; /* (Linux)kernel sets DF bit on outgoing IP packets */ -#ifdef IP_MTU_DISCOVER case BIO_CTRL_DGRAM_MTU_DISCOVER: - sockopt_val = IP_PMTUDISC_DO; - if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER, - &sockopt_val, sizeof(sockopt_val))) < 0) - perror("setsockopt"); +#ifdef OPENSSL_SYS_LINUX + addr_len = (socklen_t)sizeof(addr); + memset((void *)&addr, 0, sizeof(addr)); + if (getsockname(b->num, &addr.sa, &addr_len) < 0) + { + ret = 0; + break; + } + sockopt_len = sizeof(sockopt_val); + switch (addr.sa.sa_family) + { + case AF_INET: + sockopt_val = IP_PMTUDISC_DO; + if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER, + &sockopt_val, sizeof(sockopt_val))) < 0) + perror("setsockopt"); + break; +#if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) + case AF_INET6: + sockopt_val = IPV6_PMTUDISC_DO; + if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER, + &sockopt_val, sizeof(sockopt_val))) < 0) + perror("setsockopt"); + break; +#endif + default: + ret = -1; + break; + } + ret = -1; +#else break; #endif case BIO_CTRL_DGRAM_QUERY_MTU: - sockopt_len = sizeof(sockopt_val); - if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val, - &sockopt_len)) < 0 || sockopt_val < 0) - { ret = 0; } - else +#ifdef OPENSSL_SYS_LINUX + addr_len = (socklen_t)sizeof(addr); + memset((void *)&addr, 0, sizeof(addr)); + if (getsockname(b->num, &addr.sa, &addr_len) < 0) + { + ret = 0; + break; + } + sockopt_len = sizeof(sockopt_val); + switch (addr.sa.sa_family) { - data->mtu = sockopt_val; - ret = data->mtu; + case AF_INET: + if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val, + &sockopt_len)) < 0 || sockopt_val < 0) + { + ret = 0; + } + else + { + /* we assume that the transport protocol is UDP and no + * IP options are used. + */ + data->mtu = sockopt_val - 8 - 20; + ret = data->mtu; + } + break; +#if OPENSSL_USE_IPV6 && defined(IPV6_MTU) + case AF_INET6: + if ((ret = getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU, (void *)&sockopt_val, + &sockopt_len)) < 0 || sockopt_val < 0) + { + ret = 0; + } + else + { + /* we assume that the transport protocol is UDP and no + * IPV6 options are used. + */ + data->mtu = sockopt_val - 8 - 40; + ret = data->mtu; + } + break; +#endif + default: + ret = 0; + break; } +#else + ret = 0; +#endif break; case BIO_CTRL_DGRAM_GET_MTU: return data->mtu; @@ -332,19 +559,66 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) if ( to != NULL) { data->connected = 1; - memcpy(&(data->peer),to, sizeof(struct sockaddr)); + switch (to->sa_family) + { + case AF_INET: + memcpy(&data->peer,to,sizeof(data->peer.sa_in)); + break; +#if OPENSSL_USE_IPV6 + case AF_INET6: + memcpy(&data->peer,to,sizeof(data->peer.sa_in6)); + break; +#endif + default: + memcpy(&data->peer,to,sizeof(data->peer.sa)); + break; + } } else { data->connected = 0; - memset(&(data->peer), 0x00, sizeof(struct sockaddr)); + memset(&(data->peer), 0x00, sizeof(data->peer)); } break; - case BIO_CTRL_DGRAM_SET_PEER: - to = (struct sockaddr *) ptr; - - memcpy(&(data->peer), to, sizeof(struct sockaddr)); - break; + case BIO_CTRL_DGRAM_GET_PEER: + switch (data->peer.sa.sa_family) + { + case AF_INET: + ret=sizeof(data->peer.sa_in); + break; +#if OPENSSL_USE_IPV6 + case AF_INET6: + ret=sizeof(data->peer.sa_in6); + break; +#endif + default: + ret=sizeof(data->peer.sa); + break; + } + if (num==0 || num>ret) + num=ret; + memcpy(ptr,&data->peer,(ret=num)); + break; + case BIO_CTRL_DGRAM_SET_PEER: + to = (struct sockaddr *) ptr; + switch (to->sa_family) + { + case AF_INET: + memcpy(&data->peer,to,sizeof(data->peer.sa_in)); + break; +#if OPENSSL_USE_IPV6 + case AF_INET6: + memcpy(&data->peer,to,sizeof(data->peer.sa_in6)); + break; +#endif + default: + memcpy(&data->peer,to,sizeof(data->peer.sa)); + break; + } + break; + case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT: + memcpy(&(data->next_timeout), ptr, sizeof(struct timeval)); + break; #if defined(SO_RCVTIMEO) case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT: #ifdef OPENSSL_SYS_WINDOWS @@ -507,10 +781,6 @@ int BIO_dgram_non_fatal_error(int err) # endif #endif -#if defined(ENOTCONN) - case ENOTCONN: -#endif - #ifdef EINTR case EINTR: #endif @@ -533,11 +803,6 @@ int BIO_dgram_non_fatal_error(int err) case EALREADY: #endif -/* DF bit set, and packet larger than MTU */ -#ifdef EMSGSIZE - case EMSGSIZE: -#endif - return(1); /* break; */ default: @@ -546,3 +811,20 @@ int BIO_dgram_non_fatal_error(int err) return(0); } #endif + +static void get_current_time(struct timeval *t) + { +#ifdef OPENSSL_SYS_WIN32 + struct _timeb tb; + _ftime(&tb); + t->tv_sec = (long)tb.time; + t->tv_usec = (long)tb.millitm * 1000; +#elif defined(OPENSSL_SYS_VMS) + struct timeb tb; + ftime(&tb); + t->tv_sec = (long)tb.time; + t->tv_usec = (long)tb.millitm * 1000; +#else + gettimeofday(t, NULL); +#endif + } diff --git a/src/lib/libcrypto/bio/bss_fd.c b/src/lib/libcrypto/bio/bss_fd.c index 4c229bf641..d1bf85aae1 100644 --- a/src/lib/libcrypto/bio/bss_fd.c +++ b/src/lib/libcrypto/bio/bss_fd.c @@ -60,6 +60,13 @@ #include #define USE_SOCKETS #include "cryptlib.h" + +#if defined(OPENSSL_NO_POSIX_IO) +/* + * One can argue that one should implement dummy placeholder for + * BIO_s_fd here... + */ +#else /* * As for unconditional usage of "UPLINK" interface in this module. * Trouble is that unlike Unix file descriptors [which are indexes @@ -77,6 +84,7 @@ static int fd_write(BIO *h, const char *buf, int num); static int fd_read(BIO *h, char *buf, int size); static int fd_puts(BIO *h, const char *str); +static int fd_gets(BIO *h, char *buf, int size); static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2); static int fd_new(BIO *h); static int fd_free(BIO *data); @@ -88,7 +96,7 @@ static BIO_METHOD methods_fdp= fd_write, fd_read, fd_puts, - NULL, /* fd_gets, */ + fd_gets, fd_ctrl, fd_new, fd_free, @@ -227,6 +235,22 @@ static int fd_puts(BIO *bp, const char *str) return(ret); } +static int fd_gets(BIO *bp, char *buf, int size) + { + int ret=0; + char *ptr=buf; + char *end=buf+size-1; + + while ( (ptr < end) && (fd_read(bp, ptr, 1) > 0) && (ptr[0] != '\n') ) + ptr++; + + ptr[0]='\0'; + + if (buf[0] != '\0') + ret=strlen(buf); + return(ret); + } + int BIO_fd_should_retry(int i) { int err; @@ -292,3 +316,4 @@ int BIO_fd_non_fatal_error(int err) } return(0); } +#endif diff --git a/src/lib/libcrypto/bio/bss_file.c b/src/lib/libcrypto/bio/bss_file.c index e692a08e58..8bfa0bcd97 100644 --- a/src/lib/libcrypto/bio/bss_file.c +++ b/src/lib/libcrypto/bio/bss_file.c @@ -118,10 +118,47 @@ static BIO_METHOD methods_filep= BIO *BIO_new_file(const char *filename, const char *mode) { - BIO *ret; - FILE *file; + BIO *ret; + FILE *file=NULL; + +#if defined(_WIN32) && defined(CP_UTF8) + int sz, len_0 = (int)strlen(filename)+1; - if ((file=fopen(filename,mode)) == NULL) + /* + * Basically there are three cases to cover: a) filename is + * pure ASCII string; b) actual UTF-8 encoded string and + * c) locale-ized string, i.e. one containing 8-bit + * characters that are meaningful in current system locale. + * If filename is pure ASCII or real UTF-8 encoded string, + * MultiByteToWideChar succeeds and _wfopen works. If + * filename is locale-ized string, chances are that + * MultiByteToWideChar fails reporting + * ERROR_NO_UNICODE_TRANSLATION, in which case we fall + * back to fopen... + */ + if ((sz=MultiByteToWideChar(CP_UTF8,MB_ERR_INVALID_CHARS, + filename,len_0,NULL,0))>0) + { + WCHAR wmode[8]; + WCHAR *wfilename = _alloca(sz*sizeof(WCHAR)); + + if (MultiByteToWideChar(CP_UTF8,MB_ERR_INVALID_CHARS, + filename,len_0,wfilename,sz) && + MultiByteToWideChar(CP_UTF8,0,mode,strlen(mode)+1, + wmode,sizeof(wmode)/sizeof(wmode[0])) && + (file=_wfopen(wfilename,wmode))==NULL && errno==ENOENT + ) /* UTF-8 decode succeeded, but no file, filename + * could still have been locale-ized... */ + file = fopen(filename,mode); + } + else if (GetLastError()==ERROR_NO_UNICODE_TRANSLATION) + { + file = fopen(filename,mode); + } +#else + file=fopen(filename,mode); +#endif + if (file == NULL) { SYSerr(SYS_F_FOPEN,get_last_sys_error()); ERR_add_error_data(5,"fopen('",filename,"','",mode,"')"); @@ -131,7 +168,7 @@ BIO *BIO_new_file(const char *filename, const char *mode) BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB); return(NULL); } - if ((ret=BIO_new(BIO_s_file_internal())) == NULL) + if ((ret=BIO_new(BIO_s_file())) == NULL) { fclose(file); return(NULL); @@ -241,7 +278,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) if (b->flags&BIO_FLAGS_UPLINK) ret=(long)UP_fseek(b->ptr,num,0); else - ret=(long)fseek(fp,num,SEEK_SET); + ret=(long)fseek(fp,num,0); break; case BIO_CTRL_EOF: if (b->flags&BIO_FLAGS_UPLINK) @@ -272,9 +309,9 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) BIO_clear_flags(b,BIO_FLAGS_UPLINK); #endif #endif -#ifdef UP_fsetmode +#ifdef UP_fsetmod if (b->flags&BIO_FLAGS_UPLINK) - UP_fsetmode(b->ptr,num&BIO_FP_TEXT?'t':'b'); + UP_fsetmod(b->ptr,(char)((num&BIO_FP_TEXT)?'t':'b')); else #endif { @@ -286,8 +323,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) _setmode(fd,_O_BINARY); #elif defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB) int fd = fileno((FILE*)ptr); - /* Under CLib there are differences in file modes - */ + /* Under CLib there are differences in file modes */ if (num & BIO_FP_TEXT) setmode(fd,O_TEXT); else @@ -308,7 +344,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) else _setmode(fd,_O_BINARY); } -#elif defined(OPENSSL_SYS_OS2) +#elif defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_WIN32_CYGWIN) int fd = fileno((FILE*)ptr); if (num & BIO_FP_TEXT) setmode(fd, O_TEXT); @@ -404,11 +440,18 @@ static int MS_CALLBACK file_gets(BIO *bp, char *buf, int size) buf[0]='\0'; if (bp->flags&BIO_FLAGS_UPLINK) - UP_fgets(buf,size,bp->ptr); + { + if (!UP_fgets(buf,size,bp->ptr)) + goto err; + } else - fgets(buf,size,(FILE *)bp->ptr); + { + if (!fgets(buf,size,(FILE *)bp->ptr)) + goto err; + } if (buf[0] != '\0') ret=strlen(buf); + err: return(ret); } diff --git a/src/lib/libcrypto/bio/bss_log.c b/src/lib/libcrypto/bio/bss_log.c index 6360dbc820..7ead044b37 100644 --- a/src/lib/libcrypto/bio/bss_log.c +++ b/src/lib/libcrypto/bio/bss_log.c @@ -70,7 +70,6 @@ #if defined(OPENSSL_SYS_WINCE) #elif defined(OPENSSL_SYS_WIN32) -# include #elif defined(OPENSSL_SYS_VMS) # include # include @@ -122,18 +121,6 @@ static int MS_CALLBACK slg_free(BIO *data); static void xopenlog(BIO* bp, char* name, int level); static void xsyslog(BIO* bp, int priority, const char* string); static void xcloselog(BIO* bp); -#ifdef OPENSSL_SYS_WIN32 -LONG (WINAPI *go_for_advapi)() = RegOpenKeyEx; -HANDLE (WINAPI *register_event_source)() = NULL; -BOOL (WINAPI *deregister_event_source)() = NULL; -BOOL (WINAPI *report_event)() = NULL; -#define DL_PROC(m,f) (GetProcAddress( m, f )) -#ifdef UNICODE -#define DL_PROC_X(m,f) DL_PROC( m, f "W" ) -#else -#define DL_PROC_X(m,f) DL_PROC( m, f "A" ) -#endif -#endif static BIO_METHOD methods_slg= { @@ -175,7 +162,7 @@ static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl) char* buf; char* pp; int priority, i; - static struct + static const struct { int strl; char str[10]; @@ -249,35 +236,20 @@ static int MS_CALLBACK slg_puts(BIO *bp, const char *str) static void xopenlog(BIO* bp, char* name, int level) { - if ( !register_event_source ) - { - HANDLE advapi; - if ( !(advapi = GetModuleHandle("advapi32")) ) - return; - register_event_source = (HANDLE (WINAPI *)())DL_PROC_X(advapi, - "RegisterEventSource" ); - deregister_event_source = (BOOL (WINAPI *)())DL_PROC(advapi, - "DeregisterEventSource"); - report_event = (BOOL (WINAPI *)())DL_PROC_X(advapi, - "ReportEvent" ); - if ( !(register_event_source && deregister_event_source && - report_event) ) - { - register_event_source = NULL; - deregister_event_source = NULL; - report_event = NULL; - return; - } - } - bp->ptr= (char *)register_event_source(NULL, name); + if (GetVersion() < 0x80000000) + bp->ptr = RegisterEventSourceA(NULL,name); + else + bp->ptr = NULL; } static void xsyslog(BIO *bp, int priority, const char *string) { LPCSTR lpszStrings[2]; WORD evtype= EVENTLOG_ERROR_TYPE; - int pid = _getpid(); - char pidbuf[DECIMAL_SIZE(pid)+4]; + char pidbuf[DECIMAL_SIZE(DWORD)+4]; + + if (bp->ptr == NULL) + return; switch (priority) { @@ -301,19 +273,18 @@ static void xsyslog(BIO *bp, int priority, const char *string) break; } - sprintf(pidbuf, "[%d] ", pid); + sprintf(pidbuf, "[%u] ", GetCurrentProcessId()); lpszStrings[0] = pidbuf; lpszStrings[1] = string; - if(report_event && bp->ptr) - report_event(bp->ptr, evtype, 0, 1024, NULL, 2, 0, + ReportEventA(bp->ptr, evtype, 0, 1024, NULL, 2, 0, lpszStrings, NULL); } static void xcloselog(BIO* bp) { - if(deregister_event_source && bp->ptr) - deregister_event_source((HANDLE)(bp->ptr)); + if(bp->ptr) + DeregisterEventSource((HANDLE)(bp->ptr)); bp->ptr= NULL; } diff --git a/src/lib/libcrypto/bio/bss_mem.c b/src/lib/libcrypto/bio/bss_mem.c index e7ab9cb3a3..37d4194e4b 100644 --- a/src/lib/libcrypto/bio/bss_mem.c +++ b/src/lib/libcrypto/bio/bss_mem.c @@ -94,16 +94,18 @@ BIO *BIO_new_mem_buf(void *buf, int len) { BIO *ret; BUF_MEM *b; + size_t sz; + if (!buf) { BIOerr(BIO_F_BIO_NEW_MEM_BUF,BIO_R_NULL_PARAMETER); return NULL; } - if(len == -1) len = strlen(buf); + sz = (len<0) ? strlen(buf) : (size_t)len; if(!(ret = BIO_new(BIO_s_mem())) ) return NULL; b = (BUF_MEM *)ret->ptr; b->data = buf; - b->length = len; - b->max = len; + b->length = sz; + b->max = sz; ret->flags |= BIO_FLAGS_MEM_RDONLY; /* Since this is static data retrying wont help */ ret->num = 0; @@ -144,22 +146,16 @@ static int mem_read(BIO *b, char *out, int outl) { int ret= -1; BUF_MEM *bm; - int i; - char *from,*to; bm=(BUF_MEM *)b->ptr; BIO_clear_retry_flags(b); - ret=(outl > bm->length)?bm->length:outl; + ret=(outl >=0 && (size_t)outl > bm->length)?(int)bm->length:outl; if ((out != NULL) && (ret > 0)) { memcpy(out,bm->data,ret); bm->length-=ret; - /* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */ if(b->flags & BIO_FLAGS_MEM_RDONLY) bm->data += ret; else { - from=(char *)&(bm->data[ret]); - to=(char *)&(bm->data[0]); - for (i=0; ilength; i++) - to[i]=from[i]; + memmove(&(bm->data[0]),&(bm->data[ret]),bm->length); } } else if (bm->length == 0) { diff --git a/src/lib/libcrypto/bio/bss_sock.c b/src/lib/libcrypto/bio/bss_sock.c index 30c3ceab46..3df31938c1 100644 --- a/src/lib/libcrypto/bio/bss_sock.c +++ b/src/lib/libcrypto/bio/bss_sock.c @@ -172,15 +172,6 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr) switch (cmd) { - case BIO_CTRL_RESET: - num=0; - case BIO_C_FILE_SEEK: - ret=0; - break; - case BIO_C_FILE_TELL: - case BIO_CTRL_INFO: - ret=0; - break; case BIO_C_SET_FD: sock_free(b); b->num= *((int *)ptr); @@ -203,10 +194,6 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_CTRL_SET_CLOSE: b->shutdown=(int)num; break; - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - ret=0; - break; case BIO_CTRL_DUP: case BIO_CTRL_FLUSH: ret=1; diff --git a/src/lib/libcrypto/bn/Makefile b/src/lib/libcrypto/bn/Makefile index f5e8f65a46..aabc4f56b8 100644 --- a/src/lib/libcrypto/bn/Makefile +++ b/src/lib/libcrypto/bn/Makefile @@ -12,8 +12,6 @@ MAKEFILE= Makefile AR= ar r BN_ASM= bn_asm.o -# or use -#BN_ASM= bn86-elf.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) @@ -28,13 +26,13 @@ LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ - bn_depr.c bn_x931p.c bn_const.c bn_opt.c + bn_depr.c bn_const.c LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \ - bn_depr.o bn_x931p.o bn_const.o bn_opt.o + bn_depr.o bn_const.o SRC= $(LIBSRC) @@ -58,36 +56,25 @@ bnbug: bnbug.c ../../libcrypto.a top cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a lib: $(LIBOBJ) - $(ARX) $(LIB) $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# ELF -bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > ../$@) -co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > ../$@) -mo86-elf.s: asm/mo-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) mo-586.pl elf $(CFLAGS) > ../$@) -# COFF -bn86-cof.s: asm/bn-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) bn-586.pl coff $(CFLAGS) > ../$@) -co86-cof.s: asm/co-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) co-586.pl coff $(CFLAGS) > ../$@) -mo86-cof.s: asm/mo-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) mo-586.pl coff $(CFLAGS) > ../$@) -# a.out -bn86-out.s: asm/bn-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) bn-586.pl a.out $(CFLAGS) > ../$@) -co86-out.s: asm/co-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) co-586.pl a.out $(CFLAGS) > ../$@) -mo86-out.s: asm/mo-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) mo-586.pl a.out $(CFLAGS) > ../$@) +bn-586.s: asm/bn-586.pl ../perlasm/x86asm.pl + $(PERL) asm/bn-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@ +co-586.s: asm/co-586.pl ../perlasm/x86asm.pl + $(PERL) asm/co-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@ +x86-mont.s: asm/x86-mont.pl ../perlasm/x86asm.pl + $(PERL) asm/x86-mont.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@ sparcv8.o: asm/sparcv8.S $(CC) $(CFLAGS) -c asm/sparcv8.S -sparcv8plus.o: asm/sparcv8plus.S - $(CC) $(CFLAGS) -c asm/sparcv8plus.S +bn-sparcv9.o: asm/sparcv8plus.S + $(CC) $(CFLAGS) -c -o $@ asm/sparcv8plus.S +sparcv9a-mont.s: asm/sparcv9a-mont.pl + $(PERL) asm/sparcv9a-mont.pl $(CFLAGS) > $@ +sparcv9-mont.s: asm/sparcv9-mont.pl + $(PERL) asm/sparcv9-mont.pl $(CFLAGS) > $@ bn-mips3.o: asm/mips3.s @if [ "$(CC)" = "gcc" ]; then \ @@ -95,10 +82,13 @@ bn-mips3.o: asm/mips3.s as -$$ABI -O -o $@ asm/mips3.s; \ else $(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi +bn-s390x.o: asm/s390x.S + $(CC) $(CFLAGS) -c -o $@ asm/s390x.S + x86_64-gcc.o: asm/x86_64-gcc.c $(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c x86_64-mont.s: asm/x86_64-mont.pl - $(PERL) asm/x86_64-mont.pl $@ + $(PERL) asm/x86_64-mont.pl $(PERLASM_SCHEME) > $@ bn-ia64.s: asm/ia64.S $(CC) $(CFLAGS) -E asm/ia64.S > $@ @@ -111,12 +101,14 @@ pa-risc2.o: asm/pa-risc2.s /usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s # ppc - AIX, Linux, MacOS X... -linux_ppc32.s: asm/ppc.pl; $(PERL) $< $@ -linux_ppc64.s: asm/ppc.pl; $(PERL) $< $@ -aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ -aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ -osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@ -osx_ppc64.s: asm/ppc.pl; $(PERL) $< $@ +bn-ppc.s: asm/ppc.pl; $(PERL) asm/ppc.pl $(PERLASM_SCHEME) $@ +ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@ + +alpha-mont.s: asm/alpha-mont.pl + $(PERL) $< | $(CC) -E - | tee $@ > /dev/null + +# GNU make "catch all" +%-mont.s: asm/%-mont.pl; $(PERL) $< $(CFLAGS) > $@ files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -184,8 +176,11 @@ bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h -bn_const.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -bn_const.o: ../../include/openssl/ossl_typ.h bn.h bn_const.c +bn_const.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +bn_const.o: ../../include/openssl/opensslconf.h +bn_const.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_const.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_const.o: ../../include/openssl/symhacks.h bn.h bn_const.c bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -292,13 +287,6 @@ bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c -bn_opt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_opt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_opt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_opt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_opt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bn_opt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bn_opt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_opt.c bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -357,6 +345,3 @@ bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c -bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -bn_x931p.o: ../../include/openssl/opensslconf.h -bn_x931p.o: ../../include/openssl/ossl_typ.h bn_x931p.c diff --git a/src/lib/libcrypto/bn/Makefile.ssl b/src/lib/libcrypto/bn/Makefile.ssl deleted file mode 100644 index 50892ef44c..0000000000 --- a/src/lib/libcrypto/bn/Makefile.ssl +++ /dev/null @@ -1,326 +0,0 @@ -# -# SSLeay/crypto/bn/Makefile -# - -DIR= bn -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -BN_ASM= bn_asm.o -# or use -#BN_ASM= bn86-elf.o - -CFLAGS= $(INCLUDES) $(CFLAG) -ASFLAGS= $(INCLUDES) $(ASFLAG) - -GENERAL=Makefile -TEST=bntest.c exptest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ - bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ - bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ - bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c - -LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ - bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ - bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ - bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o - -SRC= $(LIBSRC) - -EXHEADER= bn.h -HEADER= bn_lcl.h bn_prime.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -bn_prime.h: bn_prime.pl - $(PERL) bn_prime.pl >bn_prime.h - -divtest: divtest.c ../../libcrypto.a - cc -I../../include divtest.c -o divtest ../../libcrypto.a - -bnbug: bnbug.c ../../libcrypto.a top - cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -# elf -asm/bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > bn86-elf.s) - -asm/co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > co86-elf.s) - -# a.out -asm/bn86-out.o: asm/bn86unix.cpp - $(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o - -asm/co86-out.o: asm/co86unix.cpp - $(CPP) -DOUT asm/co86unix.cpp | as -o asm/co86-out.o - -# bsdi -asm/bn86bsdi.o: asm/bn86unix.cpp - $(CPP) -DBSDI asm/bn86unix.cpp | sed 's/ :/:/' | as -o asm/bn86bsdi.o - -asm/co86bsdi.o: asm/co86unix.cpp - $(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o - -asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp ) - -asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) co-586.pl cpp >co86unix.cpp ) - -asm/sparcv8.o: asm/sparcv8.S - -asm/sparcv8plus.o: asm/sparcv8plus.S - -# Old GNU assembler doesn't understand V9 instructions, so we -# hire /usr/ccs/bin/as to do the job. Note that option is called -# *-gcc27, but even gcc 2>=8 users may experience similar problem -# if they didn't bother to upgrade GNU assembler. Such users should -# not choose this option, but be adviced to *remove* GNU assembler -# or upgrade it. -asm/sparcv8plus-gcc27.o: asm/sparcv8plus.S - $(CC) $(ASFLAGS) -E asm/sparcv8plus.S | \ - /usr/ccs/bin/as -xarch=v8plus - -o asm/sparcv8plus-gcc27.o - - -asm/ia64.o: asm/ia64.S - -# Some compiler drivers (most notably HP-UX and Intel C++) don't -# understand .S extension:-( I wish I could pipe output from cc -E, -# but it's too compiler driver/ABI dependent to cover with a single -# rule... -asm/ia64-cpp.o: asm/ia64.S - $(CC) $(ASFLAGS) -E asm/ia64.S > /tmp/ia64.$$$$.s && \ - $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \ - rm -f /tmp/ia64.$$$$.s - -asm/x86_64-gcc.o: asm/x86_64-gcc.c - -asm/pa-risc2W.o: asm/pa-risc2W.s - /usr/ccs/bin/as -o asm/pa-rics2W.o asm/pa-risc2W.s - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -exptest: - rm -f exptest - gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a - -div: - rm -f a.out - gcc -I.. -g div.c ../../libcrypto.a - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_add.o: ../cryptlib.h bn_add.c bn_lcl.h -bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_asm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_asm.o: ../cryptlib.h bn_asm.c bn_lcl.h -bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_blind.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_blind.o: ../cryptlib.h bn_blind.c bn_lcl.h -bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_ctx.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_ctx.o: ../cryptlib.h bn_ctx.c bn_lcl.h -bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_div.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_div.o: ../cryptlib.h bn_div.c bn_lcl.h -bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bn_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bn_err.o: ../../include/openssl/symhacks.h bn_err.c -bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_exp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h -bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_exp2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_exp2.o: ../cryptlib.h bn_exp2.c bn_lcl.h -bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_gcd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_gcd.o: ../cryptlib.h bn_gcd.c bn_lcl.h -bn_kron.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -bn_kron.o: ../../include/openssl/opensslconf.h bn_kron.c bn_lcl.h -bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_lib.o: ../cryptlib.h bn_lcl.h bn_lib.c -bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mod.o: ../cryptlib.h bn_lcl.h bn_mod.c -bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mont.o: ../cryptlib.h bn_lcl.h bn_mont.c -bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mpi.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mpi.o: ../cryptlib.h bn_lcl.h bn_mpi.c -bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mul.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mul.o: ../cryptlib.h bn_lcl.h bn_mul.c -bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h -bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_print.o: ../cryptlib.h bn_lcl.h bn_print.c -bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c -bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_recp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_recp.o: ../cryptlib.h bn_lcl.h bn_recp.c -bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_shift.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_shift.o: ../cryptlib.h bn_lcl.h bn_shift.c -bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_sqr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_sqr.o: ../cryptlib.h bn_lcl.h bn_sqr.c -bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_sqrt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_sqrt.o: ../cryptlib.h bn_lcl.h bn_sqrt.c -bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c diff --git a/src/lib/libcrypto/bn/asm/alpha.s b/src/lib/libcrypto/bn/asm/alpha.s deleted file mode 100644 index 555ff0b92d..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.s +++ /dev/null @@ -1,3199 +0,0 @@ - # DEC Alpha assember - # The bn_div_words is actually gcc output but the other parts are hand done. - # Thanks to tzeruch@ceddec.com for sending me the gcc output for - # bn_div_words. - # I've gone back and re-done most of routines. - # The key thing to remeber for the 164 CPU is that while a - # multiply operation takes 8 cycles, another one can only be issued - # after 4 cycles have elapsed. I've done modification to help - # improve this. Also, normally, a ld instruction will not be available - # for about 3 cycles. - .file 1 "bn_asm.c" - .set noat -gcc2_compiled.: -__gnu_compiled_c: - .text - .align 3 - .globl bn_mul_add_words - .ent bn_mul_add_words -bn_mul_add_words: -bn_mul_add_words..ng: - .frame $30,0,$26,0 - .prologue 0 - .align 5 - subq $18,4,$18 - bis $31,$31,$0 - blt $18,$43 # if we are -1, -2, -3 or -4 goto tail code - ldq $20,0($17) # 1 1 - ldq $1,0($16) # 1 1 - .align 3 -$42: - mulq $20,$19,$5 # 1 2 1 ###### - ldq $21,8($17) # 2 1 - ldq $2,8($16) # 2 1 - umulh $20,$19,$20 # 1 2 ###### - ldq $27,16($17) # 3 1 - ldq $3,16($16) # 3 1 - mulq $21,$19,$6 # 2 2 1 ###### - ldq $28,24($17) # 4 1 - addq $1,$5,$1 # 1 2 2 - ldq $4,24($16) # 4 1 - umulh $21,$19,$21 # 2 2 ###### - cmpult $1,$5,$22 # 1 2 3 1 - addq $20,$22,$20 # 1 3 1 - addq $1,$0,$1 # 1 2 3 1 - mulq $27,$19,$7 # 3 2 1 ###### - cmpult $1,$0,$0 # 1 2 3 2 - addq $2,$6,$2 # 2 2 2 - addq $20,$0,$0 # 1 3 2 - cmpult $2,$6,$23 # 2 2 3 1 - addq $21,$23,$21 # 2 3 1 - umulh $27,$19,$27 # 3 2 ###### - addq $2,$0,$2 # 2 2 3 1 - cmpult $2,$0,$0 # 2 2 3 2 - subq $18,4,$18 - mulq $28,$19,$8 # 4 2 1 ###### - addq $21,$0,$0 # 2 3 2 - addq $3,$7,$3 # 3 2 2 - addq $16,32,$16 - cmpult $3,$7,$24 # 3 2 3 1 - stq $1,-32($16) # 1 2 4 - umulh $28,$19,$28 # 4 2 ###### - addq $27,$24,$27 # 3 3 1 - addq $3,$0,$3 # 3 2 3 1 - stq $2,-24($16) # 2 2 4 - cmpult $3,$0,$0 # 3 2 3 2 - stq $3,-16($16) # 3 2 4 - addq $4,$8,$4 # 4 2 2 - addq $27,$0,$0 # 3 3 2 - cmpult $4,$8,$25 # 4 2 3 1 - addq $17,32,$17 - addq $28,$25,$28 # 4 3 1 - addq $4,$0,$4 # 4 2 3 1 - cmpult $4,$0,$0 # 4 2 3 2 - stq $4,-8($16) # 4 2 4 - addq $28,$0,$0 # 4 3 2 - blt $18,$43 - - ldq $20,0($17) # 1 1 - ldq $1,0($16) # 1 1 - - br $42 - - .align 4 -$45: - ldq $20,0($17) # 4 1 - ldq $1,0($16) # 4 1 - mulq $20,$19,$5 # 4 2 1 - subq $18,1,$18 - addq $16,8,$16 - addq $17,8,$17 - umulh $20,$19,$20 # 4 2 - addq $1,$5,$1 # 4 2 2 - cmpult $1,$5,$22 # 4 2 3 1 - addq $20,$22,$20 # 4 3 1 - addq $1,$0,$1 # 4 2 3 1 - cmpult $1,$0,$0 # 4 2 3 2 - addq $20,$0,$0 # 4 3 2 - stq $1,-8($16) # 4 2 4 - bgt $18,$45 - ret $31,($26),1 # else exit - - .align 4 -$43: - addq $18,4,$18 - bgt $18,$45 # goto tail code - ret $31,($26),1 # else exit - - .end bn_mul_add_words - .align 3 - .globl bn_mul_words - .ent bn_mul_words -bn_mul_words: -bn_mul_words..ng: - .frame $30,0,$26,0 - .prologue 0 - .align 5 - subq $18,4,$18 - bis $31,$31,$0 - blt $18,$143 # if we are -1, -2, -3 or -4 goto tail code - ldq $20,0($17) # 1 1 - .align 3 -$142: - - mulq $20,$19,$5 # 1 2 1 ##### - ldq $21,8($17) # 2 1 - ldq $27,16($17) # 3 1 - umulh $20,$19,$20 # 1 2 ##### - ldq $28,24($17) # 4 1 - mulq $21,$19,$6 # 2 2 1 ##### - addq $5,$0,$5 # 1 2 3 1 - subq $18,4,$18 - cmpult $5,$0,$0 # 1 2 3 2 - umulh $21,$19,$21 # 2 2 ##### - addq $20,$0,$0 # 1 3 2 - addq $17,32,$17 - addq $6,$0,$6 # 2 2 3 1 - mulq $27,$19,$7 # 3 2 1 ##### - cmpult $6,$0,$0 # 2 2 3 2 - addq $21,$0,$0 # 2 3 2 - addq $16,32,$16 - umulh $27,$19,$27 # 3 2 ##### - stq $5,-32($16) # 1 2 4 - mulq $28,$19,$8 # 4 2 1 ##### - addq $7,$0,$7 # 3 2 3 1 - stq $6,-24($16) # 2 2 4 - cmpult $7,$0,$0 # 3 2 3 2 - umulh $28,$19,$28 # 4 2 ##### - addq $27,$0,$0 # 3 3 2 - stq $7,-16($16) # 3 2 4 - addq $8,$0,$8 # 4 2 3 1 - cmpult $8,$0,$0 # 4 2 3 2 - - addq $28,$0,$0 # 4 3 2 - - stq $8,-8($16) # 4 2 4 - - blt $18,$143 - - ldq $20,0($17) # 1 1 - - br $142 - - .align 4 -$145: - ldq $20,0($17) # 4 1 - mulq $20,$19,$5 # 4 2 1 - subq $18,1,$18 - umulh $20,$19,$20 # 4 2 - addq $5,$0,$5 # 4 2 3 1 - addq $16,8,$16 - cmpult $5,$0,$0 # 4 2 3 2 - addq $17,8,$17 - addq $20,$0,$0 # 4 3 2 - stq $5,-8($16) # 4 2 4 - - bgt $18,$145 - ret $31,($26),1 # else exit - - .align 4 -$143: - addq $18,4,$18 - bgt $18,$145 # goto tail code - ret $31,($26),1 # else exit - - .end bn_mul_words - .align 3 - .globl bn_sqr_words - .ent bn_sqr_words -bn_sqr_words: -bn_sqr_words..ng: - .frame $30,0,$26,0 - .prologue 0 - - subq $18,4,$18 - blt $18,$543 # if we are -1, -2, -3 or -4 goto tail code - ldq $20,0($17) # 1 1 - .align 3 -$542: - mulq $20,$20,$5 ###### - ldq $21,8($17) # 1 1 - subq $18,4 - umulh $20,$20,$1 ###### - ldq $27,16($17) # 1 1 - mulq $21,$21,$6 ###### - ldq $28,24($17) # 1 1 - stq $5,0($16) # r[0] - umulh $21,$21,$2 ###### - stq $1,8($16) # r[1] - mulq $27,$27,$7 ###### - stq $6,16($16) # r[0] - umulh $27,$27,$3 ###### - stq $2,24($16) # r[1] - mulq $28,$28,$8 ###### - stq $7,32($16) # r[0] - umulh $28,$28,$4 ###### - stq $3,40($16) # r[1] - - addq $16,64,$16 - addq $17,32,$17 - stq $8,-16($16) # r[0] - stq $4,-8($16) # r[1] - - blt $18,$543 - ldq $20,0($17) # 1 1 - br $542 - -$442: - ldq $20,0($17) # a[0] - mulq $20,$20,$5 # a[0]*w low part r2 - addq $16,16,$16 - addq $17,8,$17 - subq $18,1,$18 - umulh $20,$20,$1 # a[0]*w high part r3 - stq $5,-16($16) # r[0] - stq $1,-8($16) # r[1] - - bgt $18,$442 - ret $31,($26),1 # else exit - - .align 4 -$543: - addq $18,4,$18 - bgt $18,$442 # goto tail code - ret $31,($26),1 # else exit - .end bn_sqr_words - - .align 3 - .globl bn_add_words - .ent bn_add_words -bn_add_words: -bn_add_words..ng: - .frame $30,0,$26,0 - .prologue 0 - - subq $19,4,$19 - bis $31,$31,$0 # carry = 0 - blt $19,$900 - ldq $5,0($17) # a[0] - ldq $1,0($18) # b[1] - .align 3 -$901: - addq $1,$5,$1 # r=a+b; - ldq $6,8($17) # a[1] - cmpult $1,$5,$22 # did we overflow? - ldq $2,8($18) # b[1] - addq $1,$0,$1 # c+= overflow - ldq $7,16($17) # a[2] - cmpult $1,$0,$0 # overflow? - ldq $3,16($18) # b[2] - addq $0,$22,$0 - ldq $8,24($17) # a[3] - addq $2,$6,$2 # r=a+b; - ldq $4,24($18) # b[3] - cmpult $2,$6,$23 # did we overflow? - addq $3,$7,$3 # r=a+b; - addq $2,$0,$2 # c+= overflow - cmpult $3,$7,$24 # did we overflow? - cmpult $2,$0,$0 # overflow? - addq $4,$8,$4 # r=a+b; - addq $0,$23,$0 - cmpult $4,$8,$25 # did we overflow? - addq $3,$0,$3 # c+= overflow - stq $1,0($16) # r[0]=c - cmpult $3,$0,$0 # overflow? - stq $2,8($16) # r[1]=c - addq $0,$24,$0 - stq $3,16($16) # r[2]=c - addq $4,$0,$4 # c+= overflow - subq $19,4,$19 # loop-- - cmpult $4,$0,$0 # overflow? - addq $17,32,$17 # a++ - addq $0,$25,$0 - stq $4,24($16) # r[3]=c - addq $18,32,$18 # b++ - addq $16,32,$16 # r++ - - blt $19,$900 - ldq $5,0($17) # a[0] - ldq $1,0($18) # b[1] - br $901 - .align 4 -$945: - ldq $5,0($17) # a[0] - ldq $1,0($18) # b[1] - addq $1,$5,$1 # r=a+b; - subq $19,1,$19 # loop-- - addq $1,$0,$1 # c+= overflow - addq $17,8,$17 # a++ - cmpult $1,$5,$22 # did we overflow? - cmpult $1,$0,$0 # overflow? - addq $18,8,$18 # b++ - stq $1,0($16) # r[0]=c - addq $0,$22,$0 - addq $16,8,$16 # r++ - - bgt $19,$945 - ret $31,($26),1 # else exit - -$900: - addq $19,4,$19 - bgt $19,$945 # goto tail code - ret $31,($26),1 # else exit - .end bn_add_words - - # - # What follows was taken directly from the C compiler with a few - # hacks to redo the lables. - # -.text - .align 3 - .globl bn_div_words - .ent bn_div_words -bn_div_words: - ldgp $29,0($27) -bn_div_words..ng: - lda $30,-48($30) - .frame $30,48,$26,0 - stq $26,0($30) - stq $9,8($30) - stq $10,16($30) - stq $11,24($30) - stq $12,32($30) - stq $13,40($30) - .mask 0x4003e00,-48 - .prologue 1 - bis $16,$16,$9 - bis $17,$17,$10 - bis $18,$18,$11 - bis $31,$31,$13 - bis $31,2,$12 - bne $11,$119 - lda $0,-1 - br $31,$136 - .align 4 -$119: - bis $11,$11,$16 - jsr $26,BN_num_bits_word - ldgp $29,0($26) - subq $0,64,$1 - beq $1,$120 - bis $31,1,$1 - sll $1,$0,$1 - cmpule $9,$1,$1 - bne $1,$120 - # lda $16,_IO_stderr_ - # lda $17,$C32 - # bis $0,$0,$18 - # jsr $26,fprintf - # ldgp $29,0($26) - jsr $26,abort - ldgp $29,0($26) - .align 4 -$120: - bis $31,64,$3 - cmpult $9,$11,$2 - subq $3,$0,$1 - addl $1,$31,$0 - subq $9,$11,$1 - cmoveq $2,$1,$9 - beq $0,$122 - zapnot $0,15,$2 - subq $3,$0,$1 - sll $11,$2,$11 - sll $9,$2,$3 - srl $10,$1,$1 - sll $10,$2,$10 - bis $3,$1,$9 -$122: - srl $11,32,$5 - zapnot $11,15,$6 - lda $7,-1 - .align 5 -$123: - srl $9,32,$1 - subq $1,$5,$1 - bne $1,$126 - zapnot $7,15,$27 - br $31,$127 - .align 4 -$126: - bis $9,$9,$24 - bis $5,$5,$25 - divqu $24,$25,$27 -$127: - srl $10,32,$4 - .align 5 -$128: - mulq $27,$5,$1 - subq $9,$1,$3 - zapnot $3,240,$1 - bne $1,$129 - mulq $6,$27,$2 - sll $3,32,$1 - addq $1,$4,$1 - cmpule $2,$1,$2 - bne $2,$129 - subq $27,1,$27 - br $31,$128 - .align 4 -$129: - mulq $27,$6,$1 - mulq $27,$5,$4 - srl $1,32,$3 - sll $1,32,$1 - addq $4,$3,$4 - cmpult $10,$1,$2 - subq $10,$1,$10 - addq $2,$4,$2 - cmpult $9,$2,$1 - bis $2,$2,$4 - beq $1,$134 - addq $9,$11,$9 - subq $27,1,$27 -$134: - subl $12,1,$12 - subq $9,$4,$9 - beq $12,$124 - sll $27,32,$13 - sll $9,32,$2 - srl $10,32,$1 - sll $10,32,$10 - bis $2,$1,$9 - br $31,$123 - .align 4 -$124: - bis $13,$27,$0 -$136: - ldq $26,0($30) - ldq $9,8($30) - ldq $10,16($30) - ldq $11,24($30) - ldq $12,32($30) - ldq $13,40($30) - addq $30,48,$30 - ret $31,($26),1 - .end bn_div_words - - .set noat - .text - .align 3 - .globl bn_sub_words - .ent bn_sub_words -bn_sub_words: -bn_sub_words..ng: - .frame $30,0,$26,0 - .prologue 0 - - subq $19, 4, $19 - bis $31, $31, $0 - blt $19, $100 - ldq $1, 0($17) - ldq $2, 0($18) -$101: - ldq $3, 8($17) - cmpult $1, $2, $4 - ldq $5, 8($18) - subq $1, $2, $1 - ldq $6, 16($17) - cmpult $1, $0, $2 - ldq $7, 16($18) - subq $1, $0, $23 - ldq $8, 24($17) - addq $2, $4, $0 - cmpult $3, $5, $24 - subq $3, $5, $3 - ldq $22, 24($18) - cmpult $3, $0, $5 - subq $3, $0, $25 - addq $5, $24, $0 - cmpult $6, $7, $27 - subq $6, $7, $6 - stq $23, 0($16) - cmpult $6, $0, $7 - subq $6, $0, $28 - addq $7, $27, $0 - cmpult $8, $22, $21 - subq $8, $22, $8 - stq $25, 8($16) - cmpult $8, $0, $22 - subq $8, $0, $20 - addq $22, $21, $0 - stq $28, 16($16) - subq $19, 4, $19 - stq $20, 24($16) - addq $17, 32, $17 - addq $18, 32, $18 - addq $16, 32, $16 - blt $19, $100 - ldq $1, 0($17) - ldq $2, 0($18) - br $101 -$102: - ldq $1, 0($17) - ldq $2, 0($18) - cmpult $1, $2, $27 - subq $1, $2, $1 - cmpult $1, $0, $2 - subq $1, $0, $1 - stq $1, 0($16) - addq $2, $27, $0 - addq $17, 8, $17 - addq $18, 8, $18 - addq $16, 8, $16 - subq $19, 1, $19 - bgt $19, $102 - ret $31,($26),1 -$100: - addq $19, 4, $19 - bgt $19, $102 -$103: - ret $31,($26),1 - .end bn_sub_words - .text - .align 3 - .globl bn_mul_comba4 - .ent bn_mul_comba4 -bn_mul_comba4: -bn_mul_comba4..ng: - .frame $30,0,$26,0 - .prologue 0 - - ldq $0, 0($17) - ldq $1, 0($18) - ldq $2, 8($17) - ldq $3, 8($18) - ldq $4, 16($17) - ldq $5, 16($18) - ldq $6, 24($17) - ldq $7, 24($18) - bis $31, $31, $23 - mulq $0, $1, $8 - umulh $0, $1, $22 - stq $8, 0($16) - bis $31, $31, $8 - mulq $0, $3, $24 - umulh $0, $3, $25 - addq $22, $24, $22 - cmpult $22, $24, $27 - addq $27, $25, $25 - addq $23, $25, $23 - cmpult $23, $25, $28 - addq $8, $28, $8 - mulq $2, $1, $21 - umulh $2, $1, $20 - addq $22, $21, $22 - cmpult $22, $21, $19 - addq $19, $20, $20 - addq $23, $20, $23 - cmpult $23, $20, $17 - addq $8, $17, $8 - stq $22, 8($16) - bis $31, $31, $22 - mulq $2, $3, $18 - umulh $2, $3, $24 - addq $23, $18, $23 - cmpult $23, $18, $27 - addq $27, $24, $24 - addq $8, $24, $8 - cmpult $8, $24, $25 - addq $22, $25, $22 - mulq $0, $5, $28 - umulh $0, $5, $21 - addq $23, $28, $23 - cmpult $23, $28, $19 - addq $19, $21, $21 - addq $8, $21, $8 - cmpult $8, $21, $20 - addq $22, $20, $22 - mulq $4, $1, $17 - umulh $4, $1, $18 - addq $23, $17, $23 - cmpult $23, $17, $27 - addq $27, $18, $18 - addq $8, $18, $8 - cmpult $8, $18, $24 - addq $22, $24, $22 - stq $23, 16($16) - bis $31, $31, $23 - mulq $0, $7, $25 - umulh $0, $7, $28 - addq $8, $25, $8 - cmpult $8, $25, $19 - addq $19, $28, $28 - addq $22, $28, $22 - cmpult $22, $28, $21 - addq $23, $21, $23 - mulq $2, $5, $20 - umulh $2, $5, $17 - addq $8, $20, $8 - cmpult $8, $20, $27 - addq $27, $17, $17 - addq $22, $17, $22 - cmpult $22, $17, $18 - addq $23, $18, $23 - mulq $4, $3, $24 - umulh $4, $3, $25 - addq $8, $24, $8 - cmpult $8, $24, $19 - addq $19, $25, $25 - addq $22, $25, $22 - cmpult $22, $25, $28 - addq $23, $28, $23 - mulq $6, $1, $21 - umulh $6, $1, $0 - addq $8, $21, $8 - cmpult $8, $21, $20 - addq $20, $0, $0 - addq $22, $0, $22 - cmpult $22, $0, $27 - addq $23, $27, $23 - stq $8, 24($16) - bis $31, $31, $8 - mulq $2, $7, $17 - umulh $2, $7, $18 - addq $22, $17, $22 - cmpult $22, $17, $24 - addq $24, $18, $18 - addq $23, $18, $23 - cmpult $23, $18, $19 - addq $8, $19, $8 - mulq $4, $5, $25 - umulh $4, $5, $28 - addq $22, $25, $22 - cmpult $22, $25, $21 - addq $21, $28, $28 - addq $23, $28, $23 - cmpult $23, $28, $20 - addq $8, $20, $8 - mulq $6, $3, $0 - umulh $6, $3, $27 - addq $22, $0, $22 - cmpult $22, $0, $1 - addq $1, $27, $27 - addq $23, $27, $23 - cmpult $23, $27, $17 - addq $8, $17, $8 - stq $22, 32($16) - bis $31, $31, $22 - mulq $4, $7, $24 - umulh $4, $7, $18 - addq $23, $24, $23 - cmpult $23, $24, $19 - addq $19, $18, $18 - addq $8, $18, $8 - cmpult $8, $18, $2 - addq $22, $2, $22 - mulq $6, $5, $25 - umulh $6, $5, $21 - addq $23, $25, $23 - cmpult $23, $25, $28 - addq $28, $21, $21 - addq $8, $21, $8 - cmpult $8, $21, $20 - addq $22, $20, $22 - stq $23, 40($16) - bis $31, $31, $23 - mulq $6, $7, $0 - umulh $6, $7, $1 - addq $8, $0, $8 - cmpult $8, $0, $27 - addq $27, $1, $1 - addq $22, $1, $22 - cmpult $22, $1, $17 - addq $23, $17, $23 - stq $8, 48($16) - stq $22, 56($16) - ret $31,($26),1 - .end bn_mul_comba4 - .text - .align 3 - .globl bn_mul_comba8 - .ent bn_mul_comba8 -bn_mul_comba8: -bn_mul_comba8..ng: - .frame $30,0,$26,0 - .prologue 0 - ldq $1, 0($17) - ldq $2, 0($18) - zapnot $1, 15, $7 - srl $2, 32, $8 - mulq $8, $7, $22 - srl $1, 32, $6 - zapnot $2, 15, $5 - mulq $5, $6, $4 - mulq $7, $5, $24 - addq $22, $4, $22 - cmpult $22, $4, $1 - mulq $6, $8, $3 - beq $1, $173 - bis $31, 1, $1 - sll $1, 32, $1 - addq $3, $1, $3 -$173: - sll $22, 32, $4 - addq $24, $4, $24 - stq $24, 0($16) - ldq $2, 0($17) - ldq $1, 8($18) - zapnot $2, 15, $7 - srl $1, 32, $8 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $0 - srl $2, 32, $6 - mulq $5, $6, $23 - mulq $6, $8, $6 - srl $22, 32, $1 - cmpult $24, $4, $2 - addq $3, $1, $3 - addq $2, $3, $22 - addq $25, $23, $25 - cmpult $25, $23, $1 - bis $31, 1, $2 - beq $1, $177 - sll $2, 32, $1 - addq $6, $1, $6 -$177: - sll $25, 32, $23 - ldq $1, 0($18) - addq $0, $23, $0 - bis $0, $0, $7 - ldq $3, 8($17) - addq $22, $7, $22 - srl $1, 32, $8 - cmpult $22, $7, $4 - zapnot $3, 15, $7 - mulq $8, $7, $28 - zapnot $1, 15, $5 - mulq $7, $5, $21 - srl $25, 32, $1 - cmpult $0, $23, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $4, $6, $24 - srl $3, 32, $6 - mulq $5, $6, $2 - mulq $6, $8, $6 - addq $28, $2, $28 - cmpult $28, $2, $1 - bis $31, 1, $2 - beq $1, $181 - sll $2, 32, $1 - addq $6, $1, $6 -$181: - sll $28, 32, $2 - addq $21, $2, $21 - bis $21, $21, $7 - addq $22, $7, $22 - stq $22, 8($16) - ldq $3, 16($17) - ldq $1, 0($18) - cmpult $22, $7, $4 - zapnot $3, 15, $7 - srl $1, 32, $8 - mulq $8, $7, $22 - zapnot $1, 15, $5 - mulq $7, $5, $20 - srl $28, 32, $1 - cmpult $21, $2, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $4, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $23 - srl $3, 32, $6 - mulq $5, $6, $2 - mulq $6, $8, $6 - addq $22, $2, $22 - cmpult $22, $2, $1 - bis $31, 1, $2 - beq $1, $185 - sll $2, 32, $1 - addq $6, $1, $6 -$185: - sll $22, 32, $2 - ldq $1, 8($18) - addq $20, $2, $20 - bis $20, $20, $7 - ldq $4, 8($17) - addq $24, $7, $24 - srl $1, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $0 - srl $22, 32, $1 - cmpult $20, $2, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $22 - srl $4, 32, $6 - mulq $5, $6, $5 - bis $31, 1, $21 - addq $25, $5, $25 - cmpult $25, $5, $1 - mulq $6, $8, $6 - beq $1, $189 - sll $21, 32, $1 - addq $6, $1, $6 -$189: - sll $25, 32, $5 - ldq $2, 16($18) - addq $0, $5, $0 - bis $0, $0, $7 - ldq $4, 0($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $25, 32, $1 - addq $6, $1, $6 - cmpult $0, $5, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $22, $22 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $193 - sll $21, 32, $1 - addq $6, $1, $6 -$193: - sll $28, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $24, $7, $24 - stq $24, 16($16) - ldq $4, 0($17) - ldq $5, 24($18) - cmpult $24, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $0 - srl $28, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $24 - mulq $7, $5, $2 - addq $1, $22, $22 - addq $0, $24, $0 - cmpult $0, $24, $1 - mulq $6, $8, $6 - beq $1, $197 - sll $21, 32, $1 - addq $6, $1, $6 -$197: - sll $0, 32, $24 - ldq $1, 16($18) - addq $2, $24, $2 - bis $2, $2, $7 - ldq $4, 8($17) - addq $23, $7, $23 - srl $1, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $21 - srl $0, 32, $1 - cmpult $2, $24, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $24 - srl $4, 32, $6 - mulq $5, $6, $5 - bis $31, 1, $20 - addq $25, $5, $25 - cmpult $25, $5, $1 - mulq $6, $8, $6 - beq $1, $201 - sll $20, 32, $1 - addq $6, $1, $6 -$201: - sll $25, 32, $5 - ldq $2, 8($18) - addq $21, $5, $21 - bis $21, $21, $7 - ldq $4, 16($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $25, 32, $1 - addq $6, $1, $6 - cmpult $21, $5, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $24, $24 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $205 - sll $20, 32, $1 - addq $6, $1, $6 -$205: - sll $28, 32, $25 - ldq $2, 0($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 24($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $24, $24 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $209 - sll $20, 32, $1 - addq $6, $1, $6 -$209: - sll $0, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $23, $7, $23 - stq $23, 24($16) - ldq $4, 32($17) - ldq $5, 0($18) - cmpult $23, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $28 - srl $0, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $23 - mulq $7, $5, $2 - addq $1, $24, $24 - addq $28, $23, $28 - cmpult $28, $23, $1 - mulq $6, $8, $6 - beq $1, $213 - sll $20, 32, $1 - addq $6, $1, $6 -$213: - sll $28, 32, $23 - ldq $1, 8($18) - addq $2, $23, $2 - bis $2, $2, $7 - ldq $4, 24($17) - addq $22, $7, $22 - srl $1, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $0 - srl $28, 32, $1 - cmpult $2, $23, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $23 - srl $4, 32, $6 - mulq $5, $6, $5 - bis $31, 1, $21 - addq $25, $5, $25 - cmpult $25, $5, $1 - mulq $6, $8, $6 - beq $1, $217 - sll $21, 32, $1 - addq $6, $1, $6 -$217: - sll $25, 32, $5 - ldq $2, 16($18) - addq $0, $5, $0 - bis $0, $0, $7 - ldq $4, 16($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $25, 32, $1 - addq $6, $1, $6 - cmpult $0, $5, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $23, $23 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $221 - sll $21, 32, $1 - addq $6, $1, $6 -$221: - sll $28, 32, $25 - ldq $2, 24($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 8($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $23, $23 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $225 - sll $21, 32, $1 - addq $6, $1, $6 -$225: - sll $0, 32, $25 - ldq $2, 32($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 0($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $23, $23 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $229 - sll $21, 32, $1 - addq $6, $1, $6 -$229: - sll $28, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $22, $7, $22 - stq $22, 32($16) - ldq $4, 0($17) - ldq $5, 40($18) - cmpult $22, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $0 - srl $28, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $22 - mulq $7, $5, $2 - addq $1, $23, $23 - addq $0, $22, $0 - cmpult $0, $22, $1 - mulq $6, $8, $6 - beq $1, $233 - sll $21, 32, $1 - addq $6, $1, $6 -$233: - sll $0, 32, $22 - ldq $1, 32($18) - addq $2, $22, $2 - bis $2, $2, $7 - ldq $4, 8($17) - addq $24, $7, $24 - srl $1, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $21 - srl $0, 32, $1 - cmpult $2, $22, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $22 - srl $4, 32, $6 - mulq $5, $6, $5 - bis $31, 1, $20 - addq $25, $5, $25 - cmpult $25, $5, $1 - mulq $6, $8, $6 - beq $1, $237 - sll $20, 32, $1 - addq $6, $1, $6 -$237: - sll $25, 32, $5 - ldq $2, 24($18) - addq $21, $5, $21 - bis $21, $21, $7 - ldq $4, 16($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $25, 32, $1 - addq $6, $1, $6 - cmpult $21, $5, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $22, $22 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $241 - sll $20, 32, $1 - addq $6, $1, $6 -$241: - sll $28, 32, $25 - ldq $2, 16($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 24($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $22, $22 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $245 - sll $20, 32, $1 - addq $6, $1, $6 -$245: - sll $0, 32, $25 - ldq $2, 8($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 32($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $22, $22 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $249 - sll $20, 32, $1 - addq $6, $1, $6 -$249: - sll $28, 32, $25 - ldq $2, 0($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 40($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $22, $22 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $253 - sll $20, 32, $1 - addq $6, $1, $6 -$253: - sll $0, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $24, $7, $24 - stq $24, 40($16) - ldq $4, 48($17) - ldq $5, 0($18) - cmpult $24, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $28 - srl $0, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $24 - mulq $7, $5, $2 - addq $1, $22, $22 - addq $28, $24, $28 - cmpult $28, $24, $1 - mulq $6, $8, $6 - beq $1, $257 - sll $20, 32, $1 - addq $6, $1, $6 -$257: - sll $28, 32, $24 - ldq $1, 8($18) - addq $2, $24, $2 - bis $2, $2, $7 - ldq $4, 40($17) - addq $23, $7, $23 - srl $1, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $0 - srl $28, 32, $1 - cmpult $2, $24, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $24 - srl $4, 32, $6 - mulq $5, $6, $5 - bis $31, 1, $21 - addq $25, $5, $25 - cmpult $25, $5, $1 - mulq $6, $8, $6 - beq $1, $261 - sll $21, 32, $1 - addq $6, $1, $6 -$261: - sll $25, 32, $5 - ldq $2, 16($18) - addq $0, $5, $0 - bis $0, $0, $7 - ldq $4, 32($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $25, 32, $1 - addq $6, $1, $6 - cmpult $0, $5, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $24, $24 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $265 - sll $21, 32, $1 - addq $6, $1, $6 -$265: - sll $28, 32, $25 - ldq $2, 24($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 24($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $24, $24 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $269 - sll $21, 32, $1 - addq $6, $1, $6 -$269: - sll $0, 32, $25 - ldq $2, 32($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 16($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $24, $24 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $273 - sll $21, 32, $1 - addq $6, $1, $6 -$273: - sll $28, 32, $25 - ldq $2, 40($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 8($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $24, $24 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $277 - sll $21, 32, $1 - addq $6, $1, $6 -$277: - sll $0, 32, $25 - ldq $2, 48($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 0($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $24, $24 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $281 - sll $21, 32, $1 - addq $6, $1, $6 -$281: - sll $28, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $23, $7, $23 - stq $23, 48($16) - ldq $4, 0($17) - ldq $5, 56($18) - cmpult $23, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $0 - srl $28, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $23 - mulq $7, $5, $2 - addq $1, $24, $24 - addq $0, $23, $0 - cmpult $0, $23, $1 - mulq $6, $8, $6 - beq $1, $285 - sll $21, 32, $1 - addq $6, $1, $6 -$285: - sll $0, 32, $23 - ldq $1, 48($18) - addq $2, $23, $2 - bis $2, $2, $7 - ldq $4, 8($17) - addq $22, $7, $22 - srl $1, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $21 - srl $0, 32, $1 - cmpult $2, $23, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $23 - srl $4, 32, $6 - mulq $5, $6, $5 - bis $31, 1, $20 - addq $25, $5, $25 - cmpult $25, $5, $1 - mulq $6, $8, $6 - beq $1, $289 - sll $20, 32, $1 - addq $6, $1, $6 -$289: - sll $25, 32, $5 - ldq $2, 40($18) - addq $21, $5, $21 - bis $21, $21, $7 - ldq $4, 16($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $25, 32, $1 - addq $6, $1, $6 - cmpult $21, $5, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $23, $23 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $293 - sll $20, 32, $1 - addq $6, $1, $6 -$293: - sll $28, 32, $25 - ldq $2, 32($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 24($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $23, $23 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $297 - sll $20, 32, $1 - addq $6, $1, $6 -$297: - sll $0, 32, $25 - ldq $2, 24($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 32($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $23, $23 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $301 - sll $20, 32, $1 - addq $6, $1, $6 -$301: - sll $28, 32, $25 - ldq $2, 16($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 40($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $23, $23 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $305 - sll $20, 32, $1 - addq $6, $1, $6 -$305: - sll $0, 32, $25 - ldq $2, 8($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 48($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $23, $23 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $309 - sll $20, 32, $1 - addq $6, $1, $6 -$309: - sll $28, 32, $25 - ldq $2, 0($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 56($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $23, $23 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $313 - sll $20, 32, $1 - addq $6, $1, $6 -$313: - sll $0, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $22, $7, $22 - stq $22, 56($16) - ldq $4, 56($17) - ldq $5, 8($18) - cmpult $22, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $28 - srl $0, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $22 - mulq $7, $5, $2 - addq $1, $23, $23 - addq $28, $22, $28 - cmpult $28, $22, $1 - mulq $6, $8, $6 - beq $1, $317 - sll $20, 32, $1 - addq $6, $1, $6 -$317: - sll $28, 32, $22 - ldq $1, 16($18) - addq $2, $22, $2 - bis $2, $2, $7 - ldq $4, 48($17) - addq $24, $7, $24 - srl $1, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $0 - srl $28, 32, $1 - cmpult $2, $22, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $22 - srl $4, 32, $6 - mulq $5, $6, $5 - bis $31, 1, $21 - addq $25, $5, $25 - cmpult $25, $5, $1 - mulq $6, $8, $6 - beq $1, $321 - sll $21, 32, $1 - addq $6, $1, $6 -$321: - sll $25, 32, $5 - ldq $2, 24($18) - addq $0, $5, $0 - bis $0, $0, $7 - ldq $4, 40($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $25, 32, $1 - addq $6, $1, $6 - cmpult $0, $5, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $22, $22 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $325 - sll $21, 32, $1 - addq $6, $1, $6 -$325: - sll $28, 32, $25 - ldq $2, 32($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 32($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $22, $22 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $329 - sll $21, 32, $1 - addq $6, $1, $6 -$329: - sll $0, 32, $25 - ldq $2, 40($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 24($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $22, $22 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $333 - sll $21, 32, $1 - addq $6, $1, $6 -$333: - sll $28, 32, $25 - ldq $2, 48($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 16($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $22, $22 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $337 - sll $21, 32, $1 - addq $6, $1, $6 -$337: - sll $0, 32, $25 - ldq $2, 56($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 8($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $22, $22 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $341 - sll $21, 32, $1 - addq $6, $1, $6 -$341: - sll $28, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $24, $7, $24 - stq $24, 64($16) - ldq $4, 16($17) - ldq $5, 56($18) - cmpult $24, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $0 - srl $28, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $24 - mulq $7, $5, $2 - addq $1, $22, $22 - addq $0, $24, $0 - cmpult $0, $24, $1 - mulq $6, $8, $6 - beq $1, $345 - sll $21, 32, $1 - addq $6, $1, $6 -$345: - sll $0, 32, $24 - ldq $1, 48($18) - addq $2, $24, $2 - bis $2, $2, $7 - ldq $4, 24($17) - addq $23, $7, $23 - srl $1, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $21 - srl $0, 32, $1 - cmpult $2, $24, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $24 - srl $4, 32, $6 - mulq $5, $6, $5 - bis $31, 1, $20 - addq $25, $5, $25 - cmpult $25, $5, $1 - mulq $6, $8, $6 - beq $1, $349 - sll $20, 32, $1 - addq $6, $1, $6 -$349: - sll $25, 32, $5 - ldq $2, 40($18) - addq $21, $5, $21 - bis $21, $21, $7 - ldq $4, 32($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $25, 32, $1 - addq $6, $1, $6 - cmpult $21, $5, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $24, $24 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $353 - sll $20, 32, $1 - addq $6, $1, $6 -$353: - sll $28, 32, $25 - ldq $2, 32($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 40($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $24, $24 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $357 - sll $20, 32, $1 - addq $6, $1, $6 -$357: - sll $0, 32, $25 - ldq $2, 24($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 48($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $24, $24 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $361 - sll $20, 32, $1 - addq $6, $1, $6 -$361: - sll $28, 32, $25 - ldq $2, 16($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 56($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $24, $24 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $365 - sll $20, 32, $1 - addq $6, $1, $6 -$365: - sll $0, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $23, $7, $23 - stq $23, 72($16) - ldq $4, 56($17) - ldq $5, 24($18) - cmpult $23, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $28 - srl $0, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $23 - mulq $7, $5, $2 - addq $1, $24, $24 - addq $28, $23, $28 - cmpult $28, $23, $1 - mulq $6, $8, $6 - beq $1, $369 - sll $20, 32, $1 - addq $6, $1, $6 -$369: - sll $28, 32, $23 - ldq $1, 32($18) - addq $2, $23, $2 - bis $2, $2, $7 - ldq $4, 48($17) - addq $22, $7, $22 - srl $1, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $0 - srl $28, 32, $1 - cmpult $2, $23, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $23 - srl $4, 32, $6 - mulq $5, $6, $5 - bis $31, 1, $21 - addq $25, $5, $25 - cmpult $25, $5, $1 - mulq $6, $8, $6 - beq $1, $373 - sll $21, 32, $1 - addq $6, $1, $6 -$373: - sll $25, 32, $5 - ldq $2, 40($18) - addq $0, $5, $0 - bis $0, $0, $7 - ldq $4, 40($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $25, 32, $1 - addq $6, $1, $6 - cmpult $0, $5, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $23, $23 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $377 - sll $21, 32, $1 - addq $6, $1, $6 -$377: - sll $28, 32, $25 - ldq $2, 48($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 32($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $23, $23 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $381 - sll $21, 32, $1 - addq $6, $1, $6 -$381: - sll $0, 32, $25 - ldq $2, 56($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 24($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $23, $23 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $385 - sll $21, 32, $1 - addq $6, $1, $6 -$385: - sll $28, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $22, $7, $22 - stq $22, 80($16) - ldq $4, 32($17) - ldq $5, 56($18) - cmpult $22, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $0 - srl $28, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $22 - mulq $7, $5, $2 - addq $1, $23, $23 - addq $0, $22, $0 - cmpult $0, $22, $1 - mulq $6, $8, $6 - beq $1, $389 - sll $21, 32, $1 - addq $6, $1, $6 -$389: - sll $0, 32, $22 - ldq $1, 48($18) - addq $2, $22, $2 - bis $2, $2, $7 - ldq $4, 40($17) - addq $24, $7, $24 - srl $1, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $25 - zapnot $1, 15, $5 - mulq $7, $5, $21 - srl $0, 32, $1 - cmpult $2, $22, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $22 - srl $4, 32, $6 - mulq $5, $6, $5 - bis $31, 1, $20 - addq $25, $5, $25 - cmpult $25, $5, $1 - mulq $6, $8, $6 - beq $1, $393 - sll $20, 32, $1 - addq $6, $1, $6 -$393: - sll $25, 32, $5 - ldq $2, 40($18) - addq $21, $5, $21 - bis $21, $21, $7 - ldq $4, 48($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $25, 32, $1 - addq $6, $1, $6 - cmpult $21, $5, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $1, $22, $22 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $397 - sll $20, 32, $1 - addq $6, $1, $6 -$397: - sll $28, 32, $25 - ldq $2, 32($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 56($17) - addq $24, $7, $24 - srl $2, 32, $8 - cmpult $24, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $21 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $22, $22 - addq $21, $25, $21 - cmpult $21, $25, $1 - mulq $6, $8, $6 - beq $1, $401 - sll $20, 32, $1 - addq $6, $1, $6 -$401: - sll $21, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $24, $7, $24 - stq $24, 88($16) - ldq $4, 56($17) - ldq $5, 40($18) - cmpult $24, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $0 - srl $21, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $23, $6, $23 - cmpult $23, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $24 - mulq $7, $5, $5 - addq $1, $22, $22 - addq $0, $24, $0 - cmpult $0, $24, $1 - mulq $6, $8, $6 - beq $1, $405 - sll $20, 32, $1 - addq $6, $1, $6 -$405: - sll $0, 32, $24 - ldq $2, 48($18) - addq $5, $24, $5 - bis $5, $5, $7 - ldq $4, 48($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $28 - srl $0, 32, $1 - addq $6, $1, $6 - cmpult $5, $24, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $24 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $5 - addq $28, $25, $28 - cmpult $28, $25, $1 - mulq $6, $8, $6 - beq $1, $409 - sll $20, 32, $1 - addq $6, $1, $6 -$409: - sll $28, 32, $25 - ldq $2, 56($18) - addq $5, $25, $5 - bis $5, $5, $7 - ldq $4, 40($17) - addq $23, $7, $23 - srl $2, 32, $8 - cmpult $23, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $25, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $1, $24, $24 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $413 - sll $20, 32, $1 - addq $6, $1, $6 -$413: - sll $0, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $23, $7, $23 - stq $23, 96($16) - ldq $4, 48($17) - ldq $5, 56($18) - cmpult $23, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $28 - srl $0, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $22, $6, $22 - cmpult $22, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $23 - mulq $7, $5, $5 - addq $1, $24, $24 - addq $28, $23, $28 - cmpult $28, $23, $1 - mulq $6, $8, $6 - beq $1, $417 - sll $20, 32, $1 - addq $6, $1, $6 -$417: - sll $28, 32, $23 - ldq $2, 48($18) - addq $5, $23, $5 - bis $5, $5, $7 - ldq $4, 56($17) - addq $22, $7, $22 - srl $2, 32, $8 - cmpult $22, $7, $3 - zapnot $4, 15, $7 - mulq $8, $7, $0 - srl $28, 32, $1 - addq $6, $1, $6 - cmpult $5, $23, $1 - zapnot $2, 15, $5 - addq $1, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $23 - srl $4, 32, $6 - mulq $5, $6, $25 - mulq $7, $5, $2 - addq $0, $25, $0 - cmpult $0, $25, $1 - mulq $6, $8, $6 - beq $1, $421 - sll $20, 32, $1 - addq $6, $1, $6 -$421: - sll $0, 32, $25 - addq $2, $25, $2 - bis $2, $2, $7 - addq $22, $7, $22 - stq $22, 104($16) - ldq $4, 56($17) - ldq $5, 56($18) - cmpult $22, $7, $3 - zapnot $4, 15, $7 - srl $5, 32, $8 - mulq $8, $7, $28 - srl $0, 32, $1 - cmpult $2, $25, $2 - addq $6, $1, $6 - addq $2, $6, $6 - addq $3, $6, $6 - addq $24, $6, $24 - cmpult $24, $6, $1 - srl $4, 32, $6 - zapnot $5, 15, $5 - mulq $5, $6, $22 - mulq $7, $5, $2 - addq $1, $23, $23 - addq $28, $22, $28 - cmpult $28, $22, $1 - mulq $6, $8, $3 - beq $1, $425 - sll $20, 32, $1 - addq $3, $1, $3 -$425: - sll $28, 32, $22 - srl $28, 32, $1 - addq $2, $22, $2 - addq $3, $1, $3 - bis $2, $2, $7 - addq $24, $7, $24 - cmpult $7, $22, $1 - cmpult $24, $7, $2 - addq $1, $3, $6 - addq $2, $6, $6 - stq $24, 112($16) - addq $23, $6, $23 - stq $23, 120($16) - ret $31, ($26), 1 - .end bn_mul_comba8 - .text - .align 3 - .globl bn_sqr_comba4 - .ent bn_sqr_comba4 -bn_sqr_comba4: -bn_sqr_comba4..ng: - .frame $30,0,$26,0 - .prologue 0 - - ldq $0, 0($17) - ldq $1, 8($17) - ldq $2, 16($17) - ldq $3, 24($17) - bis $31, $31, $6 - mulq $0, $0, $4 - umulh $0, $0, $5 - stq $4, 0($16) - bis $31, $31, $4 - mulq $0, $1, $7 - umulh $0, $1, $8 - cmplt $7, $31, $22 - cmplt $8, $31, $23 - addq $7, $7, $7 - addq $8, $8, $8 - addq $8, $22, $8 - addq $4, $23, $4 - addq $5, $7, $5 - addq $6, $8, $6 - cmpult $5, $7, $24 - cmpult $6, $8, $25 - addq $6, $24, $6 - addq $4, $25, $4 - stq $5, 8($16) - bis $31, $31, $5 - mulq $1, $1, $27 - umulh $1, $1, $28 - addq $6, $27, $6 - addq $4, $28, $4 - cmpult $6, $27, $21 - cmpult $4, $28, $20 - addq $4, $21, $4 - addq $5, $20, $5 - mulq $2, $0, $19 - umulh $2, $0, $18 - cmplt $19, $31, $17 - cmplt $18, $31, $22 - addq $19, $19, $19 - addq $18, $18, $18 - addq $18, $17, $18 - addq $5, $22, $5 - addq $6, $19, $6 - addq $4, $18, $4 - cmpult $6, $19, $23 - cmpult $4, $18, $7 - addq $4, $23, $4 - addq $5, $7, $5 - stq $6, 16($16) - bis $31, $31, $6 - mulq $3, $0, $8 - umulh $3, $0, $24 - cmplt $8, $31, $25 - cmplt $24, $31, $27 - addq $8, $8, $8 - addq $24, $24, $24 - addq $24, $25, $24 - addq $6, $27, $6 - addq $4, $8, $4 - addq $5, $24, $5 - cmpult $4, $8, $28 - cmpult $5, $24, $21 - addq $5, $28, $5 - addq $6, $21, $6 - mulq $2, $1, $20 - umulh $2, $1, $17 - cmplt $20, $31, $22 - cmplt $17, $31, $19 - addq $20, $20, $20 - addq $17, $17, $17 - addq $17, $22, $17 - addq $6, $19, $6 - addq $4, $20, $4 - addq $5, $17, $5 - cmpult $4, $20, $18 - cmpult $5, $17, $23 - addq $5, $18, $5 - addq $6, $23, $6 - stq $4, 24($16) - bis $31, $31, $4 - mulq $2, $2, $7 - umulh $2, $2, $25 - addq $5, $7, $5 - addq $6, $25, $6 - cmpult $5, $7, $27 - cmpult $6, $25, $8 - addq $6, $27, $6 - addq $4, $8, $4 - mulq $3, $1, $24 - umulh $3, $1, $28 - cmplt $24, $31, $21 - cmplt $28, $31, $22 - addq $24, $24, $24 - addq $28, $28, $28 - addq $28, $21, $28 - addq $4, $22, $4 - addq $5, $24, $5 - addq $6, $28, $6 - cmpult $5, $24, $19 - cmpult $6, $28, $20 - addq $6, $19, $6 - addq $4, $20, $4 - stq $5, 32($16) - bis $31, $31, $5 - mulq $3, $2, $17 - umulh $3, $2, $18 - cmplt $17, $31, $23 - cmplt $18, $31, $7 - addq $17, $17, $17 - addq $18, $18, $18 - addq $18, $23, $18 - addq $5, $7, $5 - addq $6, $17, $6 - addq $4, $18, $4 - cmpult $6, $17, $25 - cmpult $4, $18, $27 - addq $4, $25, $4 - addq $5, $27, $5 - stq $6, 40($16) - bis $31, $31, $6 - mulq $3, $3, $8 - umulh $3, $3, $21 - addq $4, $8, $4 - addq $5, $21, $5 - cmpult $4, $8, $22 - cmpult $5, $21, $24 - addq $5, $22, $5 - addq $6, $24, $6 - stq $4, 48($16) - stq $5, 56($16) - ret $31,($26),1 - .end bn_sqr_comba4 - .text - .align 3 - .globl bn_sqr_comba8 - .ent bn_sqr_comba8 -bn_sqr_comba8: -bn_sqr_comba8..ng: - .frame $30,0,$26,0 - .prologue 0 - - ldq $0, 0($17) - ldq $1, 8($17) - ldq $2, 16($17) - ldq $3, 24($17) - ldq $4, 32($17) - ldq $5, 40($17) - ldq $6, 48($17) - ldq $7, 56($17) - bis $31, $31, $23 - mulq $0, $0, $8 - umulh $0, $0, $22 - stq $8, 0($16) - bis $31, $31, $8 - mulq $1, $0, $24 - umulh $1, $0, $25 - cmplt $24, $31, $27 - cmplt $25, $31, $28 - addq $24, $24, $24 - addq $25, $25, $25 - addq $25, $27, $25 - addq $8, $28, $8 - addq $22, $24, $22 - addq $23, $25, $23 - cmpult $22, $24, $21 - cmpult $23, $25, $20 - addq $23, $21, $23 - addq $8, $20, $8 - stq $22, 8($16) - bis $31, $31, $22 - mulq $1, $1, $19 - umulh $1, $1, $18 - addq $23, $19, $23 - addq $8, $18, $8 - cmpult $23, $19, $17 - cmpult $8, $18, $27 - addq $8, $17, $8 - addq $22, $27, $22 - mulq $2, $0, $28 - umulh $2, $0, $24 - cmplt $28, $31, $25 - cmplt $24, $31, $21 - addq $28, $28, $28 - addq $24, $24, $24 - addq $24, $25, $24 - addq $22, $21, $22 - addq $23, $28, $23 - addq $8, $24, $8 - cmpult $23, $28, $20 - cmpult $8, $24, $19 - addq $8, $20, $8 - addq $22, $19, $22 - stq $23, 16($16) - bis $31, $31, $23 - mulq $2, $1, $18 - umulh $2, $1, $17 - cmplt $18, $31, $27 - cmplt $17, $31, $25 - addq $18, $18, $18 - addq $17, $17, $17 - addq $17, $27, $17 - addq $23, $25, $23 - addq $8, $18, $8 - addq $22, $17, $22 - cmpult $8, $18, $21 - cmpult $22, $17, $28 - addq $22, $21, $22 - addq $23, $28, $23 - mulq $3, $0, $24 - umulh $3, $0, $20 - cmplt $24, $31, $19 - cmplt $20, $31, $27 - addq $24, $24, $24 - addq $20, $20, $20 - addq $20, $19, $20 - addq $23, $27, $23 - addq $8, $24, $8 - addq $22, $20, $22 - cmpult $8, $24, $25 - cmpult $22, $20, $18 - addq $22, $25, $22 - addq $23, $18, $23 - stq $8, 24($16) - bis $31, $31, $8 - mulq $2, $2, $17 - umulh $2, $2, $21 - addq $22, $17, $22 - addq $23, $21, $23 - cmpult $22, $17, $28 - cmpult $23, $21, $19 - addq $23, $28, $23 - addq $8, $19, $8 - mulq $3, $1, $27 - umulh $3, $1, $24 - cmplt $27, $31, $20 - cmplt $24, $31, $25 - addq $27, $27, $27 - addq $24, $24, $24 - addq $24, $20, $24 - addq $8, $25, $8 - addq $22, $27, $22 - addq $23, $24, $23 - cmpult $22, $27, $18 - cmpult $23, $24, $17 - addq $23, $18, $23 - addq $8, $17, $8 - mulq $4, $0, $21 - umulh $4, $0, $28 - cmplt $21, $31, $19 - cmplt $28, $31, $20 - addq $21, $21, $21 - addq $28, $28, $28 - addq $28, $19, $28 - addq $8, $20, $8 - addq $22, $21, $22 - addq $23, $28, $23 - cmpult $22, $21, $25 - cmpult $23, $28, $27 - addq $23, $25, $23 - addq $8, $27, $8 - stq $22, 32($16) - bis $31, $31, $22 - mulq $3, $2, $24 - umulh $3, $2, $18 - cmplt $24, $31, $17 - cmplt $18, $31, $19 - addq $24, $24, $24 - addq $18, $18, $18 - addq $18, $17, $18 - addq $22, $19, $22 - addq $23, $24, $23 - addq $8, $18, $8 - cmpult $23, $24, $20 - cmpult $8, $18, $21 - addq $8, $20, $8 - addq $22, $21, $22 - mulq $4, $1, $28 - umulh $4, $1, $25 - cmplt $28, $31, $27 - cmplt $25, $31, $17 - addq $28, $28, $28 - addq $25, $25, $25 - addq $25, $27, $25 - addq $22, $17, $22 - addq $23, $28, $23 - addq $8, $25, $8 - cmpult $23, $28, $19 - cmpult $8, $25, $24 - addq $8, $19, $8 - addq $22, $24, $22 - mulq $5, $0, $18 - umulh $5, $0, $20 - cmplt $18, $31, $21 - cmplt $20, $31, $27 - addq $18, $18, $18 - addq $20, $20, $20 - addq $20, $21, $20 - addq $22, $27, $22 - addq $23, $18, $23 - addq $8, $20, $8 - cmpult $23, $18, $17 - cmpult $8, $20, $28 - addq $8, $17, $8 - addq $22, $28, $22 - stq $23, 40($16) - bis $31, $31, $23 - mulq $3, $3, $25 - umulh $3, $3, $19 - addq $8, $25, $8 - addq $22, $19, $22 - cmpult $8, $25, $24 - cmpult $22, $19, $21 - addq $22, $24, $22 - addq $23, $21, $23 - mulq $4, $2, $27 - umulh $4, $2, $18 - cmplt $27, $31, $20 - cmplt $18, $31, $17 - addq $27, $27, $27 - addq $18, $18, $18 - addq $18, $20, $18 - addq $23, $17, $23 - addq $8, $27, $8 - addq $22, $18, $22 - cmpult $8, $27, $28 - cmpult $22, $18, $25 - addq $22, $28, $22 - addq $23, $25, $23 - mulq $5, $1, $19 - umulh $5, $1, $24 - cmplt $19, $31, $21 - cmplt $24, $31, $20 - addq $19, $19, $19 - addq $24, $24, $24 - addq $24, $21, $24 - addq $23, $20, $23 - addq $8, $19, $8 - addq $22, $24, $22 - cmpult $8, $19, $17 - cmpult $22, $24, $27 - addq $22, $17, $22 - addq $23, $27, $23 - mulq $6, $0, $18 - umulh $6, $0, $28 - cmplt $18, $31, $25 - cmplt $28, $31, $21 - addq $18, $18, $18 - addq $28, $28, $28 - addq $28, $25, $28 - addq $23, $21, $23 - addq $8, $18, $8 - addq $22, $28, $22 - cmpult $8, $18, $20 - cmpult $22, $28, $19 - addq $22, $20, $22 - addq $23, $19, $23 - stq $8, 48($16) - bis $31, $31, $8 - mulq $4, $3, $24 - umulh $4, $3, $17 - cmplt $24, $31, $27 - cmplt $17, $31, $25 - addq $24, $24, $24 - addq $17, $17, $17 - addq $17, $27, $17 - addq $8, $25, $8 - addq $22, $24, $22 - addq $23, $17, $23 - cmpult $22, $24, $21 - cmpult $23, $17, $18 - addq $23, $21, $23 - addq $8, $18, $8 - mulq $5, $2, $28 - umulh $5, $2, $20 - cmplt $28, $31, $19 - cmplt $20, $31, $27 - addq $28, $28, $28 - addq $20, $20, $20 - addq $20, $19, $20 - addq $8, $27, $8 - addq $22, $28, $22 - addq $23, $20, $23 - cmpult $22, $28, $25 - cmpult $23, $20, $24 - addq $23, $25, $23 - addq $8, $24, $8 - mulq $6, $1, $17 - umulh $6, $1, $21 - cmplt $17, $31, $18 - cmplt $21, $31, $19 - addq $17, $17, $17 - addq $21, $21, $21 - addq $21, $18, $21 - addq $8, $19, $8 - addq $22, $17, $22 - addq $23, $21, $23 - cmpult $22, $17, $27 - cmpult $23, $21, $28 - addq $23, $27, $23 - addq $8, $28, $8 - mulq $7, $0, $20 - umulh $7, $0, $25 - cmplt $20, $31, $24 - cmplt $25, $31, $18 - addq $20, $20, $20 - addq $25, $25, $25 - addq $25, $24, $25 - addq $8, $18, $8 - addq $22, $20, $22 - addq $23, $25, $23 - cmpult $22, $20, $19 - cmpult $23, $25, $17 - addq $23, $19, $23 - addq $8, $17, $8 - stq $22, 56($16) - bis $31, $31, $22 - mulq $4, $4, $21 - umulh $4, $4, $27 - addq $23, $21, $23 - addq $8, $27, $8 - cmpult $23, $21, $28 - cmpult $8, $27, $24 - addq $8, $28, $8 - addq $22, $24, $22 - mulq $5, $3, $18 - umulh $5, $3, $20 - cmplt $18, $31, $25 - cmplt $20, $31, $19 - addq $18, $18, $18 - addq $20, $20, $20 - addq $20, $25, $20 - addq $22, $19, $22 - addq $23, $18, $23 - addq $8, $20, $8 - cmpult $23, $18, $17 - cmpult $8, $20, $21 - addq $8, $17, $8 - addq $22, $21, $22 - mulq $6, $2, $27 - umulh $6, $2, $28 - cmplt $27, $31, $24 - cmplt $28, $31, $25 - addq $27, $27, $27 - addq $28, $28, $28 - addq $28, $24, $28 - addq $22, $25, $22 - addq $23, $27, $23 - addq $8, $28, $8 - cmpult $23, $27, $19 - cmpult $8, $28, $18 - addq $8, $19, $8 - addq $22, $18, $22 - mulq $7, $1, $20 - umulh $7, $1, $17 - cmplt $20, $31, $21 - cmplt $17, $31, $24 - addq $20, $20, $20 - addq $17, $17, $17 - addq $17, $21, $17 - addq $22, $24, $22 - addq $23, $20, $23 - addq $8, $17, $8 - cmpult $23, $20, $25 - cmpult $8, $17, $27 - addq $8, $25, $8 - addq $22, $27, $22 - stq $23, 64($16) - bis $31, $31, $23 - mulq $5, $4, $28 - umulh $5, $4, $19 - cmplt $28, $31, $18 - cmplt $19, $31, $21 - addq $28, $28, $28 - addq $19, $19, $19 - addq $19, $18, $19 - addq $23, $21, $23 - addq $8, $28, $8 - addq $22, $19, $22 - cmpult $8, $28, $24 - cmpult $22, $19, $20 - addq $22, $24, $22 - addq $23, $20, $23 - mulq $6, $3, $17 - umulh $6, $3, $25 - cmplt $17, $31, $27 - cmplt $25, $31, $18 - addq $17, $17, $17 - addq $25, $25, $25 - addq $25, $27, $25 - addq $23, $18, $23 - addq $8, $17, $8 - addq $22, $25, $22 - cmpult $8, $17, $21 - cmpult $22, $25, $28 - addq $22, $21, $22 - addq $23, $28, $23 - mulq $7, $2, $19 - umulh $7, $2, $24 - cmplt $19, $31, $20 - cmplt $24, $31, $27 - addq $19, $19, $19 - addq $24, $24, $24 - addq $24, $20, $24 - addq $23, $27, $23 - addq $8, $19, $8 - addq $22, $24, $22 - cmpult $8, $19, $18 - cmpult $22, $24, $17 - addq $22, $18, $22 - addq $23, $17, $23 - stq $8, 72($16) - bis $31, $31, $8 - mulq $5, $5, $25 - umulh $5, $5, $21 - addq $22, $25, $22 - addq $23, $21, $23 - cmpult $22, $25, $28 - cmpult $23, $21, $20 - addq $23, $28, $23 - addq $8, $20, $8 - mulq $6, $4, $27 - umulh $6, $4, $19 - cmplt $27, $31, $24 - cmplt $19, $31, $18 - addq $27, $27, $27 - addq $19, $19, $19 - addq $19, $24, $19 - addq $8, $18, $8 - addq $22, $27, $22 - addq $23, $19, $23 - cmpult $22, $27, $17 - cmpult $23, $19, $25 - addq $23, $17, $23 - addq $8, $25, $8 - mulq $7, $3, $21 - umulh $7, $3, $28 - cmplt $21, $31, $20 - cmplt $28, $31, $24 - addq $21, $21, $21 - addq $28, $28, $28 - addq $28, $20, $28 - addq $8, $24, $8 - addq $22, $21, $22 - addq $23, $28, $23 - cmpult $22, $21, $18 - cmpult $23, $28, $27 - addq $23, $18, $23 - addq $8, $27, $8 - stq $22, 80($16) - bis $31, $31, $22 - mulq $6, $5, $19 - umulh $6, $5, $17 - cmplt $19, $31, $25 - cmplt $17, $31, $20 - addq $19, $19, $19 - addq $17, $17, $17 - addq $17, $25, $17 - addq $22, $20, $22 - addq $23, $19, $23 - addq $8, $17, $8 - cmpult $23, $19, $24 - cmpult $8, $17, $21 - addq $8, $24, $8 - addq $22, $21, $22 - mulq $7, $4, $28 - umulh $7, $4, $18 - cmplt $28, $31, $27 - cmplt $18, $31, $25 - addq $28, $28, $28 - addq $18, $18, $18 - addq $18, $27, $18 - addq $22, $25, $22 - addq $23, $28, $23 - addq $8, $18, $8 - cmpult $23, $28, $20 - cmpult $8, $18, $19 - addq $8, $20, $8 - addq $22, $19, $22 - stq $23, 88($16) - bis $31, $31, $23 - mulq $6, $6, $17 - umulh $6, $6, $24 - addq $8, $17, $8 - addq $22, $24, $22 - cmpult $8, $17, $21 - cmpult $22, $24, $27 - addq $22, $21, $22 - addq $23, $27, $23 - mulq $7, $5, $25 - umulh $7, $5, $28 - cmplt $25, $31, $18 - cmplt $28, $31, $20 - addq $25, $25, $25 - addq $28, $28, $28 - addq $28, $18, $28 - addq $23, $20, $23 - addq $8, $25, $8 - addq $22, $28, $22 - cmpult $8, $25, $19 - cmpult $22, $28, $17 - addq $22, $19, $22 - addq $23, $17, $23 - stq $8, 96($16) - bis $31, $31, $8 - mulq $7, $6, $24 - umulh $7, $6, $21 - cmplt $24, $31, $27 - cmplt $21, $31, $18 - addq $24, $24, $24 - addq $21, $21, $21 - addq $21, $27, $21 - addq $8, $18, $8 - addq $22, $24, $22 - addq $23, $21, $23 - cmpult $22, $24, $20 - cmpult $23, $21, $25 - addq $23, $20, $23 - addq $8, $25, $8 - stq $22, 104($16) - bis $31, $31, $22 - mulq $7, $7, $28 - umulh $7, $7, $19 - addq $23, $28, $23 - addq $8, $19, $8 - cmpult $23, $28, $17 - cmpult $8, $19, $27 - addq $8, $17, $8 - addq $22, $27, $22 - stq $23, 112($16) - stq $8, 120($16) - ret $31,($26),1 - .end bn_sqr_comba8 diff --git a/src/lib/libcrypto/bn/asm/alpha.s.works b/src/lib/libcrypto/bn/asm/alpha.s.works deleted file mode 100644 index ee6c587809..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.s.works +++ /dev/null @@ -1,533 +0,0 @@ - - # DEC Alpha assember - # The bn_div64 is actually gcc output but the other parts are hand done. - # Thanks to tzeruch@ceddec.com for sending me the gcc output for - # bn_div64. - # I've gone back and re-done most of routines. - # The key thing to remeber for the 164 CPU is that while a - # multiply operation takes 8 cycles, another one can only be issued - # after 4 cycles have elapsed. I've done modification to help - # improve this. Also, normally, a ld instruction will not be available - # for about 3 cycles. - .file 1 "bn_asm.c" - .set noat -gcc2_compiled.: -__gnu_compiled_c: - .text - .align 3 - .globl bn_mul_add_words - .ent bn_mul_add_words -bn_mul_add_words: -bn_mul_add_words..ng: - .frame $30,0,$26,0 - .prologue 0 - .align 5 - subq $18,4,$18 - bis $31,$31,$0 - blt $18,$43 # if we are -1, -2, -3 or -4 goto tail code - ldq $20,0($17) # 1 1 - ldq $1,0($16) # 1 1 - .align 3 -$42: - mulq $20,$19,$5 # 1 2 1 ###### - ldq $21,8($17) # 2 1 - ldq $2,8($16) # 2 1 - umulh $20,$19,$20 # 1 2 ###### - ldq $27,16($17) # 3 1 - ldq $3,16($16) # 3 1 - mulq $21,$19,$6 # 2 2 1 ###### - ldq $28,24($17) # 4 1 - addq $1,$5,$1 # 1 2 2 - ldq $4,24($16) # 4 1 - umulh $21,$19,$21 # 2 2 ###### - cmpult $1,$5,$22 # 1 2 3 1 - addq $20,$22,$20 # 1 3 1 - addq $1,$0,$1 # 1 2 3 1 - mulq $27,$19,$7 # 3 2 1 ###### - cmpult $1,$0,$0 # 1 2 3 2 - addq $2,$6,$2 # 2 2 2 - addq $20,$0,$0 # 1 3 2 - cmpult $2,$6,$23 # 2 2 3 1 - addq $21,$23,$21 # 2 3 1 - umulh $27,$19,$27 # 3 2 ###### - addq $2,$0,$2 # 2 2 3 1 - cmpult $2,$0,$0 # 2 2 3 2 - subq $18,4,$18 - mulq $28,$19,$8 # 4 2 1 ###### - addq $21,$0,$0 # 2 3 2 - addq $3,$7,$3 # 3 2 2 - addq $16,32,$16 - cmpult $3,$7,$24 # 3 2 3 1 - stq $1,-32($16) # 1 2 4 - umulh $28,$19,$28 # 4 2 ###### - addq $27,$24,$27 # 3 3 1 - addq $3,$0,$3 # 3 2 3 1 - stq $2,-24($16) # 2 2 4 - cmpult $3,$0,$0 # 3 2 3 2 - stq $3,-16($16) # 3 2 4 - addq $4,$8,$4 # 4 2 2 - addq $27,$0,$0 # 3 3 2 - cmpult $4,$8,$25 # 4 2 3 1 - addq $17,32,$17 - addq $28,$25,$28 # 4 3 1 - addq $4,$0,$4 # 4 2 3 1 - cmpult $4,$0,$0 # 4 2 3 2 - stq $4,-8($16) # 4 2 4 - addq $28,$0,$0 # 4 3 2 - blt $18,$43 - - ldq $20,0($17) # 1 1 - ldq $1,0($16) # 1 1 - - br $42 - - .align 4 -$45: - ldq $20,0($17) # 4 1 - ldq $1,0($16) # 4 1 - mulq $20,$19,$5 # 4 2 1 - subq $18,1,$18 - addq $16,8,$16 - addq $17,8,$17 - umulh $20,$19,$20 # 4 2 - addq $1,$5,$1 # 4 2 2 - cmpult $1,$5,$22 # 4 2 3 1 - addq $20,$22,$20 # 4 3 1 - addq $1,$0,$1 # 4 2 3 1 - cmpult $1,$0,$0 # 4 2 3 2 - addq $20,$0,$0 # 4 3 2 - stq $1,-8($16) # 4 2 4 - bgt $18,$45 - ret $31,($26),1 # else exit - - .align 4 -$43: - addq $18,4,$18 - bgt $18,$45 # goto tail code - ret $31,($26),1 # else exit - - .end bn_mul_add_words - .align 3 - .globl bn_mul_words - .ent bn_mul_words -bn_mul_words: -bn_mul_words..ng: - .frame $30,0,$26,0 - .prologue 0 - .align 5 - subq $18,4,$18 - bis $31,$31,$0 - blt $18,$143 # if we are -1, -2, -3 or -4 goto tail code - ldq $20,0($17) # 1 1 - .align 3 -$142: - - mulq $20,$19,$5 # 1 2 1 ##### - ldq $21,8($17) # 2 1 - ldq $27,16($17) # 3 1 - umulh $20,$19,$20 # 1 2 ##### - ldq $28,24($17) # 4 1 - mulq $21,$19,$6 # 2 2 1 ##### - addq $5,$0,$5 # 1 2 3 1 - subq $18,4,$18 - cmpult $5,$0,$0 # 1 2 3 2 - umulh $21,$19,$21 # 2 2 ##### - addq $20,$0,$0 # 1 3 2 - addq $17,32,$17 - addq $6,$0,$6 # 2 2 3 1 - mulq $27,$19,$7 # 3 2 1 ##### - cmpult $6,$0,$0 # 2 2 3 2 - addq $21,$0,$0 # 2 3 2 - addq $16,32,$16 - umulh $27,$19,$27 # 3 2 ##### - stq $5,-32($16) # 1 2 4 - mulq $28,$19,$8 # 4 2 1 ##### - addq $7,$0,$7 # 3 2 3 1 - stq $6,-24($16) # 2 2 4 - cmpult $7,$0,$0 # 3 2 3 2 - umulh $28,$19,$28 # 4 2 ##### - addq $27,$0,$0 # 3 3 2 - stq $7,-16($16) # 3 2 4 - addq $8,$0,$8 # 4 2 3 1 - cmpult $8,$0,$0 # 4 2 3 2 - - addq $28,$0,$0 # 4 3 2 - - stq $8,-8($16) # 4 2 4 - - blt $18,$143 - - ldq $20,0($17) # 1 1 - - br $142 - - .align 4 -$145: - ldq $20,0($17) # 4 1 - mulq $20,$19,$5 # 4 2 1 - subq $18,1,$18 - umulh $20,$19,$20 # 4 2 - addq $5,$0,$5 # 4 2 3 1 - addq $16,8,$16 - cmpult $5,$0,$0 # 4 2 3 2 - addq $17,8,$17 - addq $20,$0,$0 # 4 3 2 - stq $5,-8($16) # 4 2 4 - - bgt $18,$145 - ret $31,($26),1 # else exit - - .align 4 -$143: - addq $18,4,$18 - bgt $18,$145 # goto tail code - ret $31,($26),1 # else exit - - .end bn_mul_words - .align 3 - .globl bn_sqr_words - .ent bn_sqr_words -bn_sqr_words: -bn_sqr_words..ng: - .frame $30,0,$26,0 - .prologue 0 - - subq $18,4,$18 - blt $18,$543 # if we are -1, -2, -3 or -4 goto tail code - ldq $20,0($17) # 1 1 - .align 3 -$542: - mulq $20,$20,$5 ###### - ldq $21,8($17) # 1 1 - subq $18,4 - umulh $20,$20,$1 ###### - ldq $27,16($17) # 1 1 - mulq $21,$21,$6 ###### - ldq $28,24($17) # 1 1 - stq $5,0($16) # r[0] - umulh $21,$21,$2 ###### - stq $1,8($16) # r[1] - mulq $27,$27,$7 ###### - stq $6,16($16) # r[0] - umulh $27,$27,$3 ###### - stq $2,24($16) # r[1] - mulq $28,$28,$8 ###### - stq $7,32($16) # r[0] - umulh $28,$28,$4 ###### - stq $3,40($16) # r[1] - - addq $16,64,$16 - addq $17,32,$17 - stq $8,-16($16) # r[0] - stq $4,-8($16) # r[1] - - blt $18,$543 - ldq $20,0($17) # 1 1 - br $542 - -$442: - ldq $20,0($17) # a[0] - mulq $20,$20,$5 # a[0]*w low part r2 - addq $16,16,$16 - addq $17,8,$17 - subq $18,1,$18 - umulh $20,$20,$1 # a[0]*w high part r3 - stq $5,-16($16) # r[0] - stq $1,-8($16) # r[1] - - bgt $18,$442 - ret $31,($26),1 # else exit - - .align 4 -$543: - addq $18,4,$18 - bgt $18,$442 # goto tail code - ret $31,($26),1 # else exit - .end bn_sqr_words - - .align 3 - .globl bn_add_words - .ent bn_add_words -bn_add_words: -bn_add_words..ng: - .frame $30,0,$26,0 - .prologue 0 - - subq $19,4,$19 - bis $31,$31,$0 # carry = 0 - blt $19,$900 - ldq $5,0($17) # a[0] - ldq $1,0($18) # b[1] - .align 3 -$901: - addq $1,$5,$1 # r=a+b; - ldq $6,8($17) # a[1] - cmpult $1,$5,$22 # did we overflow? - ldq $2,8($18) # b[1] - addq $1,$0,$1 # c+= overflow - ldq $7,16($17) # a[2] - cmpult $1,$0,$0 # overflow? - ldq $3,16($18) # b[2] - addq $0,$22,$0 - ldq $8,24($17) # a[3] - addq $2,$6,$2 # r=a+b; - ldq $4,24($18) # b[3] - cmpult $2,$6,$23 # did we overflow? - addq $3,$7,$3 # r=a+b; - addq $2,$0,$2 # c+= overflow - cmpult $3,$7,$24 # did we overflow? - cmpult $2,$0,$0 # overflow? - addq $4,$8,$4 # r=a+b; - addq $0,$23,$0 - cmpult $4,$8,$25 # did we overflow? - addq $3,$0,$3 # c+= overflow - stq $1,0($16) # r[0]=c - cmpult $3,$0,$0 # overflow? - stq $2,8($16) # r[1]=c - addq $0,$24,$0 - stq $3,16($16) # r[2]=c - addq $4,$0,$4 # c+= overflow - subq $19,4,$19 # loop-- - cmpult $4,$0,$0 # overflow? - addq $17,32,$17 # a++ - addq $0,$25,$0 - stq $4,24($16) # r[3]=c - addq $18,32,$18 # b++ - addq $16,32,$16 # r++ - - blt $19,$900 - ldq $5,0($17) # a[0] - ldq $1,0($18) # b[1] - br $901 - .align 4 -$945: - ldq $5,0($17) # a[0] - ldq $1,0($18) # b[1] - addq $1,$5,$1 # r=a+b; - subq $19,1,$19 # loop-- - addq $1,$0,$1 # c+= overflow - addq $17,8,$17 # a++ - cmpult $1,$5,$22 # did we overflow? - cmpult $1,$0,$0 # overflow? - addq $18,8,$18 # b++ - stq $1,0($16) # r[0]=c - addq $0,$22,$0 - addq $16,8,$16 # r++ - - bgt $19,$945 - ret $31,($26),1 # else exit - -$900: - addq $19,4,$19 - bgt $19,$945 # goto tail code - ret $31,($26),1 # else exit - .end bn_add_words - - # - # What follows was taken directly from the C compiler with a few - # hacks to redo the lables. - # -.text - .align 3 - .globl bn_div64 - .ent bn_div64 -bn_div64: - ldgp $29,0($27) -bn_div64..ng: - lda $30,-48($30) - .frame $30,48,$26,0 - stq $26,0($30) - stq $9,8($30) - stq $10,16($30) - stq $11,24($30) - stq $12,32($30) - stq $13,40($30) - .mask 0x4003e00,-48 - .prologue 1 - bis $16,$16,$9 - bis $17,$17,$10 - bis $18,$18,$11 - bis $31,$31,$13 - bis $31,2,$12 - bne $11,$119 - lda $0,-1 - br $31,$136 - .align 4 -$119: - bis $11,$11,$16 - jsr $26,BN_num_bits_word - ldgp $29,0($26) - subq $0,64,$1 - beq $1,$120 - bis $31,1,$1 - sll $1,$0,$1 - cmpule $9,$1,$1 - bne $1,$120 - # lda $16,_IO_stderr_ - # lda $17,$C32 - # bis $0,$0,$18 - # jsr $26,fprintf - # ldgp $29,0($26) - jsr $26,abort - ldgp $29,0($26) - .align 4 -$120: - bis $31,64,$3 - cmpult $9,$11,$2 - subq $3,$0,$1 - addl $1,$31,$0 - subq $9,$11,$1 - cmoveq $2,$1,$9 - beq $0,$122 - zapnot $0,15,$2 - subq $3,$0,$1 - sll $11,$2,$11 - sll $9,$2,$3 - srl $10,$1,$1 - sll $10,$2,$10 - bis $3,$1,$9 -$122: - srl $11,32,$5 - zapnot $11,15,$6 - lda $7,-1 - .align 5 -$123: - srl $9,32,$1 - subq $1,$5,$1 - bne $1,$126 - zapnot $7,15,$27 - br $31,$127 - .align 4 -$126: - bis $9,$9,$24 - bis $5,$5,$25 - divqu $24,$25,$27 -$127: - srl $10,32,$4 - .align 5 -$128: - mulq $27,$5,$1 - subq $9,$1,$3 - zapnot $3,240,$1 - bne $1,$129 - mulq $6,$27,$2 - sll $3,32,$1 - addq $1,$4,$1 - cmpule $2,$1,$2 - bne $2,$129 - subq $27,1,$27 - br $31,$128 - .align 4 -$129: - mulq $27,$6,$1 - mulq $27,$5,$4 - srl $1,32,$3 - sll $1,32,$1 - addq $4,$3,$4 - cmpult $10,$1,$2 - subq $10,$1,$10 - addq $2,$4,$2 - cmpult $9,$2,$1 - bis $2,$2,$4 - beq $1,$134 - addq $9,$11,$9 - subq $27,1,$27 -$134: - subl $12,1,$12 - subq $9,$4,$9 - beq $12,$124 - sll $27,32,$13 - sll $9,32,$2 - srl $10,32,$1 - sll $10,32,$10 - bis $2,$1,$9 - br $31,$123 - .align 4 -$124: - bis $13,$27,$0 -$136: - ldq $26,0($30) - ldq $9,8($30) - ldq $10,16($30) - ldq $11,24($30) - ldq $12,32($30) - ldq $13,40($30) - addq $30,48,$30 - ret $31,($26),1 - .end bn_div64 - - .set noat - .text - .align 3 - .globl bn_sub_words - .ent bn_sub_words -bn_sub_words: -bn_sub_words..ng: - .frame $30,0,$26,0 - .prologue 0 - - subq $19, 4, $19 - bis $31, $31, $0 - blt $19, $100 - ldq $1, 0($17) - ldq $2, 0($18) -$101: - ldq $3, 8($17) - cmpult $1, $2, $4 - ldq $5, 8($18) - subq $1, $2, $1 - ldq $6, 16($17) - cmpult $1, $0, $2 - ldq $7, 16($18) - subq $1, $0, $23 - ldq $8, 24($17) - addq $2, $4, $0 - cmpult $3, $5, $24 - subq $3, $5, $3 - ldq $22, 24($18) - cmpult $3, $0, $5 - subq $3, $0, $25 - addq $5, $24, $0 - cmpult $6, $7, $27 - subq $6, $7, $6 - stq $23, 0($16) - cmpult $6, $0, $7 - subq $6, $0, $28 - addq $7, $27, $0 - cmpult $8, $22, $21 - subq $8, $22, $8 - stq $25, 8($16) - cmpult $8, $0, $22 - subq $8, $0, $20 - addq $22, $21, $0 - stq $28, 16($16) - subq $19, 4, $19 - stq $20, 24($16) - addq $17, 32, $17 - addq $18, 32, $18 - addq $16, 32, $16 - blt $19, $100 - ldq $1, 0($17) - ldq $2, 0($18) - br $101 -$102: - ldq $1, 0($17) - ldq $2, 0($18) - cmpult $1, $2, $27 - subq $1, $2, $1 - cmpult $1, $0, $2 - subq $1, $0, $1 - stq $1, 0($16) - addq $2, $27, $0 - addq $17, 8, $17 - addq $18, 8, $18 - addq $16, 8, $16 - subq $19, 1, $19 - bgt $19, $102 - ret $31,($26),1 -$100: - addq $19, 4, $19 - bgt $19, $102 -$103: - ret $31,($26),1 - .end bn_sub_words diff --git a/src/lib/libcrypto/bn/asm/alpha.works/add.pl b/src/lib/libcrypto/bn/asm/alpha.works/add.pl deleted file mode 100644 index 4dc76e6b69..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/add.pl +++ /dev/null @@ -1,119 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_add_words - { - local($name)=@_; - local($cc,$a,$b,$r); - - &init_pool(4); - ($cc)=GR("r0"); - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - $count=&wparam(3); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - &br(&label("finish")); - &blt($count,&label("finish")); - - ($a0,$b0)=&NR(2); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - -########################################################## - &set_label("loop"); - - ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap)); - ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp)); - ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap)); - ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp)); - ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap)); - ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp)); - - ($o0,$t0)=&NR(2); - &add($a0,$b0,$o0); - &cmpult($o0,$b0,$t0); - &add($o0,$cc,$o0); - &cmpult($o0,$cc,$cc); - &add($cc,$t0,$cc); &FR($t0); - - ($t1,$o1)=&NR(2); - - &add($a1,$b1,$o1); &FR($a1); - &cmpult($o1,$b1,$t1); &FR($b1); - &add($o1,$cc,$o1); - &cmpult($o1,$cc,$cc); - &add($cc,$t1,$cc); &FR($t1); - - ($t2,$o2)=&NR(2); - - &add($a2,$b2,$o2); &FR($a2); - &cmpult($o2,$b2,$t2); &FR($b2); - &add($o2,$cc,$o2); - &cmpult($o2,$cc,$cc); - &add($cc,$t2,$cc); &FR($t2); - - ($t3,$o3)=&NR(2); - - &add($a3,$b3,$o3); &FR($a3); - &cmpult($o3,$b3,$t3); &FR($b3); - &add($o3,$cc,$o3); - &cmpult($o3,$cc,$cc); - &add($cc,$t3,$cc); &FR($t3); - - &st($o0,&QWPw(0,$rp)); &FR($o0); - &st($o1,&QWPw(0,$rp)); &FR($o1); - &st($o2,&QWPw(0,$rp)); &FR($o2); - &st($o3,&QWPw(0,$rp)); &FR($o3); - - &sub($count,4,$count); # count-=4 - &add($ap,4*$QWS,$ap); # count+=4 - &add($bp,4*$QWS,$bp); # count+=4 - &add($rp,4*$QWS,$rp); # count+=4 - - &blt($count,&label("finish")); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - &br(&label("loop")); -################################################## - # Do the last 0..3 words - - ($t0,$o0)=&NR(2); - &set_label("last_loop"); - - &ld($a0,&QWPw(0,$ap)); # get a - &ld($b0,&QWPw(0,$bp)); # get b - - &add($a0,$b0,$o0); - &cmpult($o0,$b0,$t0); # will we borrow? - &add($o0,$cc,$o0); # will we borrow? - &cmpult($o0,$cc,$cc); # will we borrow? - &add($cc,$t0,$cc); # add the borrows - &st($o0,&QWPw(0,$rp)); # save - - &add($ap,$QWS,$ap); - &add($bp,$QWS,$bp); - &add($rp,$QWS,$rp); - &sub($count,1,$count); - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &FR($o0,$t0,$a0,$b0); - &set_label("end"); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha.works/div.pl b/src/lib/libcrypto/bn/asm/alpha.works/div.pl deleted file mode 100644 index 7ec144377f..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/div.pl +++ /dev/null @@ -1,144 +0,0 @@ -#!/usr/local/bin/perl - -sub bn_div64 - { - local($data)=<<'EOF'; - # - # What follows was taken directly from the C compiler with a few - # hacks to redo the lables. - # -.text - .set noreorder - .set volatile - .align 3 - .globl bn_div64 - .ent bn_div64 -bn_div64: - ldgp $29,0($27) -bn_div64..ng: - lda $30,-48($30) - .frame $30,48,$26,0 - stq $26,0($30) - stq $9,8($30) - stq $10,16($30) - stq $11,24($30) - stq $12,32($30) - stq $13,40($30) - .mask 0x4003e00,-48 - .prologue 1 - bis $16,$16,$9 - bis $17,$17,$10 - bis $18,$18,$11 - bis $31,$31,$13 - bis $31,2,$12 - bne $11,$9119 - lda $0,-1 - br $31,$9136 - .align 4 -$9119: - bis $11,$11,$16 - jsr $26,BN_num_bits_word - ldgp $29,0($26) - subq $0,64,$1 - beq $1,$9120 - bis $31,1,$1 - sll $1,$0,$1 - cmpule $9,$1,$1 - bne $1,$9120 - # lda $16,_IO_stderr_ - # lda $17,$C32 - # bis $0,$0,$18 - # jsr $26,fprintf - # ldgp $29,0($26) - jsr $26,abort - ldgp $29,0($26) - .align 4 -$9120: - bis $31,64,$3 - cmpult $9,$11,$2 - subq $3,$0,$1 - addl $1,$31,$0 - subq $9,$11,$1 - cmoveq $2,$1,$9 - beq $0,$9122 - zapnot $0,15,$2 - subq $3,$0,$1 - sll $11,$2,$11 - sll $9,$2,$3 - srl $10,$1,$1 - sll $10,$2,$10 - bis $3,$1,$9 -$9122: - srl $11,32,$5 - zapnot $11,15,$6 - lda $7,-1 - .align 5 -$9123: - srl $9,32,$1 - subq $1,$5,$1 - bne $1,$9126 - zapnot $7,15,$27 - br $31,$9127 - .align 4 -$9126: - bis $9,$9,$24 - bis $5,$5,$25 - divqu $24,$25,$27 -$9127: - srl $10,32,$4 - .align 5 -$9128: - mulq $27,$5,$1 - subq $9,$1,$3 - zapnot $3,240,$1 - bne $1,$9129 - mulq $6,$27,$2 - sll $3,32,$1 - addq $1,$4,$1 - cmpule $2,$1,$2 - bne $2,$9129 - subq $27,1,$27 - br $31,$9128 - .align 4 -$9129: - mulq $27,$6,$1 - mulq $27,$5,$4 - srl $1,32,$3 - sll $1,32,$1 - addq $4,$3,$4 - cmpult $10,$1,$2 - subq $10,$1,$10 - addq $2,$4,$2 - cmpult $9,$2,$1 - bis $2,$2,$4 - beq $1,$9134 - addq $9,$11,$9 - subq $27,1,$27 -$9134: - subl $12,1,$12 - subq $9,$4,$9 - beq $12,$9124 - sll $27,32,$13 - sll $9,32,$2 - srl $10,32,$1 - sll $10,32,$10 - bis $2,$1,$9 - br $31,$9123 - .align 4 -$9124: - bis $13,$27,$0 -$9136: - ldq $26,0($30) - ldq $9,8($30) - ldq $10,16($30) - ldq $11,24($30) - ldq $12,32($30) - ldq $13,40($30) - addq $30,48,$30 - ret $31,($26),1 - .end bn_div64 -EOF - &asm_add($data); - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha.works/mul.pl b/src/lib/libcrypto/bn/asm/alpha.works/mul.pl deleted file mode 100644 index b182bae452..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/mul.pl +++ /dev/null @@ -1,116 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_mul_words - { - local($name)=@_; - local($cc,$a,$b,$r,$couny); - - &init_pool(4); - ($cc)=GR("r0"); - - $rp=&wparam(0); - $ap=&wparam(1); - $count=&wparam(2); - $word=&wparam(3); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - &br(&label("finish")); - &blt($count,&label("finish")); - - ($a0,$r0)=&NR(2); - &ld($a0,&QWPw(0,$ap)); - &ld($r0,&QWPw(0,$rp)); - -$a=<<'EOF'; -########################################################## - &set_label("loop"); - - ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap)); - ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp)); - ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap)); - ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp)); - ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap)); - ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp)); - - ($o0,$t0)=&NR(2); - &add($a0,$b0,$o0); - &cmpult($o0,$b0,$t0); - &add($o0,$cc,$o0); - &cmpult($o0,$cc,$cc); - &add($cc,$t0,$cc); &FR($t0); - - ($t1,$o1)=&NR(2); - - &add($a1,$b1,$o1); &FR($a1); - &cmpult($o1,$b1,$t1); &FR($b1); - &add($o1,$cc,$o1); - &cmpult($o1,$cc,$cc); - &add($cc,$t1,$cc); &FR($t1); - - ($t2,$o2)=&NR(2); - - &add($a2,$b2,$o2); &FR($a2); - &cmpult($o2,$b2,$t2); &FR($b2); - &add($o2,$cc,$o2); - &cmpult($o2,$cc,$cc); - &add($cc,$t2,$cc); &FR($t2); - - ($t3,$o3)=&NR(2); - - &add($a3,$b3,$o3); &FR($a3); - &cmpult($o3,$b3,$t3); &FR($b3); - &add($o3,$cc,$o3); - &cmpult($o3,$cc,$cc); - &add($cc,$t3,$cc); &FR($t3); - - &st($o0,&QWPw(0,$rp)); &FR($o0); - &st($o1,&QWPw(0,$rp)); &FR($o1); - &st($o2,&QWPw(0,$rp)); &FR($o2); - &st($o3,&QWPw(0,$rp)); &FR($o3); - - &sub($count,4,$count); # count-=4 - &add($ap,4*$QWS,$ap); # count+=4 - &add($bp,4*$QWS,$bp); # count+=4 - &add($rp,4*$QWS,$rp); # count+=4 - - &blt($count,&label("finish")); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - &br(&label("loop")); -EOF -################################################## - # Do the last 0..3 words - - &set_label("last_loop"); - - &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a - &mul($a0,$word,($l0)=&NR(1)); - &add($ap,$QWS,$ap); - &muh($a0,$word,($h0)=&NR(1)); &FR($a0); - &add($l0,$cc,$l0); - &add($rp,$QWS,$rp); - &sub($count,1,$count); - &cmpult($l0,$cc,$cc); - &st($l0,&QWPw(-1,$rp)); &FR($l0); - &add($h0,$cc,$cc); &FR($h0); - - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &set_label("end"); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha.works/mul_add.pl b/src/lib/libcrypto/bn/asm/alpha.works/mul_add.pl deleted file mode 100644 index e37f6315fb..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/mul_add.pl +++ /dev/null @@ -1,120 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_mul_add_words - { - local($name)=@_; - local($cc,$a,$b,$r,$couny); - - &init_pool(4); - ($cc)=GR("r0"); - - $rp=&wparam(0); - $ap=&wparam(1); - $count=&wparam(2); - $word=&wparam(3); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - &br(&label("finish")); - &blt($count,&label("finish")); - - ($a0,$r0)=&NR(2); - &ld($a0,&QWPw(0,$ap)); - &ld($r0,&QWPw(0,$rp)); - -$a=<<'EOF'; -########################################################## - &set_label("loop"); - - ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap)); - ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp)); - ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap)); - ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp)); - ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap)); - ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp)); - - ($o0,$t0)=&NR(2); - &add($a0,$b0,$o0); - &cmpult($o0,$b0,$t0); - &add($o0,$cc,$o0); - &cmpult($o0,$cc,$cc); - &add($cc,$t0,$cc); &FR($t0); - - ($t1,$o1)=&NR(2); - - &add($a1,$b1,$o1); &FR($a1); - &cmpult($o1,$b1,$t1); &FR($b1); - &add($o1,$cc,$o1); - &cmpult($o1,$cc,$cc); - &add($cc,$t1,$cc); &FR($t1); - - ($t2,$o2)=&NR(2); - - &add($a2,$b2,$o2); &FR($a2); - &cmpult($o2,$b2,$t2); &FR($b2); - &add($o2,$cc,$o2); - &cmpult($o2,$cc,$cc); - &add($cc,$t2,$cc); &FR($t2); - - ($t3,$o3)=&NR(2); - - &add($a3,$b3,$o3); &FR($a3); - &cmpult($o3,$b3,$t3); &FR($b3); - &add($o3,$cc,$o3); - &cmpult($o3,$cc,$cc); - &add($cc,$t3,$cc); &FR($t3); - - &st($o0,&QWPw(0,$rp)); &FR($o0); - &st($o1,&QWPw(0,$rp)); &FR($o1); - &st($o2,&QWPw(0,$rp)); &FR($o2); - &st($o3,&QWPw(0,$rp)); &FR($o3); - - &sub($count,4,$count); # count-=4 - &add($ap,4*$QWS,$ap); # count+=4 - &add($bp,4*$QWS,$bp); # count+=4 - &add($rp,4*$QWS,$rp); # count+=4 - - &blt($count,&label("finish")); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - &br(&label("loop")); -EOF -################################################## - # Do the last 0..3 words - - &set_label("last_loop"); - - &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a - &ld(($r0)=&NR(1),&QWPw(0,$rp)); # get b - &mul($a0,$word,($l0)=&NR(1)); - &sub($count,1,$count); - &add($ap,$QWS,$ap); - &muh($a0,$word,($h0)=&NR(1)); &FR($a0); - &add($r0,$l0,$r0); - &add($rp,$QWS,$rp); - &cmpult($r0,$l0,($t0)=&NR(1)); &FR($l0); - &add($r0,$cc,$r0); - &add($h0,$t0,$h0); &FR($t0); - &cmpult($r0,$cc,$cc); - &st($r0,&QWPw(-1,$rp)); &FR($r0); - &add($h0,$cc,$cc); &FR($h0); - - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &set_label("end"); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.pl b/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.pl deleted file mode 100644 index 5efd201281..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.pl +++ /dev/null @@ -1,213 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub mul_add_c - { - local($a,$b,$c0,$c1,$c2)=@_; - local($l1,$h1,$t1,$t2); - - &mul($a,$b,($l1)=&NR(1)); - &muh($a,$b,($h1)=&NR(1)); - &add($c0,$l1,$c0); - &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1); - &add($t1,$h1,$h1); &FR($t1); - &add($c1,$h1,$c1); - &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1); - &add($c2,$t2,$c2); &FR($t2); - } - -sub bn_mul_comba4 - { - local($name)=@_; - local(@a,@b,$r,$c0,$c1,$c2); - - $cnt=1; - &init_pool(3); - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - - &function_begin($name,""); - - &comment(""); - - &ld(($a[0])=&NR(1),&QWPw(0,$ap)); - &ld(($b[0])=&NR(1),&QWPw(0,$bp)); - &ld(($a[1])=&NR(1),&QWPw(1,$ap)); - &ld(($b[1])=&NR(1),&QWPw(1,$bp)); - &mul($a[0],$b[0],($r00)=&NR(1)); - &ld(($a[2])=&NR(1),&QWPw(2,$ap)); - &ld(($b[2])=&NR(1),&QWPw(2,$bp)); - &muh($a[0],$b[0],($r01)=&NR(1)); - &FR($ap); &ld(($a[3])=&NR(1),&QWPw(3,$ap)); - &FR($bp); &ld(($b[3])=&NR(1),&QWPw(3,$bp)); - &mul($a[0],$b[1],($r02)=&NR(1)); - - ($R,$H1,$H2)=&NR(3); - - &st($r00,&QWPw(0,$rp)); &FR($r00); - - &mov("zero",$R); - &mul($a[1],$b[0],($r03)=&NR(1)); - - &mov("zero",$H1); - &mov("zero",$H0); - &add($R,$r01,$R); - &muh($a[0],$b[1],($r04)=&NR(1)); - &cmpult($R,$r01,($t01)=&NR(1)); &FR($r01); - &add($R,$r02,$R); - &add($H1,$t01,$H1) &FR($t01); - &muh($a[1],$b[0],($r05)=&NR(1)); - &cmpult($R,$r02,($t02)=&NR(1)); &FR($r02); - &add($R,$r03,$R); - &add($H2,$t02,$H2) &FR($t02); - &mul($a[0],$b[2],($r06)=&NR(1)); - &cmpult($R,$r03,($t03)=&NR(1)); &FR($r03); - &add($H1,$t03,$H1) &FR($t03); - &st($R,&QWPw(1,$rp)); - &add($H1,$H2,$R); - - &mov("zero",$H1); - &add($R,$r04,$R); - &mov("zero",$H2); - &mul($a[1],$b[1],($r07)=&NR(1)); - &cmpult($R,$r04,($t04)=&NR(1)); &FR($r04); - &add($R,$r05,$R); - &add($H1,$t04,$H1) &FR($t04); - &mul($a[2],$b[0],($r08)=&NR(1)); - &cmpult($R,$r05,($t05)=&NR(1)); &FR($r05); - &add($R,$r01,$R); - &add($H2,$t05,$H2) &FR($t05); - &muh($a[0],$b[2],($r09)=&NR(1)); - &cmpult($R,$r06,($t06)=&NR(1)); &FR($r06); - &add($R,$r07,$R); - &add($H1,$t06,$H1) &FR($t06); - &muh($a[1],$b[1],($r10)=&NR(1)); - &cmpult($R,$r07,($t07)=&NR(1)); &FR($r07); - &add($R,$r08,$R); - &add($H2,$t07,$H2) &FR($t07); - &muh($a[2],$b[0],($r11)=&NR(1)); - &cmpult($R,$r08,($t08)=&NR(1)); &FR($r08); - &add($H1,$t08,$H1) &FR($t08); - &st($R,&QWPw(2,$rp)); - &add($H1,$H2,$R); - - &mov("zero",$H1); - &add($R,$r09,$R); - &mov("zero",$H2); - &mul($a[0],$b[3],($r12)=&NR(1)); - &cmpult($R,$r09,($t09)=&NR(1)); &FR($r09); - &add($R,$r10,$R); - &add($H1,$t09,$H1) &FR($t09); - &mul($a[1],$b[2],($r13)=&NR(1)); - &cmpult($R,$r10,($t10)=&NR(1)); &FR($r10); - &add($R,$r11,$R); - &add($H1,$t10,$H1) &FR($t10); - &mul($a[2],$b[1],($r14)=&NR(1)); - &cmpult($R,$r11,($t11)=&NR(1)); &FR($r11); - &add($R,$r12,$R); - &add($H1,$t11,$H1) &FR($t11); - &mul($a[3],$b[0],($r15)=&NR(1)); - &cmpult($R,$r12,($t12)=&NR(1)); &FR($r12); - &add($R,$r13,$R); - &add($H1,$t12,$H1) &FR($t12); - &muh($a[0],$b[3],($r16)=&NR(1)); - &cmpult($R,$r13,($t13)=&NR(1)); &FR($r13); - &add($R,$r14,$R); - &add($H1,$t13,$H1) &FR($t13); - &muh($a[1],$b[2],($r17)=&NR(1)); - &cmpult($R,$r14,($t14)=&NR(1)); &FR($r14); - &add($R,$r15,$R); - &add($H1,$t14,$H1) &FR($t14); - &muh($a[2],$b[1],($r18)=&NR(1)); - &cmpult($R,$r15,($t15)=&NR(1)); &FR($r15); - &add($H1,$t15,$H1) &FR($t15); - &st($R,&QWPw(3,$rp)); - &add($H1,$H2,$R); - - &mov("zero",$H1); - &add($R,$r16,$R); - &mov("zero",$H2); - &muh($a[3],$b[0],($r19)=&NR(1)); - &cmpult($R,$r16,($t16)=&NR(1)); &FR($r16); - &add($R,$r17,$R); - &add($H1,$t16,$H1) &FR($t16); - &mul($a[1],$b[3],($r20)=&NR(1)); - &cmpult($R,$r17,($t17)=&NR(1)); &FR($r17); - &add($R,$r18,$R); - &add($H1,$t17,$H1) &FR($t17); - &mul($a[2],$b[2],($r21)=&NR(1)); - &cmpult($R,$r18,($t18)=&NR(1)); &FR($r18); - &add($R,$r19,$R); - &add($H1,$t18,$H1) &FR($t18); - &mul($a[3],$b[1],($r22)=&NR(1)); - &cmpult($R,$r19,($t19)=&NR(1)); &FR($r19); - &add($R,$r20,$R); - &add($H1,$t19,$H1) &FR($t19); - &muh($a[1],$b[3],($r23)=&NR(1)); - &cmpult($R,$r20,($t20)=&NR(1)); &FR($r20); - &add($R,$r21,$R); - &add($H1,$t20,$H1) &FR($t20); - &muh($a[2],$b[2],($r24)=&NR(1)); - &cmpult($R,$r21,($t21)=&NR(1)); &FR($r21); - &add($R,$r22,$R); - &add($H1,$t21,$H1) &FR($t21); - &muh($a[3],$b[1],($r25)=&NR(1)); - &cmpult($R,$r22,($t22)=&NR(1)); &FR($r22); - &add($H1,$t22,$H1) &FR($t22); - &st($R,&QWPw(4,$rp)); - &add($H1,$H2,$R); - - &mov("zero",$H1); - &add($R,$r23,$R); - &mov("zero",$H2); - &mul($a[2],$b[3],($r26)=&NR(1)); - &cmpult($R,$r23,($t23)=&NR(1)); &FR($r23); - &add($R,$r24,$R); - &add($H1,$t23,$H1) &FR($t23); - &mul($a[3],$b[2],($r27)=&NR(1)); - &cmpult($R,$r24,($t24)=&NR(1)); &FR($r24); - &add($R,$r25,$R); - &add($H1,$t24,$H1) &FR($t24); - &muh($a[2],$b[3],($r28)=&NR(1)); - &cmpult($R,$r25,($t25)=&NR(1)); &FR($r25); - &add($R,$r26,$R); - &add($H1,$t25,$H1) &FR($t25); - &muh($a[3],$b[2],($r29)=&NR(1)); - &cmpult($R,$r26,($t26)=&NR(1)); &FR($r26); - &add($R,$r27,$R); - &add($H1,$t26,$H1) &FR($t26); - &mul($a[3],$b[3],($r30)=&NR(1)); - &cmpult($R,$r27,($t27)=&NR(1)); &FR($r27); - &add($H1,$t27,$H1) &FR($t27); - &st($R,&QWPw(5,$rp)); - &add($H1,$H2,$R); - - &mov("zero",$H1); - &add($R,$r28,$R); - &mov("zero",$H2); - &muh($a[3],$b[3],($r31)=&NR(1)); - &cmpult($R,$r28,($t28)=&NR(1)); &FR($r28); - &add($R,$r29,$R); - &add($H1,$t28,$H1) &FR($t28); - ############ - &cmpult($R,$r29,($t29)=&NR(1)); &FR($r29); - &add($R,$r30,$R); - &add($H1,$t29,$H1) &FR($t29); - ############ - &cmpult($R,$r30,($t30)=&NR(1)); &FR($r30); - &add($H1,$t30,$H1) &FR($t30); - &st($R,&QWPw(6,$rp)); - &add($H1,$H2,$R); - - &add($R,$r31,$R); &FR($r31); - &st($R,&QWPw(7,$rp)); - - &FR($R,$H1,$H2); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.works.pl b/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.works.pl deleted file mode 100644 index 79d86dd25c..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.works.pl +++ /dev/null @@ -1,98 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub mul_add_c - { - local($a,$b,$c0,$c1,$c2)=@_; - local($l1,$h1,$t1,$t2); - -print STDERR "count=$cnt\n"; $cnt++; - &mul($a,$b,($l1)=&NR(1)); - &muh($a,$b,($h1)=&NR(1)); - &add($c0,$l1,$c0); - &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1); - &add($t1,$h1,$h1); &FR($t1); - &add($c1,$h1,$c1); - &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1); - &add($c2,$t2,$c2); &FR($t2); - } - -sub bn_mul_comba4 - { - local($name)=@_; - local(@a,@b,$r,$c0,$c1,$c2); - - $cnt=1; - &init_pool(3); - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - - &function_begin($name,""); - - &comment(""); - - &ld(($a[0])=&NR(1),&QWPw(0,$ap)); - &ld(($b[0])=&NR(1),&QWPw(0,$bp)); - &ld(($a[1])=&NR(1),&QWPw(1,$ap)); - &ld(($b[1])=&NR(1),&QWPw(1,$bp)); - &ld(($a[2])=&NR(1),&QWPw(2,$ap)); - &ld(($b[2])=&NR(1),&QWPw(2,$bp)); - &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap); - &ld(($b[3])=&NR(1),&QWPw(3,$bp)); &FR($bp); - - ($c0,$c1,$c2)=&NR(3); - &mov("zero",$c2); - &mul($a[0],$b[0],$c0); - &muh($a[0],$b[0],$c1); - &st($c0,&QWPw(0,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[1],$c0,$c1,$c2); - &mul_add_c($a[1],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(1,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[1],$b[1],$c0,$c1,$c2); - &mul_add_c($a[0],$b[2],$c0,$c1,$c2); - &mul_add_c($a[2],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(2,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[3],$c0,$c1,$c2); &FR($a[0]); - &mul_add_c($a[1],$b[2],$c0,$c1,$c2); - &mul_add_c($a[2],$b[1],$c0,$c1,$c2); - &mul_add_c($a[3],$b[0],$c0,$c1,$c2); &FR($b[0]); - &st($c0,&QWPw(3,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[1],$b[3],$c0,$c1,$c2); &FR($a[1]); - &mul_add_c($a[2],$b[2],$c0,$c1,$c2); - &mul_add_c($a[3],$b[1],$c0,$c1,$c2); &FR($b[1]); - &st($c0,&QWPw(4,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[2],$b[3],$c0,$c1,$c2); &FR($a[2]); - &mul_add_c($a[3],$b[2],$c0,$c1,$c2); &FR($b[2]); - &st($c0,&QWPw(5,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[3],$b[3],$c0,$c1,$c2); &FR($a[3],$b[3]); - &st($c0,&QWPw(6,$rp)); - &st($c1,&QWPw(7,$rp)); - - &FR($c0,$c1,$c2); - - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha.works/mul_c8.pl b/src/lib/libcrypto/bn/asm/alpha.works/mul_c8.pl deleted file mode 100644 index 525ca7494b..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/mul_c8.pl +++ /dev/null @@ -1,177 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_mul_comba8 - { - local($name)=@_; - local(@a,@b,$r,$c0,$c1,$c2); - - $cnt=1; - &init_pool(3); - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - - &function_begin($name,""); - - &comment(""); - - &stack_push(2); - &ld(($a[0])=&NR(1),&QWPw(0,$ap)); - &ld(($b[0])=&NR(1),&QWPw(0,$bp)); - &st($reg_s0,&swtmp(0)); &FR($reg_s0); - &st($reg_s1,&swtmp(1)); &FR($reg_s1); - &ld(($a[1])=&NR(1),&QWPw(1,$ap)); - &ld(($b[1])=&NR(1),&QWPw(1,$bp)); - &ld(($a[2])=&NR(1),&QWPw(2,$ap)); - &ld(($b[2])=&NR(1),&QWPw(2,$bp)); - &ld(($a[3])=&NR(1),&QWPw(3,$ap)); - &ld(($b[3])=&NR(1),&QWPw(3,$bp)); - &ld(($a[4])=&NR(1),&QWPw(1,$ap)); - &ld(($b[4])=&NR(1),&QWPw(1,$bp)); - &ld(($a[5])=&NR(1),&QWPw(1,$ap)); - &ld(($b[5])=&NR(1),&QWPw(1,$bp)); - &ld(($a[6])=&NR(1),&QWPw(1,$ap)); - &ld(($b[6])=&NR(1),&QWPw(1,$bp)); - &ld(($a[7])=&NR(1),&QWPw(1,$ap)); &FR($ap); - &ld(($b[7])=&NR(1),&QWPw(1,$bp)); &FR($bp); - - ($c0,$c1,$c2)=&NR(3); - &mov("zero",$c2); - &mul($a[0],$b[0],$c0); - &muh($a[0],$b[0],$c1); - &st($c0,&QWPw(0,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[1],$c0,$c1,$c2); - &mul_add_c($a[1],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(1,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[2],$c0,$c1,$c2); - &mul_add_c($a[1],$b[1],$c0,$c1,$c2); - &mul_add_c($a[2],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(2,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[3],$c0,$c1,$c2); - &mul_add_c($a[1],$b[2],$c0,$c1,$c2); - &mul_add_c($a[2],$b[1],$c0,$c1,$c2); - &mul_add_c($a[3],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(3,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[4],$c0,$c1,$c2); - &mul_add_c($a[1],$b[3],$c0,$c1,$c2); - &mul_add_c($a[2],$b[2],$c0,$c1,$c2); - &mul_add_c($a[3],$b[1],$c0,$c1,$c2); - &mul_add_c($a[4],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(4,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[5],$c0,$c1,$c2); - &mul_add_c($a[1],$b[4],$c0,$c1,$c2); - &mul_add_c($a[2],$b[3],$c0,$c1,$c2); - &mul_add_c($a[3],$b[2],$c0,$c1,$c2); - &mul_add_c($a[4],$b[1],$c0,$c1,$c2); - &mul_add_c($a[5],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(5,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[6],$c0,$c1,$c2); - &mul_add_c($a[1],$b[5],$c0,$c1,$c2); - &mul_add_c($a[2],$b[4],$c0,$c1,$c2); - &mul_add_c($a[3],$b[3],$c0,$c1,$c2); - &mul_add_c($a[4],$b[2],$c0,$c1,$c2); - &mul_add_c($a[5],$b[1],$c0,$c1,$c2); - &mul_add_c($a[6],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(6,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[7],$c0,$c1,$c2); &FR($a[0]); - &mul_add_c($a[1],$b[6],$c0,$c1,$c2); - &mul_add_c($a[2],$b[5],$c0,$c1,$c2); - &mul_add_c($a[3],$b[4],$c0,$c1,$c2); - &mul_add_c($a[4],$b[3],$c0,$c1,$c2); - &mul_add_c($a[5],$b[2],$c0,$c1,$c2); - &mul_add_c($a[6],$b[1],$c0,$c1,$c2); - &mul_add_c($a[7],$b[0],$c0,$c1,$c2); &FR($b[0]); - &st($c0,&QWPw(7,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[1],$b[7],$c0,$c1,$c2); &FR($a[1]); - &mul_add_c($a[2],$b[6],$c0,$c1,$c2); - &mul_add_c($a[3],$b[5],$c0,$c1,$c2); - &mul_add_c($a[4],$b[4],$c0,$c1,$c2); - &mul_add_c($a[5],$b[3],$c0,$c1,$c2); - &mul_add_c($a[6],$b[2],$c0,$c1,$c2); - &mul_add_c($a[7],$b[1],$c0,$c1,$c2); &FR($b[1]); - &st($c0,&QWPw(8,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[2],$b[7],$c0,$c1,$c2); &FR($a[2]); - &mul_add_c($a[3],$b[6],$c0,$c1,$c2); - &mul_add_c($a[4],$b[5],$c0,$c1,$c2); - &mul_add_c($a[5],$b[4],$c0,$c1,$c2); - &mul_add_c($a[6],$b[3],$c0,$c1,$c2); - &mul_add_c($a[7],$b[2],$c0,$c1,$c2); &FR($b[2]); - &st($c0,&QWPw(9,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[3],$b[7],$c0,$c1,$c2); &FR($a[3]); - &mul_add_c($a[4],$b[6],$c0,$c1,$c2); - &mul_add_c($a[5],$b[5],$c0,$c1,$c2); - &mul_add_c($a[6],$b[4],$c0,$c1,$c2); - &mul_add_c($a[7],$b[3],$c0,$c1,$c2); &FR($b[3]); - &st($c0,&QWPw(10,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[4],$b[7],$c0,$c1,$c2); &FR($a[4]); - &mul_add_c($a[5],$b[6],$c0,$c1,$c2); - &mul_add_c($a[6],$b[5],$c0,$c1,$c2); - &mul_add_c($a[7],$b[4],$c0,$c1,$c2); &FR($b[4]); - &st($c0,&QWPw(11,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[5],$b[7],$c0,$c1,$c2); &FR($a[5]); - &mul_add_c($a[6],$b[6],$c0,$c1,$c2); - &mul_add_c($a[7],$b[5],$c0,$c1,$c2); &FR($b[5]); - &st($c0,&QWPw(12,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[6],$b[7],$c0,$c1,$c2); &FR($a[6]); - &mul_add_c($a[7],$b[6],$c0,$c1,$c2); &FR($b[6]); - &st($c0,&QWPw(13,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[7],$b[7],$c0,$c1,$c2); &FR($a[7],$b[7]); - &st($c0,&QWPw(14,$rp)); - &st($c1,&QWPw(15,$rp)); - - &FR($c0,$c1,$c2); - - &ld($reg_s0,&swtmp(0)); - &ld($reg_s1,&swtmp(1)); - &stack_pop(2); - - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha.works/sqr.pl b/src/lib/libcrypto/bn/asm/alpha.works/sqr.pl deleted file mode 100644 index a55b696906..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/sqr.pl +++ /dev/null @@ -1,113 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_sqr_words - { - local($name)=@_; - local($cc,$a,$b,$r,$couny); - - &init_pool(3); - ($cc)=GR("r0"); - - $rp=&wparam(0); - $ap=&wparam(1); - $count=&wparam(2); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - &br(&label("finish")); - &blt($count,&label("finish")); - - ($a0,$r0)=&NR(2); - &ld($a0,&QWPw(0,$ap)); - &ld($r0,&QWPw(0,$rp)); - -$a=<<'EOF'; -########################################################## - &set_label("loop"); - - ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap)); - ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp)); - ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap)); - ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp)); - ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap)); - ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp)); - - ($o0,$t0)=&NR(2); - &add($a0,$b0,$o0); - &cmpult($o0,$b0,$t0); - &add($o0,$cc,$o0); - &cmpult($o0,$cc,$cc); - &add($cc,$t0,$cc); &FR($t0); - - ($t1,$o1)=&NR(2); - - &add($a1,$b1,$o1); &FR($a1); - &cmpult($o1,$b1,$t1); &FR($b1); - &add($o1,$cc,$o1); - &cmpult($o1,$cc,$cc); - &add($cc,$t1,$cc); &FR($t1); - - ($t2,$o2)=&NR(2); - - &add($a2,$b2,$o2); &FR($a2); - &cmpult($o2,$b2,$t2); &FR($b2); - &add($o2,$cc,$o2); - &cmpult($o2,$cc,$cc); - &add($cc,$t2,$cc); &FR($t2); - - ($t3,$o3)=&NR(2); - - &add($a3,$b3,$o3); &FR($a3); - &cmpult($o3,$b3,$t3); &FR($b3); - &add($o3,$cc,$o3); - &cmpult($o3,$cc,$cc); - &add($cc,$t3,$cc); &FR($t3); - - &st($o0,&QWPw(0,$rp)); &FR($o0); - &st($o1,&QWPw(0,$rp)); &FR($o1); - &st($o2,&QWPw(0,$rp)); &FR($o2); - &st($o3,&QWPw(0,$rp)); &FR($o3); - - &sub($count,4,$count); # count-=4 - &add($ap,4*$QWS,$ap); # count+=4 - &add($bp,4*$QWS,$bp); # count+=4 - &add($rp,4*$QWS,$rp); # count+=4 - - &blt($count,&label("finish")); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - &br(&label("loop")); -EOF -################################################## - # Do the last 0..3 words - - &set_label("last_loop"); - - &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a - &mul($a0,$a0,($l0)=&NR(1)); - &add($ap,$QWS,$ap); - &add($rp,2*$QWS,$rp); - &sub($count,1,$count); - &muh($a0,$a0,($h0)=&NR(1)); &FR($a0); - &st($l0,&QWPw(-2,$rp)); &FR($l0); - &st($h0,&QWPw(-1,$rp)); &FR($h0); - - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &set_label("end"); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha.works/sqr_c4.pl b/src/lib/libcrypto/bn/asm/alpha.works/sqr_c4.pl deleted file mode 100644 index bf33f5b503..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/sqr_c4.pl +++ /dev/null @@ -1,109 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub sqr_add_c - { - local($a,$c0,$c1,$c2)=@_; - local($l1,$h1,$t1,$t2); - - &mul($a,$a,($l1)=&NR(1)); - &muh($a,$a,($h1)=&NR(1)); - &add($c0,$l1,$c0); - &add($c1,$h1,$c1); - &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1); - &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1); - &add($c1,$t1,$c1); &FR($t1); - &add($c2,$t2,$c2); &FR($t2); - } - -sub sqr_add_c2 - { - local($a,$b,$c0,$c1,$c2)=@_; - local($l1,$h1,$t1,$t2); - - &mul($a,$b,($l1)=&NR(1)); - &muh($a,$b,($h1)=&NR(1)); - &cmplt($l1,"zero",($lc1)=&NR(1)); - &cmplt($h1,"zero",($hc1)=&NR(1)); - &add($l1,$l1,$l1); - &add($h1,$h1,$h1); - &add($h1,$lc1,$h1); &FR($lc1); - &add($c2,$hc1,$c2); &FR($hc1); - - &add($c0,$l1,$c0); - &add($c1,$h1,$c1); - &cmpult($c0,$l1,($lc1)=&NR(1)); &FR($l1); - &cmpult($c1,$h1,($hc1)=&NR(1)); &FR($h1); - - &add($c1,$lc1,$c1); &FR($lc1); - &add($c2,$hc1,$c2); &FR($hc1); - } - - -sub bn_sqr_comba4 - { - local($name)=@_; - local(@a,@b,$r,$c0,$c1,$c2); - - $cnt=1; - &init_pool(2); - - $rp=&wparam(0); - $ap=&wparam(1); - - &function_begin($name,""); - - &comment(""); - - &ld(($a[0])=&NR(1),&QWPw(0,$ap)); - &ld(($a[1])=&NR(1),&QWPw(1,$ap)); - &ld(($a[2])=&NR(1),&QWPw(2,$ap)); - &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap); - - ($c0,$c1,$c2)=&NR(3); - - &mov("zero",$c2); - &mul($a[0],$a[0],$c0); - &muh($a[0],$a[0],$c1); - &st($c0,&QWPw(0,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[0],$a[1],$c0,$c1,$c2); - &st($c0,&QWPw(1,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[1],$c0,$c1,$c2); - &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(2,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2); - &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2); - &st($c0,&QWPw(3,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[2],$c0,$c1,$c2); - &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2); - &st($c0,&QWPw(4,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2); - &st($c0,&QWPw(5,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[3],$c0,$c1,$c2); - &st($c0,&QWPw(6,$rp)); - &st($c1,&QWPw(7,$rp)); - - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha.works/sqr_c8.pl b/src/lib/libcrypto/bn/asm/alpha.works/sqr_c8.pl deleted file mode 100644 index b4afe085f1..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/sqr_c8.pl +++ /dev/null @@ -1,132 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_sqr_comba8 - { - local($name)=@_; - local(@a,@b,$r,$c0,$c1,$c2); - - $cnt=1; - &init_pool(2); - - $rp=&wparam(0); - $ap=&wparam(1); - - &function_begin($name,""); - - &comment(""); - - &ld(($a[0])=&NR(1),&QWPw(0,$ap)); - &ld(($a[1])=&NR(1),&QWPw(1,$ap)); - &ld(($a[2])=&NR(1),&QWPw(2,$ap)); - &ld(($a[3])=&NR(1),&QWPw(3,$ap)); - &ld(($a[4])=&NR(1),&QWPw(4,$ap)); - &ld(($a[5])=&NR(1),&QWPw(5,$ap)); - &ld(($a[6])=&NR(1),&QWPw(6,$ap)); - &ld(($a[7])=&NR(1),&QWPw(7,$ap)); &FR($ap); - - ($c0,$c1,$c2)=&NR(3); - - &mov("zero",$c2); - &mul($a[0],$a[0],$c0); - &muh($a[0],$a[0],$c1); - &st($c0,&QWPw(0,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[1],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(1,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[1],$c0,$c1,$c2); - &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(2,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2); - &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(3,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[2],$c0,$c1,$c2); - &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2); - &sqr_add_c2($a[4],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(4,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2); - &sqr_add_c2($a[4],$a[1],$c0,$c1,$c2); - &sqr_add_c2($a[5],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(5,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[3],$c0,$c1,$c2); - &sqr_add_c2($a[4],$a[2],$c0,$c1,$c2); - &sqr_add_c2($a[5],$a[1],$c0,$c1,$c2); - &sqr_add_c2($a[6],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(6,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[4],$a[3],$c0,$c1,$c2); - &sqr_add_c2($a[5],$a[2],$c0,$c1,$c2); - &sqr_add_c2($a[6],$a[1],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(7,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[4],$c0,$c1,$c2); - &sqr_add_c2($a[5],$a[3],$c0,$c1,$c2); - &sqr_add_c2($a[6],$a[2],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[1],$c0,$c1,$c2); - &st($c0,&QWPw(8,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[5],$a[4],$c0,$c1,$c2); - &sqr_add_c2($a[6],$a[3],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[2],$c0,$c1,$c2); - &st($c0,&QWPw(9,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[5],$c0,$c1,$c2); - &sqr_add_c2($a[6],$a[4],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[3],$c0,$c1,$c2); - &st($c0,&QWPw(10,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[6],$a[5],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[4],$c0,$c1,$c2); - &st($c0,&QWPw(11,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[6],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[5],$c0,$c1,$c2); - &st($c0,&QWPw(12,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[7],$a[6],$c0,$c1,$c2); - &st($c0,&QWPw(13,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[7],$c0,$c1,$c2); - &st($c0,&QWPw(14,$rp)); - &st($c1,&QWPw(15,$rp)); - - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha.works/sub.pl b/src/lib/libcrypto/bn/asm/alpha.works/sub.pl deleted file mode 100644 index d998da5c21..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha.works/sub.pl +++ /dev/null @@ -1,108 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_sub_words - { - local($name)=@_; - local($cc,$a,$b,$r); - - &init_pool(4); - ($cc)=GR("r0"); - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - $count=&wparam(3); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - &blt($count,&label("finish")); - - ($a0,$b0)=&NR(2); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - -########################################################## - &set_label("loop"); - - ($a1,$tmp,$b1,$a2,$b2,$a3,$b3,$o0)=&NR(8); - &ld($a1,&QWPw(1,$ap)); - &cmpult($a0,$b0,$tmp); # will we borrow? - &ld($b1,&QWPw(1,$bp)); - &sub($a0,$b0,$a0); # do the subtract - &ld($a2,&QWPw(2,$ap)); - &cmpult($a0,$cc,$b0); # will we borrow? - &ld($b2,&QWPw(2,$bp)); - &sub($a0,$cc,$o0); # will we borrow? - &ld($a3,&QWPw(3,$ap)); - &add($b0,$tmp,$cc); ($t1,$o1)=&NR(2); &FR($tmp); - - &cmpult($a1,$b1,$t1); # will we borrow? - &sub($a1,$b1,$a1); # do the subtract - &ld($b3,&QWPw(3,$bp)); - &cmpult($a1,$cc,$b1); # will we borrow? - &sub($a1,$cc,$o1); # will we borrow? - &add($b1,$t1,$cc); ($tmp,$o2)=&NR(2); &FR($t1,$a1,$b1); - - &cmpult($a2,$b2,$tmp); # will we borrow? - &sub($a2,$b2,$a2); # do the subtract - &st($o0,&QWPw(0,$rp)); &FR($o0); # save - &cmpult($a2,$cc,$b2); # will we borrow? - &sub($a2,$cc,$o2); # will we borrow? - &add($b2,$tmp,$cc); ($t3,$o3)=&NR(2); &FR($tmp,$a2,$b2); - - &cmpult($a3,$b3,$t3); # will we borrow? - &sub($a3,$b3,$a3); # do the subtract - &st($o1,&QWPw(1,$rp)); &FR($o1); - &cmpult($a3,$cc,$b3); # will we borrow? - &sub($a3,$cc,$o3); # will we borrow? - &add($b3,$t3,$cc); &FR($t3,$a3,$b3); - - &st($o2,&QWPw(2,$rp)); &FR($o2); - &sub($count,4,$count); # count-=4 - &st($o3,&QWPw(3,$rp)); &FR($o3); - &add($ap,4*$QWS,$ap); # count+=4 - &add($bp,4*$QWS,$bp); # count+=4 - &add($rp,4*$QWS,$rp); # count+=4 - - &blt($count,&label("finish")); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - &br(&label("loop")); -################################################## - # Do the last 0..3 words - - &set_label("last_loop"); - - &ld($a0,&QWPw(0,$ap)); # get a - &ld($b0,&QWPw(0,$bp)); # get b - &cmpult($a0,$b0,$tmp); # will we borrow? - &sub($a0,$b0,$a0); # do the subtract - &cmpult($a0,$cc,$b0); # will we borrow? - &sub($a0,$cc,$a0); # will we borrow? - &st($a0,&QWPw(0,$rp)); # save - &add($b0,$tmp,$cc); # add the borrows - - &add($ap,$QWS,$ap); - &add($bp,$QWS,$bp); - &add($rp,$QWS,$rp); - &sub($count,1,$count); - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &FR($a0,$b0); - &set_label("end"); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/add.pl b/src/lib/libcrypto/bn/asm/alpha/add.pl deleted file mode 100644 index 13bf516428..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/add.pl +++ /dev/null @@ -1,118 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_add_words - { - local($name)=@_; - local($cc,$a,$b,$r); - - &init_pool(4); - ($cc)=GR("r0"); - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - $count=&wparam(3); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - &blt($count,&label("finish")); - - ($a0,$b0)=&NR(2); - -########################################################## - &set_label("loop"); - - &ld(($a0)=&NR(1),&QWPw(0,$ap)); - &ld(($b0)=&NR(1),&QWPw(0,$bp)); - &ld(($a1)=&NR(1),&QWPw(1,$ap)); - &ld(($b1)=&NR(1),&QWPw(1,$bp)); - - ($o0,$t0)=&NR(2); - &add($a0,$b0,$o0); - &ld(($a2)=&NR(1),&QWPw(2,$ap)); - &cmpult($o0,$b0,$t0); - &add($o0,$cc,$o0); - &cmpult($o0,$cc,$cc); - &ld(($b2)=&NR(1),&QWPw(2,$bp)); - &add($cc,$t0,$cc); &FR($t0); - - ($t1,$o1)=&NR(2); - - &add($a1,$b1,$o1); &FR($a1); - &cmpult($o1,$b1,$t1); &FR($b1); - &add($o1,$cc,$o1); - &cmpult($o1,$cc,$cc); - &ld(($a3)=&NR(1),&QWPw(3,$ap)); - &add($cc,$t1,$cc); &FR($t1); - - ($t2,$o2)=&NR(2); - - &add($a2,$b2,$o2); &FR($a2); - &cmpult($o2,$b2,$t2); &FR($b2); - &add($o2,$cc,$o2); - &cmpult($o2,$cc,$cc); - &ld(($b3)=&NR(1),&QWPw(3,$bp)); - &st($o0,&QWPw(0,$rp)); &FR($o0); - &add($cc,$t2,$cc); &FR($t2); - - ($t3,$o3)=&NR(2); - - &st($o1,&QWPw(0,$rp)); &FR($o1); - &add($a3,$b3,$o3); &FR($a3); - &cmpult($o3,$b3,$t3); &FR($b3); - &add($o3,$cc,$o3); - &st($o2,&QWPw(0,$rp)); &FR($o2); - &cmpult($o3,$cc,$cc); - &st($o3,&QWPw(0,$rp)); &FR($o3); - &add($cc,$t3,$cc); &FR($t3); - - - &sub($count,4,$count); # count-=4 - &add($ap,4*$QWS,$ap); # count+=4 - &add($bp,4*$QWS,$bp); # count+=4 - &add($rp,4*$QWS,$rp); # count+=4 - - ### - &bge($count,&label("loop")); - ### - &br(&label("finish")); -################################################## - # Do the last 0..3 words - - ($t0,$o0)=&NR(2); - &set_label("last_loop"); - - &ld($a0,&QWPw(0,$ap)); # get a - &ld($b0,&QWPw(0,$bp)); # get b - &add($ap,$QWS,$ap); - &add($bp,$QWS,$bp); - &add($a0,$b0,$o0); - &sub($count,1,$count); - &cmpult($o0,$b0,$t0); # will we borrow? - &add($o0,$cc,$o0); # will we borrow? - &cmpult($o0,$cc,$cc); # will we borrow? - &add($rp,$QWS,$rp); - &st($o0,&QWPw(-1,$rp)); # save - &add($cc,$t0,$cc); # add the borrows - - ### - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &FR($o0,$t0,$a0,$b0); - &set_label("end"); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/div.pl b/src/lib/libcrypto/bn/asm/alpha/div.pl deleted file mode 100644 index e9e680897a..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/div.pl +++ /dev/null @@ -1,144 +0,0 @@ -#!/usr/local/bin/perl - -sub bn_div_words - { - local($data)=<<'EOF'; - # - # What follows was taken directly from the C compiler with a few - # hacks to redo the lables. - # -.text - .set noreorder - .set volatile - .align 3 - .globl bn_div_words - .ent bn_div_words -bn_div_words - ldgp $29,0($27) -bn_div_words.ng: - lda $30,-48($30) - .frame $30,48,$26,0 - stq $26,0($30) - stq $9,8($30) - stq $10,16($30) - stq $11,24($30) - stq $12,32($30) - stq $13,40($30) - .mask 0x4003e00,-48 - .prologue 1 - bis $16,$16,$9 - bis $17,$17,$10 - bis $18,$18,$11 - bis $31,$31,$13 - bis $31,2,$12 - bne $11,$9119 - lda $0,-1 - br $31,$9136 - .align 4 -$9119: - bis $11,$11,$16 - jsr $26,BN_num_bits_word - ldgp $29,0($26) - subq $0,64,$1 - beq $1,$9120 - bis $31,1,$1 - sll $1,$0,$1 - cmpule $9,$1,$1 - bne $1,$9120 - # lda $16,_IO_stderr_ - # lda $17,$C32 - # bis $0,$0,$18 - # jsr $26,fprintf - # ldgp $29,0($26) - jsr $26,abort - ldgp $29,0($26) - .align 4 -$9120: - bis $31,64,$3 - cmpult $9,$11,$2 - subq $3,$0,$1 - addl $1,$31,$0 - subq $9,$11,$1 - cmoveq $2,$1,$9 - beq $0,$9122 - zapnot $0,15,$2 - subq $3,$0,$1 - sll $11,$2,$11 - sll $9,$2,$3 - srl $10,$1,$1 - sll $10,$2,$10 - bis $3,$1,$9 -$9122: - srl $11,32,$5 - zapnot $11,15,$6 - lda $7,-1 - .align 5 -$9123: - srl $9,32,$1 - subq $1,$5,$1 - bne $1,$9126 - zapnot $7,15,$27 - br $31,$9127 - .align 4 -$9126: - bis $9,$9,$24 - bis $5,$5,$25 - divqu $24,$25,$27 -$9127: - srl $10,32,$4 - .align 5 -$9128: - mulq $27,$5,$1 - subq $9,$1,$3 - zapnot $3,240,$1 - bne $1,$9129 - mulq $6,$27,$2 - sll $3,32,$1 - addq $1,$4,$1 - cmpule $2,$1,$2 - bne $2,$9129 - subq $27,1,$27 - br $31,$9128 - .align 4 -$9129: - mulq $27,$6,$1 - mulq $27,$5,$4 - srl $1,32,$3 - sll $1,32,$1 - addq $4,$3,$4 - cmpult $10,$1,$2 - subq $10,$1,$10 - addq $2,$4,$2 - cmpult $9,$2,$1 - bis $2,$2,$4 - beq $1,$9134 - addq $9,$11,$9 - subq $27,1,$27 -$9134: - subl $12,1,$12 - subq $9,$4,$9 - beq $12,$9124 - sll $27,32,$13 - sll $9,32,$2 - srl $10,32,$1 - sll $10,32,$10 - bis $2,$1,$9 - br $31,$9123 - .align 4 -$9124: - bis $13,$27,$0 -$9136: - ldq $26,0($30) - ldq $9,8($30) - ldq $10,16($30) - ldq $11,24($30) - ldq $12,32($30) - ldq $13,40($30) - addq $30,48,$30 - ret $31,($26),1 - .end bn_div_words -EOF - &asm_add($data); - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/mul.pl b/src/lib/libcrypto/bn/asm/alpha/mul.pl deleted file mode 100644 index 76c926566c..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/mul.pl +++ /dev/null @@ -1,104 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_mul_words - { - local($name)=@_; - local($cc,$a,$b,$r,$couny); - - &init_pool(4); - ($cc)=GR("r0"); - - $rp=&wparam(0); - $ap=&wparam(1); - $count=&wparam(2); - $word=&wparam(3); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - ### - &blt($count,&label("finish")); - - ($a0)=&NR(1); &ld($a0,&QWPw(0,$ap)); - - &set_label("loop"); - - ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap)); - ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap)); - - &muh($a0,$word,($h0)=&NR(1)); &FR($a0); - ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap)); - ### wait 8 - &mul($a0,$word,($l0)=&NR(1)); &FR($a0); - ### wait 8 - &muh($a1,$word,($h1)=&NR(1)); &FR($a1); - &add($l0,$cc,$l0); ### wait 8 - &mul($a1,$word,($l1)=&NR(1)); &FR($a1); - &cmpult($l0,$cc,$cc); ### wait 8 - &muh($a2,$word,($h2)=&NR(1)); &FR($a2); - &add($h0,$cc,$cc); &FR($h0); ### wait 8 - &mul($a2,$word,($l2)=&NR(1)); &FR($a2); - &add($l1,$cc,$l1); ### wait 8 - &st($l0,&QWPw(0,$rp)); &FR($l0); - &cmpult($l1,$cc,$cc); ### wait 8 - &muh($a3,$word,($h3)=&NR(1)); &FR($a3); - &add($h1,$cc,$cc); &FR($h1); - &mul($a3,$word,($l3)=&NR(1)); &FR($a3); - &add($l2,$cc,$l2); - &st($l1,&QWPw(1,$rp)); &FR($l1); - &cmpult($l2,$cc,$cc); - &add($h2,$cc,$cc); &FR($h2); - &sub($count,4,$count); # count-=4 - &st($l2,&QWPw(2,$rp)); &FR($l2); - &add($l3,$cc,$l3); - &cmpult($l3,$cc,$cc); - &add($bp,4*$QWS,$bp); # count+=4 - &add($h3,$cc,$cc); &FR($h3); - &add($ap,4*$QWS,$ap); # count+=4 - &st($l3,&QWPw(3,$rp)); &FR($l3); - &add($rp,4*$QWS,$rp); # count+=4 - ### - &blt($count,&label("finish")); - ($a0)=&NR(1); &ld($a0,&QWPw(0,$ap)); - &br(&label("finish")); -################################################## - -################################################## - # Do the last 0..3 words - - &set_label("last_loop"); - - &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a - ### - ### - ### - &muh($a0,$word,($h0)=&NR(1)); - ### Wait 8 for next mul issue - &mul($a0,$word,($l0)=&NR(1)); &FR($a0) - &add($ap,$QWS,$ap); - ### Loose 12 until result is available - &add($rp,$QWS,$rp); - &sub($count,1,$count); - &add($l0,$cc,$l0); - ### - &st($l0,&QWPw(-1,$rp)); &FR($l0); - &cmpult($l0,$cc,$cc); - &add($h0,$cc,$cc); &FR($h0); - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &set_label("end"); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/mul_add.pl b/src/lib/libcrypto/bn/asm/alpha/mul_add.pl deleted file mode 100644 index 0d6df69bc4..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/mul_add.pl +++ /dev/null @@ -1,123 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_mul_add_words - { - local($name)=@_; - local($cc,$a,$b,$r,$couny); - - &init_pool(4); - ($cc)=GR("r0"); - - $rp=&wparam(0); - $ap=&wparam(1); - $count=&wparam(2); - $word=&wparam(3); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - ### - &blt($count,&label("finish")); - - &ld(($a0)=&NR(1),&QWPw(0,$ap)); - -$a=<<'EOF'; -########################################################## - &set_label("loop"); - - &ld(($r0)=&NR(1),&QWPw(0,$rp)); - &ld(($a1)=&NR(1),&QWPw(1,$ap)); - &muh($a0,$word,($h0)=&NR(1)); - &ld(($r1)=&NR(1),&QWPw(1,$rp)); - &ld(($a2)=&NR(1),&QWPw(2,$ap)); - ### - &mul($a0,$word,($l0)=&NR(1)); &FR($a0); - &ld(($r2)=&NR(1),&QWPw(2,$rp)); - &muh($a1,$word,($h1)=&NR(1)); - &ld(($a3)=&NR(1),&QWPw(3,$ap)); - &mul($a1,$word,($l1)=&NR(1)); &FR($a1); - &ld(($r3)=&NR(1),&QWPw(3,$rp)); - &add($r0,$l0,$r0); - &add($r1,$l1,$r1); - &cmpult($r0,$l0,($t0)=&NR(1)); &FR($l0); - &cmpult($r1,$l1,($t1)=&NR(1)); &FR($l1); - &muh($a2,$word,($h2)=&NR(1)); - &add($r0,$cc,$r0); - &add($h0,$t0,$h0); &FR($t0); - &cmpult($r0,$cc,$cc); - &add($h1,$t1,$h1); &FR($t1); - &add($h0,$cc,$cc); &FR($h0); - &mul($a2,$word,($l2)=&NR(1)); &FR($a2); - &add($r1,$cc,$r1); - &cmpult($r1,$cc,$cc); - &add($r2,$l2,$r2); - &add($h1,$cc,$cc); &FR($h1); - &cmpult($r2,$l2,($t2)=&NR(1)); &FR($l2); - &muh($a3,$word,($h3)=&NR(1)); - &add($r2,$cc,$r2); - &st($r0,&QWPw(0,$rp)); &FR($r0); - &add($h2,$t2,$h2); &FR($t2); - &st($r1,&QWPw(1,$rp)); &FR($r1); - &cmpult($r2,$cc,$cc); - &mul($a3,$word,($l3)=&NR(1)); &FR($a3); - &add($h2,$cc,$cc); &FR($h2); - &st($r2,&QWPw(2,$rp)); &FR($r2); - &sub($count,4,$count); # count-=4 - &add($rp,4*$QWS,$rp); # count+=4 - &add($r3,$l3,$r3); - &add($ap,4*$QWS,$ap); # count+=4 - &cmpult($r3,$l3,($t3)=&NR(1)); &FR($l3); - &add($r3,$cc,$r3); - &add($h3,$t3,$h3); &FR($t3); - &cmpult($r3,$cc,$cc); - &st($r3,&QWPw(-1,$rp)); &FR($r3); - &add($h3,$cc,$cc); &FR($h3); - - ### - &blt($count,&label("finish")); - &ld(($a0)=&NR(1),&QWPw(0,$ap)); - &br(&label("loop")); -EOF -################################################## - # Do the last 0..3 words - - &set_label("last_loop"); - - &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a - &ld(($r0)=&NR(1),&QWPw(0,$rp)); # get b - ### - ### - &muh($a0,$word,($h0)=&NR(1)); &FR($a0); - ### wait 8 - &mul($a0,$word,($l0)=&NR(1)); &FR($a0); - &add($rp,$QWS,$rp); - &add($ap,$QWS,$ap); - &sub($count,1,$count); - ### wait 3 until l0 is available - &add($r0,$l0,$r0); - ### - &cmpult($r0,$l0,($t0)=&NR(1)); &FR($l0); - &add($r0,$cc,$r0); - &add($h0,$t0,$h0); &FR($t0); - &cmpult($r0,$cc,$cc); - &add($h0,$cc,$cc); &FR($h0); - - &st($r0,&QWPw(-1,$rp)); &FR($r0); - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &set_label("end"); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/mul_c4.pl b/src/lib/libcrypto/bn/asm/alpha/mul_c4.pl deleted file mode 100644 index 9cc876ded4..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/mul_c4.pl +++ /dev/null @@ -1,215 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -# upto - -sub mul_add_c - { - local($a,$b,$c0,$c1,$c2)=@_; - local($l1,$h1,$t1,$t2); - - &mul($a,$b,($l1)=&NR(1)); - &muh($a,$b,($h1)=&NR(1)); - &add($c0,$l1,$c0); - &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1); - &add($t1,$h1,$h1); &FR($t1); - &add($c1,$h1,$c1); - &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1); - &add($c2,$t2,$c2); &FR($t2); - } - -sub bn_mul_comba4 - { - local($name)=@_; - local(@a,@b,$r,$c0,$c1,$c2); - - $cnt=1; - &init_pool(3); - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - - &function_begin($name,""); - - &comment(""); - - &ld(($a[0])=&NR(1),&QWPw(0,$ap)); - &ld(($b[0])=&NR(1),&QWPw(0,$bp)); - &ld(($a[1])=&NR(1),&QWPw(1,$ap)); - &ld(($b[1])=&NR(1),&QWPw(1,$bp)); - &mul($a[0],$b[0],($r00)=&NR(1)); - &ld(($a[2])=&NR(1),&QWPw(2,$ap)); - &ld(($b[2])=&NR(1),&QWPw(2,$bp)); - &muh($a[0],$b[0],($r01)=&NR(1)); - &FR($ap); &ld(($a[3])=&NR(1),&QWPw(3,$ap)); - &FR($bp); &ld(($b[3])=&NR(1),&QWPw(3,$bp)); - &mul($a[0],$b[1],($r02)=&NR(1)); - - ($R,$H1,$H2)=&NR(3); - - &st($r00,&QWPw(0,$rp)); &FR($r00); - - &mov("zero",$R); - &mul($a[1],$b[0],($r03)=&NR(1)); - - &mov("zero",$H1); - &mov("zero",$H0); - &add($R,$r01,$R); - &muh($a[0],$b[1],($r04)=&NR(1)); - &cmpult($R,$r01,($t01)=&NR(1)); &FR($r01); - &add($R,$r02,$R); - &add($H1,$t01,$H1) &FR($t01); - &muh($a[1],$b[0],($r05)=&NR(1)); - &cmpult($R,$r02,($t02)=&NR(1)); &FR($r02); - &add($R,$r03,$R); - &add($H2,$t02,$H2) &FR($t02); - &mul($a[0],$b[2],($r06)=&NR(1)); - &cmpult($R,$r03,($t03)=&NR(1)); &FR($r03); - &add($H1,$t03,$H1) &FR($t03); - &st($R,&QWPw(1,$rp)); - &add($H1,$H2,$R); - - &mov("zero",$H1); - &add($R,$r04,$R); - &mov("zero",$H2); - &mul($a[1],$b[1],($r07)=&NR(1)); - &cmpult($R,$r04,($t04)=&NR(1)); &FR($r04); - &add($R,$r05,$R); - &add($H1,$t04,$H1) &FR($t04); - &mul($a[2],$b[0],($r08)=&NR(1)); - &cmpult($R,$r05,($t05)=&NR(1)); &FR($r05); - &add($R,$r01,$R); - &add($H2,$t05,$H2) &FR($t05); - &muh($a[0],$b[2],($r09)=&NR(1)); - &cmpult($R,$r06,($t06)=&NR(1)); &FR($r06); - &add($R,$r07,$R); - &add($H1,$t06,$H1) &FR($t06); - &muh($a[1],$b[1],($r10)=&NR(1)); - &cmpult($R,$r07,($t07)=&NR(1)); &FR($r07); - &add($R,$r08,$R); - &add($H2,$t07,$H2) &FR($t07); - &muh($a[2],$b[0],($r11)=&NR(1)); - &cmpult($R,$r08,($t08)=&NR(1)); &FR($r08); - &add($H1,$t08,$H1) &FR($t08); - &st($R,&QWPw(2,$rp)); - &add($H1,$H2,$R); - - &mov("zero",$H1); - &add($R,$r09,$R); - &mov("zero",$H2); - &mul($a[0],$b[3],($r12)=&NR(1)); - &cmpult($R,$r09,($t09)=&NR(1)); &FR($r09); - &add($R,$r10,$R); - &add($H1,$t09,$H1) &FR($t09); - &mul($a[1],$b[2],($r13)=&NR(1)); - &cmpult($R,$r10,($t10)=&NR(1)); &FR($r10); - &add($R,$r11,$R); - &add($H1,$t10,$H1) &FR($t10); - &mul($a[2],$b[1],($r14)=&NR(1)); - &cmpult($R,$r11,($t11)=&NR(1)); &FR($r11); - &add($R,$r12,$R); - &add($H1,$t11,$H1) &FR($t11); - &mul($a[3],$b[0],($r15)=&NR(1)); - &cmpult($R,$r12,($t12)=&NR(1)); &FR($r12); - &add($R,$r13,$R); - &add($H1,$t12,$H1) &FR($t12); - &muh($a[0],$b[3],($r16)=&NR(1)); - &cmpult($R,$r13,($t13)=&NR(1)); &FR($r13); - &add($R,$r14,$R); - &add($H1,$t13,$H1) &FR($t13); - &muh($a[1],$b[2],($r17)=&NR(1)); - &cmpult($R,$r14,($t14)=&NR(1)); &FR($r14); - &add($R,$r15,$R); - &add($H1,$t14,$H1) &FR($t14); - &muh($a[2],$b[1],($r18)=&NR(1)); - &cmpult($R,$r15,($t15)=&NR(1)); &FR($r15); - &add($H1,$t15,$H1) &FR($t15); - &st($R,&QWPw(3,$rp)); - &add($H1,$H2,$R); - - &mov("zero",$H1); - &add($R,$r16,$R); - &mov("zero",$H2); - &muh($a[3],$b[0],($r19)=&NR(1)); - &cmpult($R,$r16,($t16)=&NR(1)); &FR($r16); - &add($R,$r17,$R); - &add($H1,$t16,$H1) &FR($t16); - &mul($a[1],$b[3],($r20)=&NR(1)); - &cmpult($R,$r17,($t17)=&NR(1)); &FR($r17); - &add($R,$r18,$R); - &add($H1,$t17,$H1) &FR($t17); - &mul($a[2],$b[2],($r21)=&NR(1)); - &cmpult($R,$r18,($t18)=&NR(1)); &FR($r18); - &add($R,$r19,$R); - &add($H1,$t18,$H1) &FR($t18); - &mul($a[3],$b[1],($r22)=&NR(1)); - &cmpult($R,$r19,($t19)=&NR(1)); &FR($r19); - &add($R,$r20,$R); - &add($H1,$t19,$H1) &FR($t19); - &muh($a[1],$b[3],($r23)=&NR(1)); - &cmpult($R,$r20,($t20)=&NR(1)); &FR($r20); - &add($R,$r21,$R); - &add($H1,$t20,$H1) &FR($t20); - &muh($a[2],$b[2],($r24)=&NR(1)); - &cmpult($R,$r21,($t21)=&NR(1)); &FR($r21); - &add($R,$r22,$R); - &add($H1,$t21,$H1) &FR($t21); - &muh($a[3],$b[1],($r25)=&NR(1)); - &cmpult($R,$r22,($t22)=&NR(1)); &FR($r22); - &add($H1,$t22,$H1) &FR($t22); - &st($R,&QWPw(4,$rp)); - &add($H1,$H2,$R); - - &mov("zero",$H1); - &add($R,$r23,$R); - &mov("zero",$H2); - &mul($a[2],$b[3],($r26)=&NR(1)); - &cmpult($R,$r23,($t23)=&NR(1)); &FR($r23); - &add($R,$r24,$R); - &add($H1,$t23,$H1) &FR($t23); - &mul($a[3],$b[2],($r27)=&NR(1)); - &cmpult($R,$r24,($t24)=&NR(1)); &FR($r24); - &add($R,$r25,$R); - &add($H1,$t24,$H1) &FR($t24); - &muh($a[2],$b[3],($r28)=&NR(1)); - &cmpult($R,$r25,($t25)=&NR(1)); &FR($r25); - &add($R,$r26,$R); - &add($H1,$t25,$H1) &FR($t25); - &muh($a[3],$b[2],($r29)=&NR(1)); - &cmpult($R,$r26,($t26)=&NR(1)); &FR($r26); - &add($R,$r27,$R); - &add($H1,$t26,$H1) &FR($t26); - &mul($a[3],$b[3],($r30)=&NR(1)); - &cmpult($R,$r27,($t27)=&NR(1)); &FR($r27); - &add($H1,$t27,$H1) &FR($t27); - &st($R,&QWPw(5,$rp)); - &add($H1,$H2,$R); - - &mov("zero",$H1); - &add($R,$r28,$R); - &mov("zero",$H2); - &muh($a[3],$b[3],($r31)=&NR(1)); - &cmpult($R,$r28,($t28)=&NR(1)); &FR($r28); - &add($R,$r29,$R); - &add($H1,$t28,$H1) &FR($t28); - ############ - &cmpult($R,$r29,($t29)=&NR(1)); &FR($r29); - &add($R,$r30,$R); - &add($H1,$t29,$H1) &FR($t29); - ############ - &cmpult($R,$r30,($t30)=&NR(1)); &FR($r30); - &add($H1,$t30,$H1) &FR($t30); - &st($R,&QWPw(6,$rp)); - &add($H1,$H2,$R); - - &add($R,$r31,$R); &FR($r31); - &st($R,&QWPw(7,$rp)); - - &FR($R,$H1,$H2); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/mul_c4.works.pl b/src/lib/libcrypto/bn/asm/alpha/mul_c4.works.pl deleted file mode 100644 index 79d86dd25c..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/mul_c4.works.pl +++ /dev/null @@ -1,98 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub mul_add_c - { - local($a,$b,$c0,$c1,$c2)=@_; - local($l1,$h1,$t1,$t2); - -print STDERR "count=$cnt\n"; $cnt++; - &mul($a,$b,($l1)=&NR(1)); - &muh($a,$b,($h1)=&NR(1)); - &add($c0,$l1,$c0); - &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1); - &add($t1,$h1,$h1); &FR($t1); - &add($c1,$h1,$c1); - &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1); - &add($c2,$t2,$c2); &FR($t2); - } - -sub bn_mul_comba4 - { - local($name)=@_; - local(@a,@b,$r,$c0,$c1,$c2); - - $cnt=1; - &init_pool(3); - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - - &function_begin($name,""); - - &comment(""); - - &ld(($a[0])=&NR(1),&QWPw(0,$ap)); - &ld(($b[0])=&NR(1),&QWPw(0,$bp)); - &ld(($a[1])=&NR(1),&QWPw(1,$ap)); - &ld(($b[1])=&NR(1),&QWPw(1,$bp)); - &ld(($a[2])=&NR(1),&QWPw(2,$ap)); - &ld(($b[2])=&NR(1),&QWPw(2,$bp)); - &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap); - &ld(($b[3])=&NR(1),&QWPw(3,$bp)); &FR($bp); - - ($c0,$c1,$c2)=&NR(3); - &mov("zero",$c2); - &mul($a[0],$b[0],$c0); - &muh($a[0],$b[0],$c1); - &st($c0,&QWPw(0,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[1],$c0,$c1,$c2); - &mul_add_c($a[1],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(1,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[1],$b[1],$c0,$c1,$c2); - &mul_add_c($a[0],$b[2],$c0,$c1,$c2); - &mul_add_c($a[2],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(2,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[3],$c0,$c1,$c2); &FR($a[0]); - &mul_add_c($a[1],$b[2],$c0,$c1,$c2); - &mul_add_c($a[2],$b[1],$c0,$c1,$c2); - &mul_add_c($a[3],$b[0],$c0,$c1,$c2); &FR($b[0]); - &st($c0,&QWPw(3,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[1],$b[3],$c0,$c1,$c2); &FR($a[1]); - &mul_add_c($a[2],$b[2],$c0,$c1,$c2); - &mul_add_c($a[3],$b[1],$c0,$c1,$c2); &FR($b[1]); - &st($c0,&QWPw(4,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[2],$b[3],$c0,$c1,$c2); &FR($a[2]); - &mul_add_c($a[3],$b[2],$c0,$c1,$c2); &FR($b[2]); - &st($c0,&QWPw(5,$rp)); &FR($c0); ($c0)=&NR($c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[3],$b[3],$c0,$c1,$c2); &FR($a[3],$b[3]); - &st($c0,&QWPw(6,$rp)); - &st($c1,&QWPw(7,$rp)); - - &FR($c0,$c1,$c2); - - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/mul_c8.pl b/src/lib/libcrypto/bn/asm/alpha/mul_c8.pl deleted file mode 100644 index 525ca7494b..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/mul_c8.pl +++ /dev/null @@ -1,177 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_mul_comba8 - { - local($name)=@_; - local(@a,@b,$r,$c0,$c1,$c2); - - $cnt=1; - &init_pool(3); - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - - &function_begin($name,""); - - &comment(""); - - &stack_push(2); - &ld(($a[0])=&NR(1),&QWPw(0,$ap)); - &ld(($b[0])=&NR(1),&QWPw(0,$bp)); - &st($reg_s0,&swtmp(0)); &FR($reg_s0); - &st($reg_s1,&swtmp(1)); &FR($reg_s1); - &ld(($a[1])=&NR(1),&QWPw(1,$ap)); - &ld(($b[1])=&NR(1),&QWPw(1,$bp)); - &ld(($a[2])=&NR(1),&QWPw(2,$ap)); - &ld(($b[2])=&NR(1),&QWPw(2,$bp)); - &ld(($a[3])=&NR(1),&QWPw(3,$ap)); - &ld(($b[3])=&NR(1),&QWPw(3,$bp)); - &ld(($a[4])=&NR(1),&QWPw(1,$ap)); - &ld(($b[4])=&NR(1),&QWPw(1,$bp)); - &ld(($a[5])=&NR(1),&QWPw(1,$ap)); - &ld(($b[5])=&NR(1),&QWPw(1,$bp)); - &ld(($a[6])=&NR(1),&QWPw(1,$ap)); - &ld(($b[6])=&NR(1),&QWPw(1,$bp)); - &ld(($a[7])=&NR(1),&QWPw(1,$ap)); &FR($ap); - &ld(($b[7])=&NR(1),&QWPw(1,$bp)); &FR($bp); - - ($c0,$c1,$c2)=&NR(3); - &mov("zero",$c2); - &mul($a[0],$b[0],$c0); - &muh($a[0],$b[0],$c1); - &st($c0,&QWPw(0,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[1],$c0,$c1,$c2); - &mul_add_c($a[1],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(1,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[2],$c0,$c1,$c2); - &mul_add_c($a[1],$b[1],$c0,$c1,$c2); - &mul_add_c($a[2],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(2,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[3],$c0,$c1,$c2); - &mul_add_c($a[1],$b[2],$c0,$c1,$c2); - &mul_add_c($a[2],$b[1],$c0,$c1,$c2); - &mul_add_c($a[3],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(3,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[4],$c0,$c1,$c2); - &mul_add_c($a[1],$b[3],$c0,$c1,$c2); - &mul_add_c($a[2],$b[2],$c0,$c1,$c2); - &mul_add_c($a[3],$b[1],$c0,$c1,$c2); - &mul_add_c($a[4],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(4,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[5],$c0,$c1,$c2); - &mul_add_c($a[1],$b[4],$c0,$c1,$c2); - &mul_add_c($a[2],$b[3],$c0,$c1,$c2); - &mul_add_c($a[3],$b[2],$c0,$c1,$c2); - &mul_add_c($a[4],$b[1],$c0,$c1,$c2); - &mul_add_c($a[5],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(5,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[6],$c0,$c1,$c2); - &mul_add_c($a[1],$b[5],$c0,$c1,$c2); - &mul_add_c($a[2],$b[4],$c0,$c1,$c2); - &mul_add_c($a[3],$b[3],$c0,$c1,$c2); - &mul_add_c($a[4],$b[2],$c0,$c1,$c2); - &mul_add_c($a[5],$b[1],$c0,$c1,$c2); - &mul_add_c($a[6],$b[0],$c0,$c1,$c2); - &st($c0,&QWPw(6,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[0],$b[7],$c0,$c1,$c2); &FR($a[0]); - &mul_add_c($a[1],$b[6],$c0,$c1,$c2); - &mul_add_c($a[2],$b[5],$c0,$c1,$c2); - &mul_add_c($a[3],$b[4],$c0,$c1,$c2); - &mul_add_c($a[4],$b[3],$c0,$c1,$c2); - &mul_add_c($a[5],$b[2],$c0,$c1,$c2); - &mul_add_c($a[6],$b[1],$c0,$c1,$c2); - &mul_add_c($a[7],$b[0],$c0,$c1,$c2); &FR($b[0]); - &st($c0,&QWPw(7,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[1],$b[7],$c0,$c1,$c2); &FR($a[1]); - &mul_add_c($a[2],$b[6],$c0,$c1,$c2); - &mul_add_c($a[3],$b[5],$c0,$c1,$c2); - &mul_add_c($a[4],$b[4],$c0,$c1,$c2); - &mul_add_c($a[5],$b[3],$c0,$c1,$c2); - &mul_add_c($a[6],$b[2],$c0,$c1,$c2); - &mul_add_c($a[7],$b[1],$c0,$c1,$c2); &FR($b[1]); - &st($c0,&QWPw(8,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[2],$b[7],$c0,$c1,$c2); &FR($a[2]); - &mul_add_c($a[3],$b[6],$c0,$c1,$c2); - &mul_add_c($a[4],$b[5],$c0,$c1,$c2); - &mul_add_c($a[5],$b[4],$c0,$c1,$c2); - &mul_add_c($a[6],$b[3],$c0,$c1,$c2); - &mul_add_c($a[7],$b[2],$c0,$c1,$c2); &FR($b[2]); - &st($c0,&QWPw(9,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[3],$b[7],$c0,$c1,$c2); &FR($a[3]); - &mul_add_c($a[4],$b[6],$c0,$c1,$c2); - &mul_add_c($a[5],$b[5],$c0,$c1,$c2); - &mul_add_c($a[6],$b[4],$c0,$c1,$c2); - &mul_add_c($a[7],$b[3],$c0,$c1,$c2); &FR($b[3]); - &st($c0,&QWPw(10,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[4],$b[7],$c0,$c1,$c2); &FR($a[4]); - &mul_add_c($a[5],$b[6],$c0,$c1,$c2); - &mul_add_c($a[6],$b[5],$c0,$c1,$c2); - &mul_add_c($a[7],$b[4],$c0,$c1,$c2); &FR($b[4]); - &st($c0,&QWPw(11,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[5],$b[7],$c0,$c1,$c2); &FR($a[5]); - &mul_add_c($a[6],$b[6],$c0,$c1,$c2); - &mul_add_c($a[7],$b[5],$c0,$c1,$c2); &FR($b[5]); - &st($c0,&QWPw(12,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[6],$b[7],$c0,$c1,$c2); &FR($a[6]); - &mul_add_c($a[7],$b[6],$c0,$c1,$c2); &FR($b[6]); - &st($c0,&QWPw(13,$rp)); &FR($c0); ($c0)=&NR(1); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &mul_add_c($a[7],$b[7],$c0,$c1,$c2); &FR($a[7],$b[7]); - &st($c0,&QWPw(14,$rp)); - &st($c1,&QWPw(15,$rp)); - - &FR($c0,$c1,$c2); - - &ld($reg_s0,&swtmp(0)); - &ld($reg_s1,&swtmp(1)); - &stack_pop(2); - - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/sqr.pl b/src/lib/libcrypto/bn/asm/alpha/sqr.pl deleted file mode 100644 index a55b696906..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/sqr.pl +++ /dev/null @@ -1,113 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_sqr_words - { - local($name)=@_; - local($cc,$a,$b,$r,$couny); - - &init_pool(3); - ($cc)=GR("r0"); - - $rp=&wparam(0); - $ap=&wparam(1); - $count=&wparam(2); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - &br(&label("finish")); - &blt($count,&label("finish")); - - ($a0,$r0)=&NR(2); - &ld($a0,&QWPw(0,$ap)); - &ld($r0,&QWPw(0,$rp)); - -$a=<<'EOF'; -########################################################## - &set_label("loop"); - - ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap)); - ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp)); - ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap)); - ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp)); - ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap)); - ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp)); - - ($o0,$t0)=&NR(2); - &add($a0,$b0,$o0); - &cmpult($o0,$b0,$t0); - &add($o0,$cc,$o0); - &cmpult($o0,$cc,$cc); - &add($cc,$t0,$cc); &FR($t0); - - ($t1,$o1)=&NR(2); - - &add($a1,$b1,$o1); &FR($a1); - &cmpult($o1,$b1,$t1); &FR($b1); - &add($o1,$cc,$o1); - &cmpult($o1,$cc,$cc); - &add($cc,$t1,$cc); &FR($t1); - - ($t2,$o2)=&NR(2); - - &add($a2,$b2,$o2); &FR($a2); - &cmpult($o2,$b2,$t2); &FR($b2); - &add($o2,$cc,$o2); - &cmpult($o2,$cc,$cc); - &add($cc,$t2,$cc); &FR($t2); - - ($t3,$o3)=&NR(2); - - &add($a3,$b3,$o3); &FR($a3); - &cmpult($o3,$b3,$t3); &FR($b3); - &add($o3,$cc,$o3); - &cmpult($o3,$cc,$cc); - &add($cc,$t3,$cc); &FR($t3); - - &st($o0,&QWPw(0,$rp)); &FR($o0); - &st($o1,&QWPw(0,$rp)); &FR($o1); - &st($o2,&QWPw(0,$rp)); &FR($o2); - &st($o3,&QWPw(0,$rp)); &FR($o3); - - &sub($count,4,$count); # count-=4 - &add($ap,4*$QWS,$ap); # count+=4 - &add($bp,4*$QWS,$bp); # count+=4 - &add($rp,4*$QWS,$rp); # count+=4 - - &blt($count,&label("finish")); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - &br(&label("loop")); -EOF -################################################## - # Do the last 0..3 words - - &set_label("last_loop"); - - &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a - &mul($a0,$a0,($l0)=&NR(1)); - &add($ap,$QWS,$ap); - &add($rp,2*$QWS,$rp); - &sub($count,1,$count); - &muh($a0,$a0,($h0)=&NR(1)); &FR($a0); - &st($l0,&QWPw(-2,$rp)); &FR($l0); - &st($h0,&QWPw(-1,$rp)); &FR($h0); - - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &set_label("end"); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/sqr_c4.pl b/src/lib/libcrypto/bn/asm/alpha/sqr_c4.pl deleted file mode 100644 index bf33f5b503..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/sqr_c4.pl +++ /dev/null @@ -1,109 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub sqr_add_c - { - local($a,$c0,$c1,$c2)=@_; - local($l1,$h1,$t1,$t2); - - &mul($a,$a,($l1)=&NR(1)); - &muh($a,$a,($h1)=&NR(1)); - &add($c0,$l1,$c0); - &add($c1,$h1,$c1); - &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1); - &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1); - &add($c1,$t1,$c1); &FR($t1); - &add($c2,$t2,$c2); &FR($t2); - } - -sub sqr_add_c2 - { - local($a,$b,$c0,$c1,$c2)=@_; - local($l1,$h1,$t1,$t2); - - &mul($a,$b,($l1)=&NR(1)); - &muh($a,$b,($h1)=&NR(1)); - &cmplt($l1,"zero",($lc1)=&NR(1)); - &cmplt($h1,"zero",($hc1)=&NR(1)); - &add($l1,$l1,$l1); - &add($h1,$h1,$h1); - &add($h1,$lc1,$h1); &FR($lc1); - &add($c2,$hc1,$c2); &FR($hc1); - - &add($c0,$l1,$c0); - &add($c1,$h1,$c1); - &cmpult($c0,$l1,($lc1)=&NR(1)); &FR($l1); - &cmpult($c1,$h1,($hc1)=&NR(1)); &FR($h1); - - &add($c1,$lc1,$c1); &FR($lc1); - &add($c2,$hc1,$c2); &FR($hc1); - } - - -sub bn_sqr_comba4 - { - local($name)=@_; - local(@a,@b,$r,$c0,$c1,$c2); - - $cnt=1; - &init_pool(2); - - $rp=&wparam(0); - $ap=&wparam(1); - - &function_begin($name,""); - - &comment(""); - - &ld(($a[0])=&NR(1),&QWPw(0,$ap)); - &ld(($a[1])=&NR(1),&QWPw(1,$ap)); - &ld(($a[2])=&NR(1),&QWPw(2,$ap)); - &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap); - - ($c0,$c1,$c2)=&NR(3); - - &mov("zero",$c2); - &mul($a[0],$a[0],$c0); - &muh($a[0],$a[0],$c1); - &st($c0,&QWPw(0,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[0],$a[1],$c0,$c1,$c2); - &st($c0,&QWPw(1,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[1],$c0,$c1,$c2); - &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(2,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2); - &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2); - &st($c0,&QWPw(3,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[2],$c0,$c1,$c2); - &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2); - &st($c0,&QWPw(4,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2); - &st($c0,&QWPw(5,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[3],$c0,$c1,$c2); - &st($c0,&QWPw(6,$rp)); - &st($c1,&QWPw(7,$rp)); - - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/sqr_c8.pl b/src/lib/libcrypto/bn/asm/alpha/sqr_c8.pl deleted file mode 100644 index b4afe085f1..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/sqr_c8.pl +++ /dev/null @@ -1,132 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_sqr_comba8 - { - local($name)=@_; - local(@a,@b,$r,$c0,$c1,$c2); - - $cnt=1; - &init_pool(2); - - $rp=&wparam(0); - $ap=&wparam(1); - - &function_begin($name,""); - - &comment(""); - - &ld(($a[0])=&NR(1),&QWPw(0,$ap)); - &ld(($a[1])=&NR(1),&QWPw(1,$ap)); - &ld(($a[2])=&NR(1),&QWPw(2,$ap)); - &ld(($a[3])=&NR(1),&QWPw(3,$ap)); - &ld(($a[4])=&NR(1),&QWPw(4,$ap)); - &ld(($a[5])=&NR(1),&QWPw(5,$ap)); - &ld(($a[6])=&NR(1),&QWPw(6,$ap)); - &ld(($a[7])=&NR(1),&QWPw(7,$ap)); &FR($ap); - - ($c0,$c1,$c2)=&NR(3); - - &mov("zero",$c2); - &mul($a[0],$a[0],$c0); - &muh($a[0],$a[0],$c1); - &st($c0,&QWPw(0,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[1],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(1,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[1],$c0,$c1,$c2); - &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(2,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2); - &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(3,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[2],$c0,$c1,$c2); - &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2); - &sqr_add_c2($a[4],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(4,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2); - &sqr_add_c2($a[4],$a[1],$c0,$c1,$c2); - &sqr_add_c2($a[5],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(5,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[3],$c0,$c1,$c2); - &sqr_add_c2($a[4],$a[2],$c0,$c1,$c2); - &sqr_add_c2($a[5],$a[1],$c0,$c1,$c2); - &sqr_add_c2($a[6],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(6,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[4],$a[3],$c0,$c1,$c2); - &sqr_add_c2($a[5],$a[2],$c0,$c1,$c2); - &sqr_add_c2($a[6],$a[1],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[0],$c0,$c1,$c2); - &st($c0,&QWPw(7,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[4],$c0,$c1,$c2); - &sqr_add_c2($a[5],$a[3],$c0,$c1,$c2); - &sqr_add_c2($a[6],$a[2],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[1],$c0,$c1,$c2); - &st($c0,&QWPw(8,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[5],$a[4],$c0,$c1,$c2); - &sqr_add_c2($a[6],$a[3],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[2],$c0,$c1,$c2); - &st($c0,&QWPw(9,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[5],$c0,$c1,$c2); - &sqr_add_c2($a[6],$a[4],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[3],$c0,$c1,$c2); - &st($c0,&QWPw(10,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[6],$a[5],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[4],$c0,$c1,$c2); - &st($c0,&QWPw(11,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[6],$c0,$c1,$c2); - &sqr_add_c2($a[7],$a[5],$c0,$c1,$c2); - &st($c0,&QWPw(12,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c2($a[7],$a[6],$c0,$c1,$c2); - &st($c0,&QWPw(13,$rp)); - ($c0,$c1,$c2)=($c1,$c2,$c0); - &mov("zero",$c2); - - &sqr_add_c($a[7],$c0,$c1,$c2); - &st($c0,&QWPw(14,$rp)); - &st($c1,&QWPw(15,$rp)); - - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/alpha/sub.pl b/src/lib/libcrypto/bn/asm/alpha/sub.pl deleted file mode 100644 index d998da5c21..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha/sub.pl +++ /dev/null @@ -1,108 +0,0 @@ -#!/usr/local/bin/perl -# alpha assember - -sub bn_sub_words - { - local($name)=@_; - local($cc,$a,$b,$r); - - &init_pool(4); - ($cc)=GR("r0"); - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - $count=&wparam(3); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - &blt($count,&label("finish")); - - ($a0,$b0)=&NR(2); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - -########################################################## - &set_label("loop"); - - ($a1,$tmp,$b1,$a2,$b2,$a3,$b3,$o0)=&NR(8); - &ld($a1,&QWPw(1,$ap)); - &cmpult($a0,$b0,$tmp); # will we borrow? - &ld($b1,&QWPw(1,$bp)); - &sub($a0,$b0,$a0); # do the subtract - &ld($a2,&QWPw(2,$ap)); - &cmpult($a0,$cc,$b0); # will we borrow? - &ld($b2,&QWPw(2,$bp)); - &sub($a0,$cc,$o0); # will we borrow? - &ld($a3,&QWPw(3,$ap)); - &add($b0,$tmp,$cc); ($t1,$o1)=&NR(2); &FR($tmp); - - &cmpult($a1,$b1,$t1); # will we borrow? - &sub($a1,$b1,$a1); # do the subtract - &ld($b3,&QWPw(3,$bp)); - &cmpult($a1,$cc,$b1); # will we borrow? - &sub($a1,$cc,$o1); # will we borrow? - &add($b1,$t1,$cc); ($tmp,$o2)=&NR(2); &FR($t1,$a1,$b1); - - &cmpult($a2,$b2,$tmp); # will we borrow? - &sub($a2,$b2,$a2); # do the subtract - &st($o0,&QWPw(0,$rp)); &FR($o0); # save - &cmpult($a2,$cc,$b2); # will we borrow? - &sub($a2,$cc,$o2); # will we borrow? - &add($b2,$tmp,$cc); ($t3,$o3)=&NR(2); &FR($tmp,$a2,$b2); - - &cmpult($a3,$b3,$t3); # will we borrow? - &sub($a3,$b3,$a3); # do the subtract - &st($o1,&QWPw(1,$rp)); &FR($o1); - &cmpult($a3,$cc,$b3); # will we borrow? - &sub($a3,$cc,$o3); # will we borrow? - &add($b3,$t3,$cc); &FR($t3,$a3,$b3); - - &st($o2,&QWPw(2,$rp)); &FR($o2); - &sub($count,4,$count); # count-=4 - &st($o3,&QWPw(3,$rp)); &FR($o3); - &add($ap,4*$QWS,$ap); # count+=4 - &add($bp,4*$QWS,$bp); # count+=4 - &add($rp,4*$QWS,$rp); # count+=4 - - &blt($count,&label("finish")); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - &br(&label("loop")); -################################################## - # Do the last 0..3 words - - &set_label("last_loop"); - - &ld($a0,&QWPw(0,$ap)); # get a - &ld($b0,&QWPw(0,$bp)); # get b - &cmpult($a0,$b0,$tmp); # will we borrow? - &sub($a0,$b0,$a0); # do the subtract - &cmpult($a0,$cc,$b0); # will we borrow? - &sub($a0,$cc,$a0); # will we borrow? - &st($a0,&QWPw(0,$rp)); # save - &add($b0,$tmp,$cc); # add the borrows - - &add($ap,$QWS,$ap); - &add($bp,$QWS,$bp); - &add($rp,$QWS,$rp); - &sub($count,1,$count); - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &FR($a0,$b0); - &set_label("end"); - &function_end($name); - - &fin_pool; - } - -1; diff --git a/src/lib/libcrypto/bn/asm/bn-586.pl b/src/lib/libcrypto/bn/asm/bn-586.pl index 26c2685a72..332ef3e91d 100644 --- a/src/lib/libcrypto/bn/asm/bn-586.pl +++ b/src/lib/libcrypto/bn/asm/bn-586.pl @@ -1,6 +1,7 @@ #!/usr/local/bin/perl -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; &asm_init($ARGV[0],$0); @@ -24,38 +25,25 @@ sub bn_mul_add_words { local($name)=@_; - &function_begin($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":""); + &function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":""); - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ebp"; - $r="edi"; - $c="esi"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - - &mov("ecx",&wparam(2)); # - &mov($a,&wparam(1)); # - - &and("ecx",0xfffffff8); # num / 8 - &mov($w,&wparam(3)); # - - &push("ecx"); # Up the stack for a tmp variable - - &jz(&label("maw_finish")); + $r="eax"; + $a="edx"; + $c="ecx"; if ($sse2) { &picmeup("eax","OPENSSL_ia32cap_P"); &bt(&DWP(0,"eax"),26); - &jnc(&label("maw_loop")); + &jnc(&label("maw_non_sse2")); - &movd("mm0",$w); # mm0 = w + &mov($r,&wparam(0)); + &mov($a,&wparam(1)); + &mov($c,&wparam(2)); + &movd("mm0",&wparam(3)); # mm0 = w &pxor("mm1","mm1"); # mm1 = carry_in - - &set_label("maw_sse2_loop",0); + &jmp(&label("maw_sse2_entry")); + + &set_label("maw_sse2_unrolled",16); &movd("mm3",&DWP(0,$r,"",0)); # mm3 = r[0] &paddq("mm1","mm3"); # mm1 = carry_in + r[0] &movd("mm2",&DWP(0,$a,"",0)); # mm2 = a[0] @@ -112,42 +100,82 @@ sub bn_mul_add_words &psrlq("mm1",32); # mm1 = carry6 &paddq("mm1","mm3"); # mm1 = carry6 + r[7] + w*a[7] &movd(&DWP(28,$r,"",0),"mm1"); - &add($r,32); + &lea($r,&DWP(32,$r)); &psrlq("mm1",32); # mm1 = carry_out - &sub("ecx",8); + &sub($c,8); + &jz(&label("maw_sse2_exit")); + &set_label("maw_sse2_entry"); + &test($c,0xfffffff8); + &jnz(&label("maw_sse2_unrolled")); + + &set_label("maw_sse2_loop",4); + &movd("mm2",&DWP(0,$a)); # mm2 = a[i] + &movd("mm3",&DWP(0,$r)); # mm3 = r[i] + &pmuludq("mm2","mm0"); # a[i] *= w + &lea($a,&DWP(4,$a)); + &paddq("mm1","mm3"); # carry += r[i] + &paddq("mm1","mm2"); # carry += a[i]*w + &movd(&DWP(0,$r),"mm1"); # r[i] = carry_low + &sub($c,1); + &psrlq("mm1",32); # carry = carry_high + &lea($r,&DWP(4,$r)); &jnz(&label("maw_sse2_loop")); - - &movd($c,"mm1"); # c = carry_out + &set_label("maw_sse2_exit"); + &movd("eax","mm1"); # c = carry_out &emms(); + &ret(); - &jmp(&label("maw_finish")); + &set_label("maw_non_sse2",16); } - &set_label("maw_loop",0); + # function_begin prologue + &push("ebp"); + &push("ebx"); + &push("esi"); + &push("edi"); + + &comment(""); + $Low="eax"; + $High="edx"; + $a="ebx"; + $w="ebp"; + $r="edi"; + $c="esi"; + + &xor($c,$c); # clear carry + &mov($r,&wparam(0)); # + + &mov("ecx",&wparam(2)); # + &mov($a,&wparam(1)); # + + &and("ecx",0xfffffff8); # num / 8 + &mov($w,&wparam(3)); # - &mov(&swtmp(0),"ecx"); # + &push("ecx"); # Up the stack for a tmp variable + + &jz(&label("maw_finish")); + + &set_label("maw_loop",16); for ($i=0; $i<32; $i+=4) { &comment("Round $i"); - &mov("eax",&DWP($i,$a,"",0)); # *a + &mov("eax",&DWP($i,$a)); # *a &mul($w); # *a * w - &add("eax",$c); # L(t)+= *r - &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r + &add("eax",$c); # L(t)+= c &adc("edx",0); # H(t)+=carry - &add("eax",$c); # L(t)+=c + &add("eax",&DWP($i,$r)); # L(t)+= *r &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); + &mov(&DWP($i,$r),"eax"); # *r= L(t); &mov($c,"edx"); # c= H(t); } &comment(""); - &mov("ecx",&swtmp(0)); # - &add($a,32); - &add($r,32); &sub("ecx",8); + &lea($a,&DWP(32,$a)); + &lea($r,&DWP(32,$r)); &jnz(&label("maw_loop")); &set_label("maw_finish",0); @@ -160,16 +188,15 @@ sub bn_mul_add_words for ($i=0; $i<7; $i++) { &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0));# *a + &mov("eax",&DWP($i*4,$a)); # *a &mul($w); # *a * w &add("eax",$c); # L(t)+=c - &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r &adc("edx",0); # H(t)+=carry - &add("eax",$c); + &add("eax",&DWP($i*4,$r)); # L(t)+= *r &adc("edx",0); # H(t)+=carry &dec("ecx") if ($i != 7-1); - &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); + &mov(&DWP($i*4,$r),"eax"); # *r= L(t); + &mov($c,"edx"); # c= H(t); &jz(&label("maw_end")) if ($i != 7-1); } &set_label("maw_end",0); @@ -184,7 +211,45 @@ sub bn_mul_words { local($name)=@_; - &function_begin($name,""); + &function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":""); + + $r="eax"; + $a="edx"; + $c="ecx"; + + if ($sse2) { + &picmeup("eax","OPENSSL_ia32cap_P"); + &bt(&DWP(0,"eax"),26); + &jnc(&label("mw_non_sse2")); + + &mov($r,&wparam(0)); + &mov($a,&wparam(1)); + &mov($c,&wparam(2)); + &movd("mm0",&wparam(3)); # mm0 = w + &pxor("mm1","mm1"); # mm1 = carry = 0 + + &set_label("mw_sse2_loop",16); + &movd("mm2",&DWP(0,$a)); # mm2 = a[i] + &pmuludq("mm2","mm0"); # a[i] *= w + &lea($a,&DWP(4,$a)); + &paddq("mm1","mm2"); # carry += a[i]*w + &movd(&DWP(0,$r),"mm1"); # r[i] = carry_low + &sub($c,1); + &psrlq("mm1",32); # carry = carry_high + &lea($r,&DWP(4,$r)); + &jnz(&label("mw_sse2_loop")); + + &movd("eax","mm1"); # return carry + &emms(); + &ret(); + &set_label("mw_non_sse2",16); + } + + # function_begin prologue + &push("ebp"); + &push("ebx"); + &push("esi"); + &push("edi"); &comment(""); $Low="eax"; @@ -257,7 +322,40 @@ sub bn_sqr_words { local($name)=@_; - &function_begin($name,""); + &function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":""); + + $r="eax"; + $a="edx"; + $c="ecx"; + + if ($sse2) { + &picmeup("eax","OPENSSL_ia32cap_P"); + &bt(&DWP(0,"eax"),26); + &jnc(&label("sqr_non_sse2")); + + &mov($r,&wparam(0)); + &mov($a,&wparam(1)); + &mov($c,&wparam(2)); + + &set_label("sqr_sse2_loop",16); + &movd("mm0",&DWP(0,$a)); # mm0 = a[i] + &pmuludq("mm0","mm0"); # a[i] *= a[i] + &lea($a,&DWP(4,$a)); # a++ + &movq(&QWP(0,$r),"mm0"); # r[i] = a[i]*a[i] + &sub($c,1); + &lea($r,&DWP(8,$r)); # r += 2 + &jnz(&label("sqr_sse2_loop")); + + &emms(); + &ret(); + &set_label("sqr_non_sse2",16); + } + + # function_begin prologue + &push("ebp"); + &push("ebx"); + &push("esi"); + &push("edi"); &comment(""); $r="esi"; @@ -313,12 +411,13 @@ sub bn_div_words { local($name)=@_; - &function_begin($name,""); + &function_begin_B($name,""); &mov("edx",&wparam(0)); # &mov("eax",&wparam(1)); # - &mov("ebx",&wparam(2)); # - &div("ebx"); - &function_end($name); + &mov("ecx",&wparam(2)); # + &div("ecx"); + &ret(); + &function_end_B($name); } sub bn_add_words diff --git a/src/lib/libcrypto/bn/asm/bn-alpha.pl b/src/lib/libcrypto/bn/asm/bn-alpha.pl deleted file mode 100644 index 302edf2376..0000000000 --- a/src/lib/libcrypto/bn/asm/bn-alpha.pl +++ /dev/null @@ -1,571 +0,0 @@ -#!/usr/local/bin/perl -# I have this in perl so I can use more usefull register names and then convert -# them into alpha registers. -# - -$d=&data(); -$d =~ s/CC/0/g; -$d =~ s/R1/1/g; -$d =~ s/R2/2/g; -$d =~ s/R3/3/g; -$d =~ s/R4/4/g; -$d =~ s/L1/5/g; -$d =~ s/L2/6/g; -$d =~ s/L3/7/g; -$d =~ s/L4/8/g; -$d =~ s/O1/22/g; -$d =~ s/O2/23/g; -$d =~ s/O3/24/g; -$d =~ s/O4/25/g; -$d =~ s/A1/20/g; -$d =~ s/A2/21/g; -$d =~ s/A3/27/g; -$d =~ s/A4/28/g; -if (0){ -} - -print $d; - -sub data - { - local($data)=<<'EOF'; - - # DEC Alpha assember - # The bn_div_words is actually gcc output but the other parts are hand done. - # Thanks to tzeruch@ceddec.com for sending me the gcc output for - # bn_div_words. - # I've gone back and re-done most of routines. - # The key thing to remeber for the 164 CPU is that while a - # multiply operation takes 8 cycles, another one can only be issued - # after 4 cycles have elapsed. I've done modification to help - # improve this. Also, normally, a ld instruction will not be available - # for about 3 cycles. - .file 1 "bn_asm.c" - .set noat -gcc2_compiled.: -__gnu_compiled_c: - .text - .align 3 - .globl bn_mul_add_words - .ent bn_mul_add_words -bn_mul_add_words: -bn_mul_add_words..ng: - .frame $30,0,$26,0 - .prologue 0 - .align 5 - subq $18,4,$18 - bis $31,$31,$CC - blt $18,$43 # if we are -1, -2, -3 or -4 goto tail code - ldq $A1,0($17) # 1 1 - ldq $R1,0($16) # 1 1 - .align 3 -$42: - mulq $A1,$19,$L1 # 1 2 1 ###### - ldq $A2,8($17) # 2 1 - ldq $R2,8($16) # 2 1 - umulh $A1,$19,$A1 # 1 2 ###### - ldq $A3,16($17) # 3 1 - ldq $R3,16($16) # 3 1 - mulq $A2,$19,$L2 # 2 2 1 ###### - ldq $A4,24($17) # 4 1 - addq $R1,$L1,$R1 # 1 2 2 - ldq $R4,24($16) # 4 1 - umulh $A2,$19,$A2 # 2 2 ###### - cmpult $R1,$L1,$O1 # 1 2 3 1 - addq $A1,$O1,$A1 # 1 3 1 - addq $R1,$CC,$R1 # 1 2 3 1 - mulq $A3,$19,$L3 # 3 2 1 ###### - cmpult $R1,$CC,$CC # 1 2 3 2 - addq $R2,$L2,$R2 # 2 2 2 - addq $A1,$CC,$CC # 1 3 2 - cmpult $R2,$L2,$O2 # 2 2 3 1 - addq $A2,$O2,$A2 # 2 3 1 - umulh $A3,$19,$A3 # 3 2 ###### - addq $R2,$CC,$R2 # 2 2 3 1 - cmpult $R2,$CC,$CC # 2 2 3 2 - subq $18,4,$18 - mulq $A4,$19,$L4 # 4 2 1 ###### - addq $A2,$CC,$CC # 2 3 2 - addq $R3,$L3,$R3 # 3 2 2 - addq $16,32,$16 - cmpult $R3,$L3,$O3 # 3 2 3 1 - stq $R1,-32($16) # 1 2 4 - umulh $A4,$19,$A4 # 4 2 ###### - addq $A3,$O3,$A3 # 3 3 1 - addq $R3,$CC,$R3 # 3 2 3 1 - stq $R2,-24($16) # 2 2 4 - cmpult $R3,$CC,$CC # 3 2 3 2 - stq $R3,-16($16) # 3 2 4 - addq $R4,$L4,$R4 # 4 2 2 - addq $A3,$CC,$CC # 3 3 2 - cmpult $R4,$L4,$O4 # 4 2 3 1 - addq $17,32,$17 - addq $A4,$O4,$A4 # 4 3 1 - addq $R4,$CC,$R4 # 4 2 3 1 - cmpult $R4,$CC,$CC # 4 2 3 2 - stq $R4,-8($16) # 4 2 4 - addq $A4,$CC,$CC # 4 3 2 - blt $18,$43 - - ldq $A1,0($17) # 1 1 - ldq $R1,0($16) # 1 1 - - br $42 - - .align 4 -$45: - ldq $A1,0($17) # 4 1 - ldq $R1,0($16) # 4 1 - mulq $A1,$19,$L1 # 4 2 1 - subq $18,1,$18 - addq $16,8,$16 - addq $17,8,$17 - umulh $A1,$19,$A1 # 4 2 - addq $R1,$L1,$R1 # 4 2 2 - cmpult $R1,$L1,$O1 # 4 2 3 1 - addq $A1,$O1,$A1 # 4 3 1 - addq $R1,$CC,$R1 # 4 2 3 1 - cmpult $R1,$CC,$CC # 4 2 3 2 - addq $A1,$CC,$CC # 4 3 2 - stq $R1,-8($16) # 4 2 4 - bgt $18,$45 - ret $31,($26),1 # else exit - - .align 4 -$43: - addq $18,4,$18 - bgt $18,$45 # goto tail code - ret $31,($26),1 # else exit - - .end bn_mul_add_words - .align 3 - .globl bn_mul_words - .ent bn_mul_words -bn_mul_words: -bn_mul_words..ng: - .frame $30,0,$26,0 - .prologue 0 - .align 5 - subq $18,4,$18 - bis $31,$31,$CC - blt $18,$143 # if we are -1, -2, -3 or -4 goto tail code - ldq $A1,0($17) # 1 1 - .align 3 -$142: - - mulq $A1,$19,$L1 # 1 2 1 ##### - ldq $A2,8($17) # 2 1 - ldq $A3,16($17) # 3 1 - umulh $A1,$19,$A1 # 1 2 ##### - ldq $A4,24($17) # 4 1 - mulq $A2,$19,$L2 # 2 2 1 ##### - addq $L1,$CC,$L1 # 1 2 3 1 - subq $18,4,$18 - cmpult $L1,$CC,$CC # 1 2 3 2 - umulh $A2,$19,$A2 # 2 2 ##### - addq $A1,$CC,$CC # 1 3 2 - addq $17,32,$17 - addq $L2,$CC,$L2 # 2 2 3 1 - mulq $A3,$19,$L3 # 3 2 1 ##### - cmpult $L2,$CC,$CC # 2 2 3 2 - addq $A2,$CC,$CC # 2 3 2 - addq $16,32,$16 - umulh $A3,$19,$A3 # 3 2 ##### - stq $L1,-32($16) # 1 2 4 - mulq $A4,$19,$L4 # 4 2 1 ##### - addq $L3,$CC,$L3 # 3 2 3 1 - stq $L2,-24($16) # 2 2 4 - cmpult $L3,$CC,$CC # 3 2 3 2 - umulh $A4,$19,$A4 # 4 2 ##### - addq $A3,$CC,$CC # 3 3 2 - stq $L3,-16($16) # 3 2 4 - addq $L4,$CC,$L4 # 4 2 3 1 - cmpult $L4,$CC,$CC # 4 2 3 2 - - addq $A4,$CC,$CC # 4 3 2 - - stq $L4,-8($16) # 4 2 4 - - blt $18,$143 - - ldq $A1,0($17) # 1 1 - - br $142 - - .align 4 -$145: - ldq $A1,0($17) # 4 1 - mulq $A1,$19,$L1 # 4 2 1 - subq $18,1,$18 - umulh $A1,$19,$A1 # 4 2 - addq $L1,$CC,$L1 # 4 2 3 1 - addq $16,8,$16 - cmpult $L1,$CC,$CC # 4 2 3 2 - addq $17,8,$17 - addq $A1,$CC,$CC # 4 3 2 - stq $L1,-8($16) # 4 2 4 - - bgt $18,$145 - ret $31,($26),1 # else exit - - .align 4 -$143: - addq $18,4,$18 - bgt $18,$145 # goto tail code - ret $31,($26),1 # else exit - - .end bn_mul_words - .align 3 - .globl bn_sqr_words - .ent bn_sqr_words -bn_sqr_words: -bn_sqr_words..ng: - .frame $30,0,$26,0 - .prologue 0 - - subq $18,4,$18 - blt $18,$543 # if we are -1, -2, -3 or -4 goto tail code - ldq $A1,0($17) # 1 1 - .align 3 -$542: - mulq $A1,$A1,$L1 ###### - ldq $A2,8($17) # 1 1 - subq $18,4 - umulh $A1,$A1,$R1 ###### - ldq $A3,16($17) # 1 1 - mulq $A2,$A2,$L2 ###### - ldq $A4,24($17) # 1 1 - stq $L1,0($16) # r[0] - umulh $A2,$A2,$R2 ###### - stq $R1,8($16) # r[1] - mulq $A3,$A3,$L3 ###### - stq $L2,16($16) # r[0] - umulh $A3,$A3,$R3 ###### - stq $R2,24($16) # r[1] - mulq $A4,$A4,$L4 ###### - stq $L3,32($16) # r[0] - umulh $A4,$A4,$R4 ###### - stq $R3,40($16) # r[1] - - addq $16,64,$16 - addq $17,32,$17 - stq $L4,-16($16) # r[0] - stq $R4,-8($16) # r[1] - - blt $18,$543 - ldq $A1,0($17) # 1 1 - br $542 - -$442: - ldq $A1,0($17) # a[0] - mulq $A1,$A1,$L1 # a[0]*w low part r2 - addq $16,16,$16 - addq $17,8,$17 - subq $18,1,$18 - umulh $A1,$A1,$R1 # a[0]*w high part r3 - stq $L1,-16($16) # r[0] - stq $R1,-8($16) # r[1] - - bgt $18,$442 - ret $31,($26),1 # else exit - - .align 4 -$543: - addq $18,4,$18 - bgt $18,$442 # goto tail code - ret $31,($26),1 # else exit - .end bn_sqr_words - - .align 3 - .globl bn_add_words - .ent bn_add_words -bn_add_words: -bn_add_words..ng: - .frame $30,0,$26,0 - .prologue 0 - - subq $19,4,$19 - bis $31,$31,$CC # carry = 0 - blt $19,$900 - ldq $L1,0($17) # a[0] - ldq $R1,0($18) # b[1] - .align 3 -$901: - addq $R1,$L1,$R1 # r=a+b; - ldq $L2,8($17) # a[1] - cmpult $R1,$L1,$O1 # did we overflow? - ldq $R2,8($18) # b[1] - addq $R1,$CC,$R1 # c+= overflow - ldq $L3,16($17) # a[2] - cmpult $R1,$CC,$CC # overflow? - ldq $R3,16($18) # b[2] - addq $CC,$O1,$CC - ldq $L4,24($17) # a[3] - addq $R2,$L2,$R2 # r=a+b; - ldq $R4,24($18) # b[3] - cmpult $R2,$L2,$O2 # did we overflow? - addq $R3,$L3,$R3 # r=a+b; - addq $R2,$CC,$R2 # c+= overflow - cmpult $R3,$L3,$O3 # did we overflow? - cmpult $R2,$CC,$CC # overflow? - addq $R4,$L4,$R4 # r=a+b; - addq $CC,$O2,$CC - cmpult $R4,$L4,$O4 # did we overflow? - addq $R3,$CC,$R3 # c+= overflow - stq $R1,0($16) # r[0]=c - cmpult $R3,$CC,$CC # overflow? - stq $R2,8($16) # r[1]=c - addq $CC,$O3,$CC - stq $R3,16($16) # r[2]=c - addq $R4,$CC,$R4 # c+= overflow - subq $19,4,$19 # loop-- - cmpult $R4,$CC,$CC # overflow? - addq $17,32,$17 # a++ - addq $CC,$O4,$CC - stq $R4,24($16) # r[3]=c - addq $18,32,$18 # b++ - addq $16,32,$16 # r++ - - blt $19,$900 - ldq $L1,0($17) # a[0] - ldq $R1,0($18) # b[1] - br $901 - .align 4 -$945: - ldq $L1,0($17) # a[0] - ldq $R1,0($18) # b[1] - addq $R1,$L1,$R1 # r=a+b; - subq $19,1,$19 # loop-- - addq $R1,$CC,$R1 # c+= overflow - addq $17,8,$17 # a++ - cmpult $R1,$L1,$O1 # did we overflow? - cmpult $R1,$CC,$CC # overflow? - addq $18,8,$18 # b++ - stq $R1,0($16) # r[0]=c - addq $CC,$O1,$CC - addq $16,8,$16 # r++ - - bgt $19,$945 - ret $31,($26),1 # else exit - -$900: - addq $19,4,$19 - bgt $19,$945 # goto tail code - ret $31,($26),1 # else exit - .end bn_add_words - - .align 3 - .globl bn_sub_words - .ent bn_sub_words -bn_sub_words: -bn_sub_words..ng: - .frame $30,0,$26,0 - .prologue 0 - - subq $19,4,$19 - bis $31,$31,$CC # carry = 0 - br $800 - blt $19,$800 - ldq $L1,0($17) # a[0] - ldq $R1,0($18) # b[1] - .align 3 -$801: - addq $R1,$L1,$R1 # r=a+b; - ldq $L2,8($17) # a[1] - cmpult $R1,$L1,$O1 # did we overflow? - ldq $R2,8($18) # b[1] - addq $R1,$CC,$R1 # c+= overflow - ldq $L3,16($17) # a[2] - cmpult $R1,$CC,$CC # overflow? - ldq $R3,16($18) # b[2] - addq $CC,$O1,$CC - ldq $L4,24($17) # a[3] - addq $R2,$L2,$R2 # r=a+b; - ldq $R4,24($18) # b[3] - cmpult $R2,$L2,$O2 # did we overflow? - addq $R3,$L3,$R3 # r=a+b; - addq $R2,$CC,$R2 # c+= overflow - cmpult $R3,$L3,$O3 # did we overflow? - cmpult $R2,$CC,$CC # overflow? - addq $R4,$L4,$R4 # r=a+b; - addq $CC,$O2,$CC - cmpult $R4,$L4,$O4 # did we overflow? - addq $R3,$CC,$R3 # c+= overflow - stq $R1,0($16) # r[0]=c - cmpult $R3,$CC,$CC # overflow? - stq $R2,8($16) # r[1]=c - addq $CC,$O3,$CC - stq $R3,16($16) # r[2]=c - addq $R4,$CC,$R4 # c+= overflow - subq $19,4,$19 # loop-- - cmpult $R4,$CC,$CC # overflow? - addq $17,32,$17 # a++ - addq $CC,$O4,$CC - stq $R4,24($16) # r[3]=c - addq $18,32,$18 # b++ - addq $16,32,$16 # r++ - - blt $19,$800 - ldq $L1,0($17) # a[0] - ldq $R1,0($18) # b[1] - br $801 - .align 4 -$845: - ldq $L1,0($17) # a[0] - ldq $R1,0($18) # b[1] - cmpult $L1,$R1,$O1 # will we borrow? - subq $L1,$R1,$R1 # r=a-b; - subq $19,1,$19 # loop-- - cmpult $R1,$CC,$O2 # will we borrow? - subq $R1,$CC,$R1 # c+= overflow - addq $17,8,$17 # a++ - addq $18,8,$18 # b++ - stq $R1,0($16) # r[0]=c - addq $O2,$O1,$CC - addq $16,8,$16 # r++ - - bgt $19,$845 - ret $31,($26),1 # else exit - -$800: - addq $19,4,$19 - bgt $19,$845 # goto tail code - ret $31,($26),1 # else exit - .end bn_sub_words - - # - # What follows was taken directly from the C compiler with a few - # hacks to redo the lables. - # -.text - .align 3 - .globl bn_div_words - .ent bn_div_words -bn_div_words: - ldgp $29,0($27) -bn_div_words..ng: - lda $30,-48($30) - .frame $30,48,$26,0 - stq $26,0($30) - stq $9,8($30) - stq $10,16($30) - stq $11,24($30) - stq $12,32($30) - stq $13,40($30) - .mask 0x4003e00,-48 - .prologue 1 - bis $16,$16,$9 - bis $17,$17,$10 - bis $18,$18,$11 - bis $31,$31,$13 - bis $31,2,$12 - bne $11,$119 - lda $0,-1 - br $31,$136 - .align 4 -$119: - bis $11,$11,$16 - jsr $26,BN_num_bits_word - ldgp $29,0($26) - subq $0,64,$1 - beq $1,$120 - bis $31,1,$1 - sll $1,$0,$1 - cmpule $9,$1,$1 - bne $1,$120 - # lda $16,_IO_stderr_ - # lda $17,$C32 - # bis $0,$0,$18 - # jsr $26,fprintf - # ldgp $29,0($26) - jsr $26,abort - ldgp $29,0($26) - .align 4 -$120: - bis $31,64,$3 - cmpult $9,$11,$2 - subq $3,$0,$1 - addl $1,$31,$0 - subq $9,$11,$1 - cmoveq $2,$1,$9 - beq $0,$122 - zapnot $0,15,$2 - subq $3,$0,$1 - sll $11,$2,$11 - sll $9,$2,$3 - srl $10,$1,$1 - sll $10,$2,$10 - bis $3,$1,$9 -$122: - srl $11,32,$5 - zapnot $11,15,$6 - lda $7,-1 - .align 5 -$123: - srl $9,32,$1 - subq $1,$5,$1 - bne $1,$126 - zapnot $7,15,$27 - br $31,$127 - .align 4 -$126: - bis $9,$9,$24 - bis $5,$5,$25 - divqu $24,$25,$27 -$127: - srl $10,32,$4 - .align 5 -$128: - mulq $27,$5,$1 - subq $9,$1,$3 - zapnot $3,240,$1 - bne $1,$129 - mulq $6,$27,$2 - sll $3,32,$1 - addq $1,$4,$1 - cmpule $2,$1,$2 - bne $2,$129 - subq $27,1,$27 - br $31,$128 - .align 4 -$129: - mulq $27,$6,$1 - mulq $27,$5,$4 - srl $1,32,$3 - sll $1,32,$1 - addq $4,$3,$4 - cmpult $10,$1,$2 - subq $10,$1,$10 - addq $2,$4,$2 - cmpult $9,$2,$1 - bis $2,$2,$4 - beq $1,$134 - addq $9,$11,$9 - subq $27,1,$27 -$134: - subl $12,1,$12 - subq $9,$4,$9 - beq $12,$124 - sll $27,32,$13 - sll $9,32,$2 - srl $10,32,$1 - sll $10,32,$10 - bis $2,$1,$9 - br $31,$123 - .align 4 -$124: - bis $13,$27,$0 -$136: - ldq $26,0($30) - ldq $9,8($30) - ldq $10,16($30) - ldq $11,24($30) - ldq $12,32($30) - ldq $13,40($30) - addq $30,48,$30 - ret $31,($26),1 - .end bn_div_words -EOF - return($data); - } - diff --git a/src/lib/libcrypto/bn/asm/ca.pl b/src/lib/libcrypto/bn/asm/ca.pl deleted file mode 100644 index c1ce67a6b4..0000000000 --- a/src/lib/libcrypto/bn/asm/ca.pl +++ /dev/null @@ -1,33 +0,0 @@ -#!/usr/local/bin/perl -# I have this in perl so I can use more usefull register names and then convert -# them into alpha registers. -# - -push(@INC,"perlasm","../../perlasm"); -require "alpha.pl"; -require "alpha/mul_add.pl"; -require "alpha/mul.pl"; -require "alpha/sqr.pl"; -require "alpha/add.pl"; -require "alpha/sub.pl"; -require "alpha/mul_c8.pl"; -require "alpha/mul_c4.pl"; -require "alpha/sqr_c4.pl"; -require "alpha/sqr_c8.pl"; -require "alpha/div.pl"; - -&asm_init($ARGV[0],$0); - -&bn_mul_words("bn_mul_words"); -&bn_sqr_words("bn_sqr_words"); -&bn_mul_add_words("bn_mul_add_words"); -&bn_add_words("bn_add_words"); -&bn_sub_words("bn_sub_words"); -&bn_div_words("bn_div_words"); -&bn_mul_comba8("bn_mul_comba8"); -&bn_mul_comba4("bn_mul_comba4"); -&bn_sqr_comba4("bn_sqr_comba4"); -&bn_sqr_comba8("bn_sqr_comba8"); - -&asm_finish(); - diff --git a/src/lib/libcrypto/bn/asm/co-586.pl b/src/lib/libcrypto/bn/asm/co-586.pl index 5d962cb957..57101a6bd7 100644 --- a/src/lib/libcrypto/bn/asm/co-586.pl +++ b/src/lib/libcrypto/bn/asm/co-586.pl @@ -1,6 +1,7 @@ #!/usr/local/bin/perl -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; &asm_init($ARGV[0],$0); diff --git a/src/lib/libcrypto/bn/asm/co-alpha.pl b/src/lib/libcrypto/bn/asm/co-alpha.pl deleted file mode 100644 index 67dad3e3d5..0000000000 --- a/src/lib/libcrypto/bn/asm/co-alpha.pl +++ /dev/null @@ -1,116 +0,0 @@ -#!/usr/local/bin/perl -# I have this in perl so I can use more usefull register names and then convert -# them into alpha registers. -# - -push(@INC,"perlasm","../../perlasm"); -require "alpha.pl"; - -&asm_init($ARGV[0],$0); - -print &bn_sub_words("bn_sub_words"); - -&asm_finish(); - -sub bn_sub_words - { - local($name)=@_; - local($cc,$a,$b,$r); - - $cc="r0"; - $a0="r1"; $b0="r5"; $r0="r9"; $tmp="r13"; - $a1="r2"; $b1="r6"; $r1="r10"; $t1="r14"; - $a2="r3"; $b2="r7"; $r2="r11"; - $a3="r4"; $b3="r8"; $r3="r12"; $t3="r15"; - - $rp=&wparam(0); - $ap=&wparam(1); - $bp=&wparam(2); - $count=&wparam(3); - - &function_begin($name,""); - - &comment(""); - &sub($count,4,$count); - &mov("zero",$cc); - &blt($count,&label("finish")); - - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - -########################################################## - &set_label("loop"); - - &ld($a1,&QWPw(1,$ap)); - &cmpult($a0,$b0,$tmp); # will we borrow? - &ld($b1,&QWPw(1,$bp)); - &sub($a0,$b0,$a0); # do the subtract - &ld($a2,&QWPw(2,$ap)); - &cmpult($a0,$cc,$b0); # will we borrow? - &ld($b2,&QWPw(2,$bp)); - &sub($a0,$cc,$a0); # will we borrow? - &ld($a3,&QWPw(3,$ap)); - &add($b0,$tmp,$cc); # add the borrows - - &cmpult($a1,$b1,$t1); # will we borrow? - &sub($a1,$b1,$a1); # do the subtract - &ld($b3,&QWPw(3,$bp)); - &cmpult($a1,$cc,$b1); # will we borrow? - &sub($a1,$cc,$a1); # will we borrow? - &add($b1,$t1,$cc); # add the borrows - - &cmpult($a2,$b2,$tmp); # will we borrow? - &sub($a2,$b2,$a2); # do the subtract - &st($a0,&QWPw(0,$rp)); # save - &cmpult($a2,$cc,$b2); # will we borrow? - &sub($a2,$cc,$a2); # will we borrow? - &add($b2,$tmp,$cc); # add the borrows - - &cmpult($a3,$b3,$t3); # will we borrow? - &sub($a3,$b3,$a3); # do the subtract - &st($a1,&QWPw(1,$rp)); # save - &cmpult($a3,$cc,$b3); # will we borrow? - &sub($a3,$cc,$a3); # will we borrow? - &add($b3,$t3,$cc); # add the borrows - - &st($a2,&QWPw(2,$rp)); # save - &sub($count,4,$count); # count-=4 - &st($a3,&QWPw(3,$rp)); # save - &add($ap,4*$QWS,$ap); # count+=4 - &add($bp,4*$QWS,$bp); # count+=4 - &add($rp,4*$QWS,$rp); # count+=4 - - &blt($count,&label("finish")); - &ld($a0,&QWPw(0,$ap)); - &ld($b0,&QWPw(0,$bp)); - &br(&label("loop")); -################################################## - # Do the last 0..3 words - - &set_label("last_loop"); - - &ld($a0,&QWPw(0,$ap)); # get a - &ld($b0,&QWPw(0,$bp)); # get b - &cmpult($a0,$b0,$tmp); # will we borrow? - &sub($a0,$b0,$a0); # do the subtract - &cmpult($a0,$cc,$b0); # will we borrow? - &sub($a0,$cc,$a0); # will we borrow? - &st($a0,&QWPw(0,$rp)); # save - &add($b0,$tmp,$cc); # add the borrows - - &add($ap,$QWS,$ap); - &add($bp,$QWS,$bp); - &add($rp,$QWS,$rp); - &sub($count,1,$count); - &bgt($count,&label("last_loop")); - &function_end_A($name); - -###################################################### - &set_label("finish"); - &add($count,4,$count); - &bgt($count,&label("last_loop")); - - &set_label("end"); - &function_end($name); - } - diff --git a/src/lib/libcrypto/bn/asm/mips1.s b/src/lib/libcrypto/bn/asm/mips1.s deleted file mode 100644 index 44fa1254c7..0000000000 --- a/src/lib/libcrypto/bn/asm/mips1.s +++ /dev/null @@ -1,539 +0,0 @@ -/* This assember is for R2000/R3000 machines, or higher ones that do - * no want to do any 64 bit arithmatic. - * Make sure that the SSLeay bignum library is compiled with - * THIRTY_TWO_BIT set. - * This must either be compiled with the system CC, or, if you use GNU gas, - * cc -E mips1.s|gas -o mips1.o - */ - .set reorder - .set noat - -#define R1 $1 -#define CC $2 -#define R2 $3 -#define R3 $8 -#define R4 $9 -#define L1 $10 -#define L2 $11 -#define L3 $12 -#define L4 $13 -#define H1 $14 -#define H2 $15 -#define H3 $24 -#define H4 $25 - -#define P1 $4 -#define P2 $5 -#define P3 $6 -#define P4 $7 - - .align 2 - .ent bn_mul_add_words - .globl bn_mul_add_words -.text -bn_mul_add_words: - .frame $sp,0,$31 - .mask 0x00000000,0 - .fmask 0x00000000,0 - - #blt P3,4,$lab34 - - subu R1,P3,4 - move CC,$0 - bltz R1,$lab34 -$lab2: - lw R1,0(P1) - lw L1,0(P2) - lw R2,4(P1) - lw L2,4(P2) - lw R3,8(P1) - lw L3,8(P2) - lw R4,12(P1) - lw L4,12(P2) - multu L1,P4 - addu R1,R1,CC - mflo L1 - sltu CC,R1,CC - addu R1,R1,L1 - mfhi H1 - sltu L1,R1,L1 - sw R1,0(P1) - addu CC,CC,L1 - multu L2,P4 - addu CC,H1,CC - mflo L2 - addu R2,R2,CC - sltu CC,R2,CC - mfhi H2 - addu R2,R2,L2 - addu P2,P2,16 - sltu L2,R2,L2 - sw R2,4(P1) - addu CC,CC,L2 - multu L3,P4 - addu CC,H2,CC - mflo L3 - addu R3,R3,CC - sltu CC,R3,CC - mfhi H3 - addu R3,R3,L3 - addu P1,P1,16 - sltu L3,R3,L3 - sw R3,-8(P1) - addu CC,CC,L3 - multu L4,P4 - addu CC,H3,CC - mflo L4 - addu R4,R4,CC - sltu CC,R4,CC - mfhi H4 - addu R4,R4,L4 - subu P3,P3,4 - sltu L4,R4,L4 - addu CC,CC,L4 - addu CC,H4,CC - - subu R1,P3,4 - sw R4,-4(P1) # delay slot - bgez R1,$lab2 - - bleu P3,0,$lab3 - .align 2 -$lab33: - lw L1,0(P2) - lw R1,0(P1) - multu L1,P4 - addu R1,R1,CC - sltu CC,R1,CC - addu P1,P1,4 - mflo L1 - mfhi H1 - addu R1,R1,L1 - addu P2,P2,4 - sltu L1,R1,L1 - subu P3,P3,1 - addu CC,CC,L1 - sw R1,-4(P1) - addu CC,H1,CC - bgtz P3,$lab33 - j $31 - .align 2 -$lab3: - j $31 - .align 2 -$lab34: - bgt P3,0,$lab33 - j $31 - .end bn_mul_add_words - - .align 2 - # Program Unit: bn_mul_words - .ent bn_mul_words - .globl bn_mul_words -.text -bn_mul_words: - .frame $sp,0,$31 - .mask 0x00000000,0 - .fmask 0x00000000,0 - - subu P3,P3,4 - move CC,$0 - bltz P3,$lab45 -$lab44: - lw L1,0(P2) - lw L2,4(P2) - lw L3,8(P2) - lw L4,12(P2) - multu L1,P4 - subu P3,P3,4 - mflo L1 - mfhi H1 - addu L1,L1,CC - multu L2,P4 - sltu CC,L1,CC - sw L1,0(P1) - addu CC,H1,CC - mflo L2 - mfhi H2 - addu L2,L2,CC - multu L3,P4 - sltu CC,L2,CC - sw L2,4(P1) - addu CC,H2,CC - mflo L3 - mfhi H3 - addu L3,L3,CC - multu L4,P4 - sltu CC,L3,CC - sw L3,8(P1) - addu CC,H3,CC - mflo L4 - mfhi H4 - addu L4,L4,CC - addu P1,P1,16 - sltu CC,L4,CC - addu P2,P2,16 - addu CC,H4,CC - sw L4,-4(P1) - - bgez P3,$lab44 - b $lab45 -$lab46: - lw L1,0(P2) - addu P1,P1,4 - multu L1,P4 - addu P2,P2,4 - mflo L1 - mfhi H1 - addu L1,L1,CC - subu P3,P3,1 - sltu CC,L1,CC - sw L1,-4(P1) - addu CC,H1,CC - bgtz P3,$lab46 - j $31 -$lab45: - addu P3,P3,4 - bgtz P3,$lab46 - j $31 - .align 2 - .end bn_mul_words - - # Program Unit: bn_sqr_words - .ent bn_sqr_words - .globl bn_sqr_words -.text -bn_sqr_words: - .frame $sp,0,$31 - .mask 0x00000000,0 - .fmask 0x00000000,0 - - subu P3,P3,4 - bltz P3,$lab55 -$lab54: - lw L1,0(P2) - lw L2,4(P2) - lw L3,8(P2) - lw L4,12(P2) - - multu L1,L1 - subu P3,P3,4 - mflo L1 - mfhi H1 - sw L1,0(P1) - sw H1,4(P1) - - multu L2,L2 - addu P1,P1,32 - mflo L2 - mfhi H2 - sw L2,-24(P1) - sw H2,-20(P1) - - multu L3,L3 - addu P2,P2,16 - mflo L3 - mfhi H3 - sw L3,-16(P1) - sw H3,-12(P1) - - multu L4,L4 - - mflo L4 - mfhi H4 - sw L4,-8(P1) - sw H4,-4(P1) - - bgtz P3,$lab54 - b $lab55 -$lab56: - lw L1,0(P2) - addu P1,P1,8 - multu L1,L1 - addu P2,P2,4 - subu P3,P3,1 - mflo L1 - mfhi H1 - sw L1,-8(P1) - sw H1,-4(P1) - - bgtz P3,$lab56 - j $31 -$lab55: - addu P3,P3,4 - bgtz P3,$lab56 - j $31 - .align 2 - .end bn_sqr_words - - # Program Unit: bn_add_words - .ent bn_add_words - .globl bn_add_words -.text -bn_add_words: # 0x590 - .frame $sp,0,$31 - .mask 0x00000000,0 - .fmask 0x00000000,0 - - subu P4,P4,4 - move CC,$0 - bltz P4,$lab65 -$lab64: - lw L1,0(P2) - lw R1,0(P3) - lw L2,4(P2) - lw R2,4(P3) - - addu L1,L1,CC - lw L3,8(P2) - sltu CC,L1,CC - addu L1,L1,R1 - sltu R1,L1,R1 - lw R3,8(P3) - addu CC,CC,R1 - lw L4,12(P2) - - addu L2,L2,CC - lw R4,12(P3) - sltu CC,L2,CC - addu L2,L2,R2 - sltu R2,L2,R2 - sw L1,0(P1) - addu CC,CC,R2 - addu P1,P1,16 - addu L3,L3,CC - sw L2,-12(P1) - - sltu CC,L3,CC - addu L3,L3,R3 - sltu R3,L3,R3 - addu P2,P2,16 - addu CC,CC,R3 - - addu L4,L4,CC - addu P3,P3,16 - sltu CC,L4,CC - addu L4,L4,R4 - subu P4,P4,4 - sltu R4,L4,R4 - sw L3,-8(P1) - addu CC,CC,R4 - sw L4,-4(P1) - - bgtz P4,$lab64 - b $lab65 -$lab66: - lw L1,0(P2) - lw R1,0(P3) - addu L1,L1,CC - addu P1,P1,4 - sltu CC,L1,CC - addu P2,P2,4 - addu P3,P3,4 - addu L1,L1,R1 - subu P4,P4,1 - sltu R1,L1,R1 - sw L1,-4(P1) - addu CC,CC,R1 - - bgtz P4,$lab66 - j $31 -$lab65: - addu P4,P4,4 - bgtz P4,$lab66 - j $31 - .end bn_add_words - - # Program Unit: bn_div64 - .set at - .set reorder - .text - .align 2 - .globl bn_div64 - # 321 { - .ent bn_div64 2 -bn_div64: - subu $sp, 64 - sw $31, 56($sp) - sw $16, 48($sp) - .mask 0x80010000, -56 - .frame $sp, 64, $31 - move $9, $4 - move $12, $5 - move $16, $6 - # 322 BN_ULONG dh,dl,q,ret=0,th,tl,t; - move $31, $0 - # 323 int i,count=2; - li $13, 2 - # 324 - # 325 if (d == 0) return(BN_MASK2); - bne $16, 0, $80 - li $2, -1 - b $93 -$80: - # 326 - # 327 i=BN_num_bits_word(d); - move $4, $16 - sw $31, 16($sp) - sw $9, 24($sp) - sw $12, 32($sp) - sw $13, 40($sp) - .livereg 0x800ff0e,0xfff - jal BN_num_bits_word - li $4, 32 - lw $31, 16($sp) - lw $9, 24($sp) - lw $12, 32($sp) - lw $13, 40($sp) - move $3, $2 - # 328 if ((i != BN_BITS2) && (h > (BN_ULONG)1<= d) h-=d; - bltu $9, $16, $82 - subu $9, $9, $16 -$82: - # 337 - # 338 if (i) - beq $3, 0, $83 - # 339 { - # 340 d<<=i; - sll $16, $16, $3 - # 341 h=(h<>(BN_BITS2-i)); - sll $24, $9, $3 - subu $25, $4, $3 - srl $14, $12, $25 - or $9, $24, $14 - # 342 l<<=i; - sll $12, $12, $3 - # 343 } -$83: - # 344 dh=(d&BN_MASK2h)>>BN_BITS4; - # 345 dl=(d&BN_MASK2l); - and $8, $16, -65536 - srl $8, $8, 16 - and $10, $16, 65535 - li $6, -65536 -$84: - # 346 for (;;) - # 347 { - # 348 if ((h>>BN_BITS4) == dh) - srl $15, $9, 16 - bne $8, $15, $85 - # 349 q=BN_MASK2l; - li $5, 65535 - b $86 -$85: - # 350 else - # 351 q=h/dh; - divu $5, $9, $8 -$86: - # 352 - # 353 for (;;) - # 354 { - # 355 t=(h-q*dh); - mul $4, $5, $8 - subu $2, $9, $4 - move $3, $2 - # 356 if ((t&BN_MASK2h) || - # 357 ((dl*q) <= ( - # 358 (t<>BN_BITS4)))) - and $25, $2, $6 - bne $25, $0, $87 - mul $24, $10, $5 - sll $14, $3, 16 - and $15, $12, $6 - srl $25, $15, 16 - addu $15, $14, $25 - bgtu $24, $15, $88 -$87: - # 360 break; - mul $3, $10, $5 - b $89 -$88: - # 361 q--; - addu $5, $5, -1 - # 362 } - b $86 -$89: - # 363 th=q*dh; - # 364 tl=q*dl; - # 365 t=(tl>>BN_BITS4); - # 366 tl=(tl<>BN_BITS4))&BN_MASK2; - sll $24, $9, 16 - srl $15, $12, 16 - or $9, $24, $15 - # 382 l=(l&BN_MASK2l)<15) { - &data_byte(@str[0..15]); - foreach (0..15) { shift @str; } - } - &data_byte(@str) if (@str); -} - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# October 2005 -# -# This is a "teaser" code, as it can be improved in several ways... -# First of all non-SSE2 path should be implemented (yes, for now it -# performs Montgomery multiplication/convolution only on SSE2-capable -# CPUs such as P4, others fall down to original code). Then inner loop -# can be unrolled and modulo-scheduled to improve ILP and possibly -# moved to 128-bit XMM register bank (though it would require input -# rearrangement and/or increase bus bandwidth utilization). Dedicated -# squaring procedure should give further performance improvement... -# Yet, for being draft, the code improves rsa512 *sign* benchmark by -# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-) - -# December 2006 -# -# Modulo-scheduling SSE2 loops results in further 15-20% improvement. -# Integer-only code [being equipped with dedicated squaring procedure] -# gives ~40% on rsa512 sign benchmark... - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -$sse2=0; -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -&external_label("OPENSSL_ia32cap_P") if ($sse2); - -&function_begin("bn_mul_mont"); - -$i="edx"; -$j="ecx"; -$ap="esi"; $tp="esi"; # overlapping variables!!! -$rp="edi"; $bp="edi"; # overlapping variables!!! -$np="ebp"; -$num="ebx"; - -$_num=&DWP(4*0,"esp"); # stack top layout -$_rp=&DWP(4*1,"esp"); -$_ap=&DWP(4*2,"esp"); -$_bp=&DWP(4*3,"esp"); -$_np=&DWP(4*4,"esp"); -$_n0=&DWP(4*5,"esp"); $_n0q=&QWP(4*5,"esp"); -$_sp=&DWP(4*6,"esp"); -$_bpend=&DWP(4*7,"esp"); -$frame=32; # size of above frame rounded up to 16n - - &xor ("eax","eax"); - &mov ("edi",&wparam(5)); # int num - &cmp ("edi",4); - &jl (&label("just_leave")); - - &lea ("esi",&wparam(0)); # put aside pointer to argument block - &lea ("edx",&wparam(1)); # load ap - &mov ("ebp","esp"); # saved stack pointer! - &add ("edi",2); # extra two words on top of tp - &neg ("edi"); - &lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2)) - &neg ("edi"); - - # minimize cache contention by arraning 2K window between stack - # pointer and ap argument [np is also position sensitive vector, - # but it's assumed to be near ap, as it's allocated at ~same - # time]. - &mov ("eax","esp"); - &sub ("eax","edx"); - &and ("eax",2047); - &sub ("esp","eax"); # this aligns sp and ap modulo 2048 - - &xor ("edx","esp"); - &and ("edx",2048); - &xor ("edx",2048); - &sub ("esp","edx"); # this splits them apart modulo 4096 - - &and ("esp",-64); # align to cache line - - ################################# load argument block... - &mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp - &mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap - &mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp - &mov ("edx",&DWP(3*4,"esi"));# const BN_ULONG *np - &mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0 - #&mov ("edi",&DWP(5*4,"esi"));# int num - - &mov ("esi",&DWP(0,"esi")); # pull n0[0] - &mov ($_rp,"eax"); # ... save a copy of argument block - &mov ($_ap,"ebx"); - &mov ($_bp,"ecx"); - &mov ($_np,"edx"); - &mov ($_n0,"esi"); - &lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling - #&mov ($_num,$num); # redundant as $num is not reused - &mov ($_sp,"ebp"); # saved stack pointer! - -if($sse2) { -$acc0="mm0"; # mmx register bank layout -$acc1="mm1"; -$car0="mm2"; -$car1="mm3"; -$mul0="mm4"; -$mul1="mm5"; -$temp="mm6"; -$mask="mm7"; - - &picmeup("eax","OPENSSL_ia32cap_P"); - &bt (&DWP(0,"eax"),26); - &jnc (&label("non_sse2")); - - &mov ("eax",-1); - &movd ($mask,"eax"); # mask 32 lower bits - - &mov ($ap,$_ap); # load input pointers - &mov ($bp,$_bp); - &mov ($np,$_np); - - &xor ($i,$i); # i=0 - &xor ($j,$j); # j=0 - - &movd ($mul0,&DWP(0,$bp)); # bp[0] - &movd ($mul1,&DWP(0,$ap)); # ap[0] - &movd ($car1,&DWP(0,$np)); # np[0] - - &pmuludq($mul1,$mul0); # ap[0]*bp[0] - &movq ($car0,$mul1); - &movq ($acc0,$mul1); # I wish movd worked for - &pand ($acc0,$mask); # inter-register transfers - - &pmuludq($mul1,$_n0q); # *=n0 - - &pmuludq($car1,$mul1); # "t[0]"*np[0]*n0 - &paddq ($car1,$acc0); - - &movd ($acc1,&DWP(4,$np)); # np[1] - &movd ($acc0,&DWP(4,$ap)); # ap[1] - - &psrlq ($car0,32); - &psrlq ($car1,32); - - &inc ($j); # j++ -&set_label("1st",16); - &pmuludq($acc0,$mul0); # ap[j]*bp[0] - &pmuludq($acc1,$mul1); # np[j]*m1 - &paddq ($car0,$acc0); # +=c0 - &paddq ($car1,$acc1); # +=c1 - - &movq ($acc0,$car0); - &pand ($acc0,$mask); - &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1] - &paddq ($car1,$acc0); # +=ap[j]*bp[0]; - &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1] - &psrlq ($car0,32); - &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[j-1]= - &psrlq ($car1,32); - - &lea ($j,&DWP(1,$j)); - &cmp ($j,$num); - &jl (&label("1st")); - - &pmuludq($acc0,$mul0); # ap[num-1]*bp[0] - &pmuludq($acc1,$mul1); # np[num-1]*m1 - &paddq ($car0,$acc0); # +=c0 - &paddq ($car1,$acc1); # +=c1 - - &movq ($acc0,$car0); - &pand ($acc0,$mask); - &paddq ($car1,$acc0); # +=ap[num-1]*bp[0]; - &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]= - - &psrlq ($car0,32); - &psrlq ($car1,32); - - &paddq ($car1,$car0); - &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1] - - &inc ($i); # i++ -&set_label("outer"); - &xor ($j,$j); # j=0 - - &movd ($mul0,&DWP(0,$bp,$i,4)); # bp[i] - &movd ($mul1,&DWP(0,$ap)); # ap[0] - &movd ($temp,&DWP($frame,"esp")); # tp[0] - &movd ($car1,&DWP(0,$np)); # np[0] - &pmuludq($mul1,$mul0); # ap[0]*bp[i] - - &paddq ($mul1,$temp); # +=tp[0] - &movq ($acc0,$mul1); - &movq ($car0,$mul1); - &pand ($acc0,$mask); - - &pmuludq($mul1,$_n0q); # *=n0 - - &pmuludq($car1,$mul1); - &paddq ($car1,$acc0); - - &movd ($temp,&DWP($frame+4,"esp")); # tp[1] - &movd ($acc1,&DWP(4,$np)); # np[1] - &movd ($acc0,&DWP(4,$ap)); # ap[1] - - &psrlq ($car0,32); - &psrlq ($car1,32); - &paddq ($car0,$temp); # +=tp[1] - - &inc ($j); # j++ - &dec ($num); -&set_label("inner"); - &pmuludq($acc0,$mul0); # ap[j]*bp[i] - &pmuludq($acc1,$mul1); # np[j]*m1 - &paddq ($car0,$acc0); # +=c0 - &paddq ($car1,$acc1); # +=c1 - - &movq ($acc0,$car0); - &movd ($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1] - &pand ($acc0,$mask); - &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1] - &paddq ($car1,$acc0); # +=ap[j]*bp[i]+tp[j] - &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1] - &psrlq ($car0,32); - &movd (&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]= - &psrlq ($car1,32); - &paddq ($car0,$temp); # +=tp[j+1] - - &dec ($num); - &lea ($j,&DWP(1,$j)); # j++ - &jnz (&label("inner")); - - &mov ($num,$j); - &pmuludq($acc0,$mul0); # ap[num-1]*bp[i] - &pmuludq($acc1,$mul1); # np[num-1]*m1 - &paddq ($car0,$acc0); # +=c0 - &paddq ($car1,$acc1); # +=c1 - - &movq ($acc0,$car0); - &pand ($acc0,$mask); - &paddq ($car1,$acc0); # +=ap[num-1]*bp[i]+tp[num-1] - &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]= - &psrlq ($car0,32); - &psrlq ($car1,32); - - &movd ($temp,&DWP($frame+4,"esp",$num,4)); # += tp[num] - &paddq ($car1,$car0); - &paddq ($car1,$temp); - &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1] - - &lea ($i,&DWP(1,$i)); # i++ - &cmp ($i,$num); - &jle (&label("outer")); - - &emms (); # done with mmx bank - &jmp (&label("common_tail")); - -&set_label("non_sse2",16); -} - -if (0) { - &mov ("esp",$_sp); - &xor ("eax","eax"); # signal "not fast enough [yet]" - &jmp (&label("just_leave")); - # While the below code provides competitive performance for - # all key lengthes on modern Intel cores, it's still more - # than 10% slower for 4096-bit key elsewhere:-( "Competitive" - # means compared to the original integer-only assembler. - # 512-bit RSA sign is better by ~40%, but that's about all - # one can say about all CPUs... -} else { -$inp="esi"; # integer path uses these registers differently -$word="edi"; -$carry="ebp"; - - &mov ($inp,$_ap); - &lea ($carry,&DWP(1,$num)); - &mov ($word,$_bp); - &xor ($j,$j); # j=0 - &mov ("edx",$inp); - &and ($carry,1); # see if num is even - &sub ("edx",$word); # see if ap==bp - &lea ("eax",&DWP(4,$word,$num,4)); # &bp[num] - &or ($carry,"edx"); - &mov ($word,&DWP(0,$word)); # bp[0] - &jz (&label("bn_sqr_mont")); - &mov ($_bpend,"eax"); - &mov ("eax",&DWP(0,$inp)); - &xor ("edx","edx"); - -&set_label("mull",16); - &mov ($carry,"edx"); - &mul ($word); # ap[j]*bp[0] - &add ($carry,"eax"); - &lea ($j,&DWP(1,$j)); - &adc ("edx",0); - &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1] - &cmp ($j,$num); - &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= - &jl (&label("mull")); - - &mov ($carry,"edx"); - &mul ($word); # ap[num-1]*bp[0] - &mov ($word,$_n0); - &add ("eax",$carry); - &mov ($inp,$_np); - &adc ("edx",0); - &imul ($word,&DWP($frame,"esp")); # n0*tp[0] - - &mov (&DWP($frame,"esp",$num,4),"eax"); # tp[num-1]= - &xor ($j,$j); - &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]= - &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]= - - &mov ("eax",&DWP(0,$inp)); # np[0] - &mul ($word); # np[0]*m - &add ("eax",&DWP($frame,"esp")); # +=tp[0] - &mov ("eax",&DWP(4,$inp)); # np[1] - &adc ("edx",0); - &inc ($j); - - &jmp (&label("2ndmadd")); - -&set_label("1stmadd",16); - &mov ($carry,"edx"); - &mul ($word); # ap[j]*bp[i] - &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] - &lea ($j,&DWP(1,$j)); - &adc ("edx",0); - &add ($carry,"eax"); - &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1] - &adc ("edx",0); - &cmp ($j,$num); - &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= - &jl (&label("1stmadd")); - - &mov ($carry,"edx"); - &mul ($word); # ap[num-1]*bp[i] - &add ("eax",&DWP($frame,"esp",$num,4)); # +=tp[num-1] - &mov ($word,$_n0); - &adc ("edx",0); - &mov ($inp,$_np); - &add ($carry,"eax"); - &adc ("edx",0); - &imul ($word,&DWP($frame,"esp")); # n0*tp[0] - - &xor ($j,$j); - &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] - &mov (&DWP($frame,"esp",$num,4),$carry); # tp[num-1]= - &adc ($j,0); - &mov ("eax",&DWP(0,$inp)); # np[0] - &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]= - &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]= - - &mul ($word); # np[0]*m - &add ("eax",&DWP($frame,"esp")); # +=tp[0] - &mov ("eax",&DWP(4,$inp)); # np[1] - &adc ("edx",0); - &mov ($j,1); - -&set_label("2ndmadd",16); - &mov ($carry,"edx"); - &mul ($word); # np[j]*m - &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] - &lea ($j,&DWP(1,$j)); - &adc ("edx",0); - &add ($carry,"eax"); - &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+1] - &adc ("edx",0); - &cmp ($j,$num); - &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j-1]= - &jl (&label("2ndmadd")); - - &mov ($carry,"edx"); - &mul ($word); # np[j]*m - &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1] - &adc ("edx",0); - &add ($carry,"eax"); - &adc ("edx",0); - &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]= - - &xor ("eax","eax"); - &mov ($j,$_bp); # &bp[i] - &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] - &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1] - &lea ($j,&DWP(4,$j)); - &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]= - &cmp ($j,$_bpend); - &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]= - &je (&label("common_tail")); - - &mov ($word,&DWP(0,$j)); # bp[i+1] - &mov ($inp,$_ap); - &mov ($_bp,$j); # &bp[++i] - &xor ($j,$j); - &xor ("edx","edx"); - &mov ("eax",&DWP(0,$inp)); - &jmp (&label("1stmadd")); - -&set_label("bn_sqr_mont",16); -$sbit=$num; - &mov ($_num,$num); - &mov ($_bp,$j); # i=0 - - &mov ("eax",$word); # ap[0] - &mul ($word); # ap[0]*ap[0] - &mov (&DWP($frame,"esp"),"eax"); # tp[0]= - &mov ($sbit,"edx"); - &shr ("edx",1); - &and ($sbit,1); - &inc ($j); -&set_label("sqr",16); - &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j] - &mov ($carry,"edx"); - &mul ($word); # ap[j]*ap[0] - &add ("eax",$carry); - &lea ($j,&DWP(1,$j)); - &adc ("edx",0); - &lea ($carry,&DWP(0,$sbit,"eax",2)); - &shr ("eax",31); - &cmp ($j,$_num); - &mov ($sbit,"eax"); - &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= - &jl (&label("sqr")); - - &mov ("eax",&DWP(0,$inp,$j,4)); # ap[num-1] - &mov ($carry,"edx"); - &mul ($word); # ap[num-1]*ap[0] - &add ("eax",$carry); - &mov ($word,$_n0); - &adc ("edx",0); - &mov ($inp,$_np); - &lea ($carry,&DWP(0,$sbit,"eax",2)); - &imul ($word,&DWP($frame,"esp")); # n0*tp[0] - &shr ("eax",31); - &mov (&DWP($frame,"esp",$j,4),$carry); # tp[num-1]= - - &lea ($carry,&DWP(0,"eax","edx",2)); - &mov ("eax",&DWP(0,$inp)); # np[0] - &shr ("edx",31); - &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num]= - &mov (&DWP($frame+8,"esp",$j,4),"edx"); # tp[num+1]= - - &mul ($word); # np[0]*m - &add ("eax",&DWP($frame,"esp")); # +=tp[0] - &mov ($num,$j); - &adc ("edx",0); - &mov ("eax",&DWP(4,$inp)); # np[1] - &mov ($j,1); - -&set_label("3rdmadd",16); - &mov ($carry,"edx"); - &mul ($word); # np[j]*m - &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] - &adc ("edx",0); - &add ($carry,"eax"); - &mov ("eax",&DWP(4,$inp,$j,4)); # np[j+1] - &adc ("edx",0); - &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j-1]= - - &mov ($carry,"edx"); - &mul ($word); # np[j+1]*m - &add ($carry,&DWP($frame+4,"esp",$j,4)); # +=tp[j+1] - &lea ($j,&DWP(2,$j)); - &adc ("edx",0); - &add ($carry,"eax"); - &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+2] - &adc ("edx",0); - &cmp ($j,$num); - &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j]= - &jl (&label("3rdmadd")); - - &mov ($carry,"edx"); - &mul ($word); # np[j]*m - &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1] - &adc ("edx",0); - &add ($carry,"eax"); - &adc ("edx",0); - &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]= - - &mov ($j,$_bp); # i - &xor ("eax","eax"); - &mov ($inp,$_ap); - &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] - &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1] - &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]= - &cmp ($j,$num); - &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]= - &je (&label("common_tail")); - - &mov ($word,&DWP(4,$inp,$j,4)); # ap[i] - &lea ($j,&DWP(1,$j)); - &mov ("eax",$word); - &mov ($_bp,$j); # ++i - &mul ($word); # ap[i]*ap[i] - &add ("eax",&DWP($frame,"esp",$j,4)); # +=tp[i] - &adc ("edx",0); - &mov (&DWP($frame,"esp",$j,4),"eax"); # tp[i]= - &xor ($carry,$carry); - &cmp ($j,$num); - &lea ($j,&DWP(1,$j)); - &je (&label("sqrlast")); - - &mov ($sbit,"edx"); # zaps $num - &shr ("edx",1); - &and ($sbit,1); -&set_label("sqradd",16); - &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j] - &mov ($carry,"edx"); - &mul ($word); # ap[j]*ap[i] - &add ("eax",$carry); - &lea ($carry,&DWP(0,"eax","eax")); - &adc ("edx",0); - &shr ("eax",31); - &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] - &lea ($j,&DWP(1,$j)); - &adc ("eax",0); - &add ($carry,$sbit); - &adc ("eax",0); - &cmp ($j,$_num); - &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= - &mov ($sbit,"eax"); - &jle (&label("sqradd")); - - &mov ($carry,"edx"); - &lea ("edx",&DWP(0,$sbit,"edx",2)); - &shr ($carry,31); -&set_label("sqrlast"); - &mov ($word,$_n0); - &mov ($inp,$_np); - &imul ($word,&DWP($frame,"esp")); # n0*tp[0] - - &add ("edx",&DWP($frame,"esp",$j,4)); # +=tp[num] - &mov ("eax",&DWP(0,$inp)); # np[0] - &adc ($carry,0); - &mov (&DWP($frame,"esp",$j,4),"edx"); # tp[num]= - &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num+1]= - - &mul ($word); # np[0]*m - &add ("eax",&DWP($frame,"esp")); # +=tp[0] - &lea ($num,&DWP(-1,$j)); - &adc ("edx",0); - &mov ($j,1); - &mov ("eax",&DWP(4,$inp)); # np[1] - - &jmp (&label("3rdmadd")); -} - -&set_label("common_tail",16); - &mov ($np,$_np); # load modulus pointer - &mov ($rp,$_rp); # load result pointer - &lea ($tp,&DWP($frame,"esp")); # [$ap and $bp are zapped] - - &mov ("eax",&DWP(0,$tp)); # tp[0] - &mov ($j,$num); # j=num-1 - &xor ($i,$i); # i=0 and clear CF! - -&set_label("sub",16); - &sbb ("eax",&DWP(0,$np,$i,4)); - &mov (&DWP(0,$rp,$i,4),"eax"); # rp[i]=tp[i]-np[i] - &dec ($j); # doesn't affect CF! - &mov ("eax",&DWP(4,$tp,$i,4)); # tp[i+1] - &lea ($i,&DWP(1,$i)); # i++ - &jge (&label("sub")); - - &sbb ("eax",0); # handle upmost overflow bit - &and ($tp,"eax"); - ¬ ("eax"); - &mov ($np,$rp); - &and ($np,"eax"); - &or ($tp,$np); # tp=carry?tp:rp - -&set_label("copy",16); # copy or in-place refresh - &mov ("eax",&DWP(0,$tp,$num,4)); - &mov (&DWP(0,$rp,$num,4),"eax"); # rp[i]=tp[i] - &mov (&DWP($frame,"esp",$num,4),$j); # zap temporary vector - &dec ($num); - &jge (&label("copy")); - - &mov ("esp",$_sp); # pull saved stack pointer - &mov ("eax",1); -&set_label("just_leave"); -&function_end("bn_mul_mont"); - -&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by "); - -&asm_finish(); diff --git a/src/lib/libcrypto/bn/asm/pa-risc.s b/src/lib/libcrypto/bn/asm/pa-risc.s deleted file mode 100644 index 775130a191..0000000000 --- a/src/lib/libcrypto/bn/asm/pa-risc.s +++ /dev/null @@ -1,710 +0,0 @@ - .SPACE $PRIVATE$ - .SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31 - .SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82 - .SPACE $TEXT$ - .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44 - .SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY - .IMPORT $global$,DATA - .IMPORT $$dyncall,MILLICODE -; gcc_compiled.: - .SPACE $TEXT$ - .SUBSPA $CODE$ - - .align 4 - .EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR -bn_mul_add_words - .PROC - .CALLINFO FRAME=0,CALLS,SAVE_RP - .ENTRY - stw %r2,-20(0,%r30) - ldi 0,%r28 - extru %r23,31,16,%r2 - stw %r2,-16(0,%r30) - extru %r23,15,16,%r23 - ldil L'65536,%r31 - fldws -16(0,%r30),%fr11R - stw %r23,-16(0,%r30) - ldo 12(%r25),%r29 - ldo 12(%r26),%r23 - fldws -16(0,%r30),%fr11L -L$0002 - ldw 0(0,%r25),%r19 - extru %r19,31,16,%r20 - stw %r20,-16(0,%r30) - extru %r19,15,16,%r19 - fldws -16(0,%r30),%fr22L - stw %r19,-16(0,%r30) - xmpyu %fr22L,%fr11R,%fr8 - fldws -16(0,%r30),%fr22L - fstws %fr8R,-16(0,%r30) - xmpyu %fr11R,%fr22L,%fr10 - ldw -16(0,%r30),%r2 - stw %r20,-16(0,%r30) - xmpyu %fr22L,%fr11L,%fr9 - fldws -16(0,%r30),%fr22L - fstws %fr10R,-16(0,%r30) - copy %r2,%r22 - ldw -16(0,%r30),%r2 - fstws %fr9R,-16(0,%r30) - xmpyu %fr11L,%fr22L,%fr8 - copy %r2,%r19 - ldw -16(0,%r30),%r2 - fstws %fr8R,-16(0,%r30) - copy %r2,%r20 - ldw -16(0,%r30),%r2 - addl %r2,%r19,%r21 - comclr,<<= %r19,%r21,0 - addl %r20,%r31,%r20 -L$0005 - extru %r21,15,16,%r19 - addl %r20,%r19,%r20 - zdep %r21,15,16,%r19 - addl %r22,%r19,%r22 - comclr,<<= %r19,%r22,0 - addi,tr 1,%r20,%r19 - copy %r20,%r19 - addl %r22,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi 1,%r19,%r19 - ldw 0(0,%r26),%r28 - addl %r20,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi,tr 1,%r19,%r28 - copy %r19,%r28 - addib,= -1,%r24,L$0003 - stw %r20,0(0,%r26) - ldw -8(0,%r29),%r19 - extru %r19,31,16,%r20 - stw %r20,-16(0,%r30) - extru %r19,15,16,%r19 - fldws -16(0,%r30),%fr22L - stw %r19,-16(0,%r30) - xmpyu %fr22L,%fr11R,%fr8 - fldws -16(0,%r30),%fr22L - fstws %fr8R,-16(0,%r30) - xmpyu %fr11R,%fr22L,%fr10 - ldw -16(0,%r30),%r2 - stw %r20,-16(0,%r30) - xmpyu %fr22L,%fr11L,%fr9 - fldws -16(0,%r30),%fr22L - fstws %fr10R,-16(0,%r30) - copy %r2,%r22 - ldw -16(0,%r30),%r2 - fstws %fr9R,-16(0,%r30) - xmpyu %fr11L,%fr22L,%fr8 - copy %r2,%r19 - ldw -16(0,%r30),%r2 - fstws %fr8R,-16(0,%r30) - copy %r2,%r20 - ldw -16(0,%r30),%r2 - addl %r2,%r19,%r21 - comclr,<<= %r19,%r21,0 - addl %r20,%r31,%r20 -L$0010 - extru %r21,15,16,%r19 - addl %r20,%r19,%r20 - zdep %r21,15,16,%r19 - addl %r22,%r19,%r22 - comclr,<<= %r19,%r22,0 - addi,tr 1,%r20,%r19 - copy %r20,%r19 - addl %r22,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi 1,%r19,%r19 - ldw -8(0,%r23),%r28 - addl %r20,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi,tr 1,%r19,%r28 - copy %r19,%r28 - addib,= -1,%r24,L$0003 - stw %r20,-8(0,%r23) - ldw -4(0,%r29),%r19 - extru %r19,31,16,%r20 - stw %r20,-16(0,%r30) - extru %r19,15,16,%r19 - fldws -16(0,%r30),%fr22L - stw %r19,-16(0,%r30) - xmpyu %fr22L,%fr11R,%fr8 - fldws -16(0,%r30),%fr22L - fstws %fr8R,-16(0,%r30) - xmpyu %fr11R,%fr22L,%fr10 - ldw -16(0,%r30),%r2 - stw %r20,-16(0,%r30) - xmpyu %fr22L,%fr11L,%fr9 - fldws -16(0,%r30),%fr22L - fstws %fr10R,-16(0,%r30) - copy %r2,%r22 - ldw -16(0,%r30),%r2 - fstws %fr9R,-16(0,%r30) - xmpyu %fr11L,%fr22L,%fr8 - copy %r2,%r19 - ldw -16(0,%r30),%r2 - fstws %fr8R,-16(0,%r30) - copy %r2,%r20 - ldw -16(0,%r30),%r2 - addl %r2,%r19,%r21 - comclr,<<= %r19,%r21,0 - addl %r20,%r31,%r20 -L$0015 - extru %r21,15,16,%r19 - addl %r20,%r19,%r20 - zdep %r21,15,16,%r19 - addl %r22,%r19,%r22 - comclr,<<= %r19,%r22,0 - addi,tr 1,%r20,%r19 - copy %r20,%r19 - addl %r22,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi 1,%r19,%r19 - ldw -4(0,%r23),%r28 - addl %r20,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi,tr 1,%r19,%r28 - copy %r19,%r28 - addib,= -1,%r24,L$0003 - stw %r20,-4(0,%r23) - ldw 0(0,%r29),%r19 - extru %r19,31,16,%r20 - stw %r20,-16(0,%r30) - extru %r19,15,16,%r19 - fldws -16(0,%r30),%fr22L - stw %r19,-16(0,%r30) - xmpyu %fr22L,%fr11R,%fr8 - fldws -16(0,%r30),%fr22L - fstws %fr8R,-16(0,%r30) - xmpyu %fr11R,%fr22L,%fr10 - ldw -16(0,%r30),%r2 - stw %r20,-16(0,%r30) - xmpyu %fr22L,%fr11L,%fr9 - fldws -16(0,%r30),%fr22L - fstws %fr10R,-16(0,%r30) - copy %r2,%r22 - ldw -16(0,%r30),%r2 - fstws %fr9R,-16(0,%r30) - xmpyu %fr11L,%fr22L,%fr8 - copy %r2,%r19 - ldw -16(0,%r30),%r2 - fstws %fr8R,-16(0,%r30) - copy %r2,%r20 - ldw -16(0,%r30),%r2 - addl %r2,%r19,%r21 - comclr,<<= %r19,%r21,0 - addl %r20,%r31,%r20 -L$0020 - extru %r21,15,16,%r19 - addl %r20,%r19,%r20 - zdep %r21,15,16,%r19 - addl %r22,%r19,%r22 - comclr,<<= %r19,%r22,0 - addi,tr 1,%r20,%r19 - copy %r20,%r19 - addl %r22,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi 1,%r19,%r19 - ldw 0(0,%r23),%r28 - addl %r20,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi,tr 1,%r19,%r28 - copy %r19,%r28 - addib,= -1,%r24,L$0003 - stw %r20,0(0,%r23) - ldo 16(%r29),%r29 - ldo 16(%r25),%r25 - ldo 16(%r23),%r23 - bl L$0002,0 - ldo 16(%r26),%r26 -L$0003 - ldw -20(0,%r30),%r2 - bv,n 0(%r2) - .EXIT - .PROCEND - .align 4 - .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR -bn_mul_words - .PROC - .CALLINFO FRAME=0,CALLS,SAVE_RP - .ENTRY - stw %r2,-20(0,%r30) - ldi 0,%r28 - extru %r23,31,16,%r2 - stw %r2,-16(0,%r30) - extru %r23,15,16,%r23 - ldil L'65536,%r31 - fldws -16(0,%r30),%fr11R - stw %r23,-16(0,%r30) - ldo 12(%r26),%r29 - ldo 12(%r25),%r23 - fldws -16(0,%r30),%fr11L -L$0026 - ldw 0(0,%r25),%r19 - extru %r19,31,16,%r20 - stw %r20,-16(0,%r30) - extru %r19,15,16,%r19 - fldws -16(0,%r30),%fr22L - stw %r19,-16(0,%r30) - xmpyu %fr22L,%fr11R,%fr8 - fldws -16(0,%r30),%fr22L - fstws %fr8R,-16(0,%r30) - xmpyu %fr11R,%fr22L,%fr10 - ldw -16(0,%r30),%r2 - stw %r20,-16(0,%r30) - xmpyu %fr22L,%fr11L,%fr9 - fldws -16(0,%r30),%fr22L - fstws %fr10R,-16(0,%r30) - copy %r2,%r22 - ldw -16(0,%r30),%r2 - fstws %fr9R,-16(0,%r30) - xmpyu %fr11L,%fr22L,%fr8 - copy %r2,%r19 - ldw -16(0,%r30),%r2 - fstws %fr8R,-16(0,%r30) - copy %r2,%r20 - ldw -16(0,%r30),%r2 - addl %r2,%r19,%r21 - comclr,<<= %r19,%r21,0 - addl %r20,%r31,%r20 -L$0029 - extru %r21,15,16,%r19 - addl %r20,%r19,%r20 - zdep %r21,15,16,%r19 - addl %r22,%r19,%r22 - comclr,<<= %r19,%r22,0 - addi,tr 1,%r20,%r19 - copy %r20,%r19 - addl %r22,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi,tr 1,%r19,%r28 - copy %r19,%r28 - addib,= -1,%r24,L$0027 - stw %r20,0(0,%r26) - ldw -8(0,%r23),%r19 - extru %r19,31,16,%r20 - stw %r20,-16(0,%r30) - extru %r19,15,16,%r19 - fldws -16(0,%r30),%fr22L - stw %r19,-16(0,%r30) - xmpyu %fr22L,%fr11R,%fr8 - fldws -16(0,%r30),%fr22L - fstws %fr8R,-16(0,%r30) - xmpyu %fr11R,%fr22L,%fr10 - ldw -16(0,%r30),%r2 - stw %r20,-16(0,%r30) - xmpyu %fr22L,%fr11L,%fr9 - fldws -16(0,%r30),%fr22L - fstws %fr10R,-16(0,%r30) - copy %r2,%r22 - ldw -16(0,%r30),%r2 - fstws %fr9R,-16(0,%r30) - xmpyu %fr11L,%fr22L,%fr8 - copy %r2,%r19 - ldw -16(0,%r30),%r2 - fstws %fr8R,-16(0,%r30) - copy %r2,%r20 - ldw -16(0,%r30),%r2 - addl %r2,%r19,%r21 - comclr,<<= %r19,%r21,0 - addl %r20,%r31,%r20 -L$0033 - extru %r21,15,16,%r19 - addl %r20,%r19,%r20 - zdep %r21,15,16,%r19 - addl %r22,%r19,%r22 - comclr,<<= %r19,%r22,0 - addi,tr 1,%r20,%r19 - copy %r20,%r19 - addl %r22,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi,tr 1,%r19,%r28 - copy %r19,%r28 - addib,= -1,%r24,L$0027 - stw %r20,-8(0,%r29) - ldw -4(0,%r23),%r19 - extru %r19,31,16,%r20 - stw %r20,-16(0,%r30) - extru %r19,15,16,%r19 - fldws -16(0,%r30),%fr22L - stw %r19,-16(0,%r30) - xmpyu %fr22L,%fr11R,%fr8 - fldws -16(0,%r30),%fr22L - fstws %fr8R,-16(0,%r30) - xmpyu %fr11R,%fr22L,%fr10 - ldw -16(0,%r30),%r2 - stw %r20,-16(0,%r30) - xmpyu %fr22L,%fr11L,%fr9 - fldws -16(0,%r30),%fr22L - fstws %fr10R,-16(0,%r30) - copy %r2,%r22 - ldw -16(0,%r30),%r2 - fstws %fr9R,-16(0,%r30) - xmpyu %fr11L,%fr22L,%fr8 - copy %r2,%r19 - ldw -16(0,%r30),%r2 - fstws %fr8R,-16(0,%r30) - copy %r2,%r20 - ldw -16(0,%r30),%r2 - addl %r2,%r19,%r21 - comclr,<<= %r19,%r21,0 - addl %r20,%r31,%r20 -L$0037 - extru %r21,15,16,%r19 - addl %r20,%r19,%r20 - zdep %r21,15,16,%r19 - addl %r22,%r19,%r22 - comclr,<<= %r19,%r22,0 - addi,tr 1,%r20,%r19 - copy %r20,%r19 - addl %r22,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi,tr 1,%r19,%r28 - copy %r19,%r28 - addib,= -1,%r24,L$0027 - stw %r20,-4(0,%r29) - ldw 0(0,%r23),%r19 - extru %r19,31,16,%r20 - stw %r20,-16(0,%r30) - extru %r19,15,16,%r19 - fldws -16(0,%r30),%fr22L - stw %r19,-16(0,%r30) - xmpyu %fr22L,%fr11R,%fr8 - fldws -16(0,%r30),%fr22L - fstws %fr8R,-16(0,%r30) - xmpyu %fr11R,%fr22L,%fr10 - ldw -16(0,%r30),%r2 - stw %r20,-16(0,%r30) - xmpyu %fr22L,%fr11L,%fr9 - fldws -16(0,%r30),%fr22L - fstws %fr10R,-16(0,%r30) - copy %r2,%r22 - ldw -16(0,%r30),%r2 - fstws %fr9R,-16(0,%r30) - xmpyu %fr11L,%fr22L,%fr8 - copy %r2,%r19 - ldw -16(0,%r30),%r2 - fstws %fr8R,-16(0,%r30) - copy %r2,%r20 - ldw -16(0,%r30),%r2 - addl %r2,%r19,%r21 - comclr,<<= %r19,%r21,0 - addl %r20,%r31,%r20 -L$0041 - extru %r21,15,16,%r19 - addl %r20,%r19,%r20 - zdep %r21,15,16,%r19 - addl %r22,%r19,%r22 - comclr,<<= %r19,%r22,0 - addi,tr 1,%r20,%r19 - copy %r20,%r19 - addl %r22,%r28,%r20 - comclr,<<= %r28,%r20,0 - addi,tr 1,%r19,%r28 - copy %r19,%r28 - addib,= -1,%r24,L$0027 - stw %r20,0(0,%r29) - ldo 16(%r23),%r23 - ldo 16(%r25),%r25 - ldo 16(%r29),%r29 - bl L$0026,0 - ldo 16(%r26),%r26 -L$0027 - ldw -20(0,%r30),%r2 - bv,n 0(%r2) - .EXIT - .PROCEND - .align 4 - .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR -bn_sqr_words - .PROC - .CALLINFO FRAME=0,NO_CALLS - .ENTRY - ldo 28(%r26),%r23 - ldo 12(%r25),%r28 -L$0046 - ldw 0(0,%r25),%r21 - extru %r21,31,16,%r22 - stw %r22,-16(0,%r30) - extru %r21,15,16,%r21 - fldws -16(0,%r30),%fr10L - stw %r21,-16(0,%r30) - fldws -16(0,%r30),%fr10R - xmpyu %fr10L,%fr10R,%fr8 - fstws %fr8R,-16(0,%r30) - ldw -16(0,%r30),%r29 - stw %r22,-16(0,%r30) - fldws -16(0,%r30),%fr10R - stw %r21,-16(0,%r30) - copy %r29,%r19 - xmpyu %fr10L,%fr10R,%fr8 - fldws -16(0,%r30),%fr10L - stw %r21,-16(0,%r30) - fldws -16(0,%r30),%fr10R - fstws %fr8R,-16(0,%r30) - extru %r19,16,17,%r20 - zdep %r19,14,15,%r19 - ldw -16(0,%r30),%r29 - xmpyu %fr10L,%fr10R,%fr9 - addl %r29,%r19,%r22 - stw %r22,0(0,%r26) - fstws %fr9R,-16(0,%r30) - ldw -16(0,%r30),%r29 - addl %r29,%r20,%r21 - comclr,<<= %r19,%r22,0 - addi 1,%r21,%r21 - addib,= -1,%r24,L$0057 - stw %r21,-24(0,%r23) - ldw -8(0,%r28),%r21 - extru %r21,31,16,%r22 - stw %r22,-16(0,%r30) - extru %r21,15,16,%r21 - fldws -16(0,%r30),%fr10L - stw %r21,-16(0,%r30) - fldws -16(0,%r30),%fr10R - xmpyu %fr10L,%fr10R,%fr8 - fstws %fr8R,-16(0,%r30) - ldw -16(0,%r30),%r29 - stw %r22,-16(0,%r30) - fldws -16(0,%r30),%fr10R - stw %r21,-16(0,%r30) - copy %r29,%r19 - xmpyu %fr10L,%fr10R,%fr8 - fldws -16(0,%r30),%fr10L - stw %r21,-16(0,%r30) - fldws -16(0,%r30),%fr10R - fstws %fr8R,-16(0,%r30) - extru %r19,16,17,%r20 - zdep %r19,14,15,%r19 - ldw -16(0,%r30),%r29 - xmpyu %fr10L,%fr10R,%fr9 - addl %r29,%r19,%r22 - stw %r22,-20(0,%r23) - fstws %fr9R,-16(0,%r30) - ldw -16(0,%r30),%r29 - addl %r29,%r20,%r21 - comclr,<<= %r19,%r22,0 - addi 1,%r21,%r21 - addib,= -1,%r24,L$0057 - stw %r21,-16(0,%r23) - ldw -4(0,%r28),%r21 - extru %r21,31,16,%r22 - stw %r22,-16(0,%r30) - extru %r21,15,16,%r21 - fldws -16(0,%r30),%fr10L - stw %r21,-16(0,%r30) - fldws -16(0,%r30),%fr10R - xmpyu %fr10L,%fr10R,%fr8 - fstws %fr8R,-16(0,%r30) - ldw -16(0,%r30),%r29 - stw %r22,-16(0,%r30) - fldws -16(0,%r30),%fr10R - stw %r21,-16(0,%r30) - copy %r29,%r19 - xmpyu %fr10L,%fr10R,%fr8 - fldws -16(0,%r30),%fr10L - stw %r21,-16(0,%r30) - fldws -16(0,%r30),%fr10R - fstws %fr8R,-16(0,%r30) - extru %r19,16,17,%r20 - zdep %r19,14,15,%r19 - ldw -16(0,%r30),%r29 - xmpyu %fr10L,%fr10R,%fr9 - addl %r29,%r19,%r22 - stw %r22,-12(0,%r23) - fstws %fr9R,-16(0,%r30) - ldw -16(0,%r30),%r29 - addl %r29,%r20,%r21 - comclr,<<= %r19,%r22,0 - addi 1,%r21,%r21 - addib,= -1,%r24,L$0057 - stw %r21,-8(0,%r23) - ldw 0(0,%r28),%r21 - extru %r21,31,16,%r22 - stw %r22,-16(0,%r30) - extru %r21,15,16,%r21 - fldws -16(0,%r30),%fr10L - stw %r21,-16(0,%r30) - fldws -16(0,%r30),%fr10R - xmpyu %fr10L,%fr10R,%fr8 - fstws %fr8R,-16(0,%r30) - ldw -16(0,%r30),%r29 - stw %r22,-16(0,%r30) - fldws -16(0,%r30),%fr10R - stw %r21,-16(0,%r30) - copy %r29,%r19 - xmpyu %fr10L,%fr10R,%fr8 - fldws -16(0,%r30),%fr10L - stw %r21,-16(0,%r30) - fldws -16(0,%r30),%fr10R - fstws %fr8R,-16(0,%r30) - extru %r19,16,17,%r20 - zdep %r19,14,15,%r19 - ldw -16(0,%r30),%r29 - xmpyu %fr10L,%fr10R,%fr9 - addl %r29,%r19,%r22 - stw %r22,-4(0,%r23) - fstws %fr9R,-16(0,%r30) - ldw -16(0,%r30),%r29 - addl %r29,%r20,%r21 - comclr,<<= %r19,%r22,0 - addi 1,%r21,%r21 - addib,= -1,%r24,L$0057 - stw %r21,0(0,%r23) - ldo 16(%r28),%r28 - ldo 16(%r25),%r25 - ldo 32(%r23),%r23 - bl L$0046,0 - ldo 32(%r26),%r26 -L$0057 - bv,n 0(%r2) - .EXIT - .PROCEND - .IMPORT BN_num_bits_word,CODE - .IMPORT fprintf,CODE - .IMPORT __iob,DATA - .SPACE $TEXT$ - .SUBSPA $LIT$ - - .align 4 -L$C0000 - .STRING "Division would overflow\x0a\x00" - .IMPORT abort,CODE - .SPACE $TEXT$ - .SUBSPA $CODE$ - - .align 4 - .EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR -bn_div64 - .PROC - .CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8 - .ENTRY - stw %r2,-20(0,%r30) - stwm %r8,128(0,%r30) - stw %r7,-124(0,%r30) - stw %r4,-112(0,%r30) - stw %r3,-108(0,%r30) - copy %r26,%r3 - copy %r25,%r4 - stw %r6,-120(0,%r30) - ldi 0,%r7 - stw %r5,-116(0,%r30) - movb,<> %r24,%r5,L$0059 - ldi 2,%r6 - bl L$0076,0 - ldi -1,%r28 -L$0059 - .CALL ARGW0=GR - bl BN_num_bits_word,%r2 - copy %r5,%r26 - ldi 32,%r19 - comb,= %r19,%r28,L$0060 - subi 31,%r28,%r19 - mtsar %r19 - zvdepi 1,32,%r19 - comb,>>= %r19,%r3,L$0060 - addil LR'__iob-$global$+32,%r27 - ldo RR'__iob-$global$+32(%r1),%r26 - ldil LR'L$C0000,%r25 - .CALL ARGW0=GR,ARGW1=GR - bl fprintf,%r2 - ldo RR'L$C0000(%r25),%r25 - .CALL - bl abort,%r2 - nop -L$0060 - comb,>> %r5,%r3,L$0061 - subi 32,%r28,%r28 - sub %r3,%r5,%r3 -L$0061 - comib,= 0,%r28,L$0062 - subi 31,%r28,%r19 - mtsar %r19 - zvdep %r5,32,%r5 - zvdep %r3,32,%r21 - subi 32,%r28,%r20 - mtsar %r20 - vshd 0,%r4,%r20 - or %r21,%r20,%r3 - mtsar %r19 - zvdep %r4,32,%r4 -L$0062 - extru %r5,15,16,%r23 - extru %r5,31,16,%r28 -L$0063 - extru %r3,15,16,%r19 - comb,<> %r23,%r19,L$0066 - copy %r3,%r26 - bl L$0067,0 - zdepi -1,31,16,%r29 -L$0066 - .IMPORT $$divU,MILLICODE - bl $$divU,%r31 - copy %r23,%r25 -L$0067 - stw %r29,-16(0,%r30) - fldws -16(0,%r30),%fr10L - stw %r28,-16(0,%r30) - fldws -16(0,%r30),%fr10R - stw %r23,-16(0,%r30) - xmpyu %fr10L,%fr10R,%fr8 - fldws -16(0,%r30),%fr10R - fstws %fr8R,-16(0,%r30) - xmpyu %fr10L,%fr10R,%fr9 - ldw -16(0,%r30),%r8 - fstws %fr9R,-16(0,%r30) - copy %r8,%r22 - ldw -16(0,%r30),%r8 - extru %r4,15,16,%r24 - copy %r8,%r21 -L$0068 - sub %r3,%r21,%r20 - copy %r20,%r19 - depi 0,31,16,%r19 - comib,<> 0,%r19,L$0069 - zdep %r20,15,16,%r19 - addl %r19,%r24,%r19 - comb,>>= %r19,%r22,L$0069 - sub %r22,%r28,%r22 - sub %r21,%r23,%r21 - bl L$0068,0 - ldo -1(%r29),%r29 -L$0069 - stw %r29,-16(0,%r30) - fldws -16(0,%r30),%fr10L - stw %r28,-16(0,%r30) - fldws -16(0,%r30),%fr10R - xmpyu %fr10L,%fr10R,%fr8 - fstws %fr8R,-16(0,%r30) - ldw -16(0,%r30),%r8 - stw %r23,-16(0,%r30) - fldws -16(0,%r30),%fr10R - copy %r8,%r19 - xmpyu %fr10L,%fr10R,%fr8 - fstws %fr8R,-16(0,%r30) - extru %r19,15,16,%r20 - ldw -16(0,%r30),%r8 - zdep %r19,15,16,%r19 - addl %r8,%r20,%r20 - comclr,<<= %r19,%r4,0 - addi 1,%r20,%r20 - comb,<<= %r20,%r3,L$0074 - sub %r4,%r19,%r4 - addl %r3,%r5,%r3 - ldo -1(%r29),%r29 -L$0074 - addib,= -1,%r6,L$0064 - sub %r3,%r20,%r3 - zdep %r29,15,16,%r7 - shd %r3,%r4,16,%r3 - bl L$0063,0 - zdep %r4,15,16,%r4 -L$0064 - or %r7,%r29,%r28 -L$0076 - ldw -148(0,%r30),%r2 - ldw -124(0,%r30),%r7 - ldw -120(0,%r30),%r6 - ldw -116(0,%r30),%r5 - ldw -112(0,%r30),%r4 - ldw -108(0,%r30),%r3 - bv 0(%r2) - ldwm -128(0,%r30),%r8 - .EXIT - .PROCEND diff --git a/src/lib/libcrypto/bn/asm/r3000.s b/src/lib/libcrypto/bn/asm/r3000.s deleted file mode 100644 index e95269afa3..0000000000 --- a/src/lib/libcrypto/bn/asm/r3000.s +++ /dev/null @@ -1,646 +0,0 @@ - .file 1 "../bn_mulw.c" - .set nobopt - .option pic2 - - # GNU C 2.6.3 [AL 1.1, MM 40] SGI running IRIX 5.0 compiled by GNU C - - # Cc1 defaults: - # -mabicalls - - # Cc1 arguments (-G value = 0, Cpu = 3000, ISA = 1): - # -quiet -dumpbase -O2 -o - -gcc2_compiled.: -__gnu_compiled_c: - .rdata - - .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f - .byte 0x6e,0x3a,0x20,0x31,0x2e,0x34,0x39,0x20 - .byte 0x24,0x0 - - .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f - .byte 0x6e,0x3a,0x20,0x31,0x2e,0x33,0x34,0x20 - .byte 0x24,0x0 - - .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f - .byte 0x6e,0x3a,0x20,0x31,0x2e,0x35,0x20,0x24 - .byte 0x0 - - .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f - .byte 0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24 - .byte 0x0 - - .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f - .byte 0x6e,0x3a,0x20,0x31,0x2e,0x32,0x33,0x20 - .byte 0x24,0x0 - - .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f - .byte 0x6e,0x3a,0x20,0x31,0x2e,0x37,0x38,0x20 - .byte 0x24,0x0 - - .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f - .byte 0x6e,0x3a,0x20,0x33,0x2e,0x37,0x30,0x20 - .byte 0x24,0x0 - - .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f - .byte 0x6e,0x3a,0x20,0x31,0x2e,0x32,0x20,0x24 - .byte 0x0 - - .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f - .byte 0x6e,0x3a,0x20,0x31,0x2e,0x34,0x20,0x24 - .byte 0x0 - - .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f - .byte 0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24 - .byte 0x0 - .text - .align 2 - .globl bn_mul_add_words - .ent bn_mul_add_words -bn_mul_add_words: - .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0 - .mask 0x00000000,0 - .fmask 0x00000000,0 - .set noreorder - .cpload $25 - .set reorder - move $12,$4 - move $14,$5 - move $9,$6 - move $13,$7 - move $8,$0 - addu $10,$12,12 - addu $11,$14,12 -$L2: - lw $6,0($14) - #nop - multu $13,$6 - mfhi $6 - mflo $7 - #nop - move $5,$8 - move $4,$0 - lw $3,0($12) - addu $9,$9,-1 - move $2,$0 - addu $7,$7,$3 - sltu $8,$7,$3 - addu $6,$6,$2 - addu $6,$6,$8 - addu $7,$7,$5 - sltu $2,$7,$5 - addu $6,$6,$4 - addu $6,$6,$2 - srl $3,$6,0 - move $2,$0 - move $8,$3 - .set noreorder - .set nomacro - beq $9,$0,$L3 - sw $7,0($12) - .set macro - .set reorder - - lw $6,-8($11) - #nop - multu $13,$6 - mfhi $6 - mflo $7 - #nop - move $5,$8 - move $4,$0 - lw $3,-8($10) - addu $9,$9,-1 - move $2,$0 - addu $7,$7,$3 - sltu $8,$7,$3 - addu $6,$6,$2 - addu $6,$6,$8 - addu $7,$7,$5 - sltu $2,$7,$5 - addu $6,$6,$4 - addu $6,$6,$2 - srl $3,$6,0 - move $2,$0 - move $8,$3 - .set noreorder - .set nomacro - beq $9,$0,$L3 - sw $7,-8($10) - .set macro - .set reorder - - lw $6,-4($11) - #nop - multu $13,$6 - mfhi $6 - mflo $7 - #nop - move $5,$8 - move $4,$0 - lw $3,-4($10) - addu $9,$9,-1 - move $2,$0 - addu $7,$7,$3 - sltu $8,$7,$3 - addu $6,$6,$2 - addu $6,$6,$8 - addu $7,$7,$5 - sltu $2,$7,$5 - addu $6,$6,$4 - addu $6,$6,$2 - srl $3,$6,0 - move $2,$0 - move $8,$3 - .set noreorder - .set nomacro - beq $9,$0,$L3 - sw $7,-4($10) - .set macro - .set reorder - - lw $6,0($11) - #nop - multu $13,$6 - mfhi $6 - mflo $7 - #nop - move $5,$8 - move $4,$0 - lw $3,0($10) - addu $9,$9,-1 - move $2,$0 - addu $7,$7,$3 - sltu $8,$7,$3 - addu $6,$6,$2 - addu $6,$6,$8 - addu $7,$7,$5 - sltu $2,$7,$5 - addu $6,$6,$4 - addu $6,$6,$2 - srl $3,$6,0 - move $2,$0 - move $8,$3 - .set noreorder - .set nomacro - beq $9,$0,$L3 - sw $7,0($10) - .set macro - .set reorder - - addu $11,$11,16 - addu $14,$14,16 - addu $10,$10,16 - .set noreorder - .set nomacro - j $L2 - addu $12,$12,16 - .set macro - .set reorder - -$L3: - .set noreorder - .set nomacro - j $31 - move $2,$8 - .set macro - .set reorder - - .end bn_mul_add_words - .align 2 - .globl bn_mul_words - .ent bn_mul_words -bn_mul_words: - .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0 - .mask 0x00000000,0 - .fmask 0x00000000,0 - .set noreorder - .cpload $25 - .set reorder - move $11,$4 - move $12,$5 - move $8,$6 - move $6,$0 - addu $10,$11,12 - addu $9,$12,12 -$L10: - lw $4,0($12) - #nop - multu $7,$4 - mfhi $4 - mflo $5 - #nop - move $3,$6 - move $2,$0 - addu $8,$8,-1 - addu $5,$5,$3 - sltu $6,$5,$3 - addu $4,$4,$2 - addu $4,$4,$6 - srl $3,$4,0 - move $2,$0 - move $6,$3 - .set noreorder - .set nomacro - beq $8,$0,$L11 - sw $5,0($11) - .set macro - .set reorder - - lw $4,-8($9) - #nop - multu $7,$4 - mfhi $4 - mflo $5 - #nop - move $3,$6 - move $2,$0 - addu $8,$8,-1 - addu $5,$5,$3 - sltu $6,$5,$3 - addu $4,$4,$2 - addu $4,$4,$6 - srl $3,$4,0 - move $2,$0 - move $6,$3 - .set noreorder - .set nomacro - beq $8,$0,$L11 - sw $5,-8($10) - .set macro - .set reorder - - lw $4,-4($9) - #nop - multu $7,$4 - mfhi $4 - mflo $5 - #nop - move $3,$6 - move $2,$0 - addu $8,$8,-1 - addu $5,$5,$3 - sltu $6,$5,$3 - addu $4,$4,$2 - addu $4,$4,$6 - srl $3,$4,0 - move $2,$0 - move $6,$3 - .set noreorder - .set nomacro - beq $8,$0,$L11 - sw $5,-4($10) - .set macro - .set reorder - - lw $4,0($9) - #nop - multu $7,$4 - mfhi $4 - mflo $5 - #nop - move $3,$6 - move $2,$0 - addu $8,$8,-1 - addu $5,$5,$3 - sltu $6,$5,$3 - addu $4,$4,$2 - addu $4,$4,$6 - srl $3,$4,0 - move $2,$0 - move $6,$3 - .set noreorder - .set nomacro - beq $8,$0,$L11 - sw $5,0($10) - .set macro - .set reorder - - addu $9,$9,16 - addu $12,$12,16 - addu $10,$10,16 - .set noreorder - .set nomacro - j $L10 - addu $11,$11,16 - .set macro - .set reorder - -$L11: - .set noreorder - .set nomacro - j $31 - move $2,$6 - .set macro - .set reorder - - .end bn_mul_words - .align 2 - .globl bn_sqr_words - .ent bn_sqr_words -bn_sqr_words: - .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0 - .mask 0x00000000,0 - .fmask 0x00000000,0 - .set noreorder - .cpload $25 - .set reorder - move $9,$4 - addu $7,$9,28 - addu $8,$5,12 -$L18: - lw $2,0($5) - #nop - multu $2,$2 - mfhi $2 - mflo $3 - #nop - addu $6,$6,-1 - sw $3,0($9) - srl $3,$2,0 - move $2,$0 - .set noreorder - .set nomacro - beq $6,$0,$L19 - sw $3,-24($7) - .set macro - .set reorder - - lw $2,-8($8) - #nop - multu $2,$2 - mfhi $2 - mflo $3 - #nop - addu $6,$6,-1 - sw $3,-20($7) - srl $3,$2,0 - move $2,$0 - .set noreorder - .set nomacro - beq $6,$0,$L19 - sw $3,-16($7) - .set macro - .set reorder - - lw $2,-4($8) - #nop - multu $2,$2 - mfhi $2 - mflo $3 - #nop - addu $6,$6,-1 - sw $3,-12($7) - srl $3,$2,0 - move $2,$0 - .set noreorder - .set nomacro - beq $6,$0,$L19 - sw $3,-8($7) - .set macro - .set reorder - - lw $2,0($8) - #nop - multu $2,$2 - mfhi $2 - mflo $3 - #nop - addu $6,$6,-1 - sw $3,-4($7) - srl $3,$2,0 - move $2,$0 - .set noreorder - .set nomacro - beq $6,$0,$L19 - sw $3,0($7) - .set macro - .set reorder - - addu $8,$8,16 - addu $5,$5,16 - addu $7,$7,32 - .set noreorder - .set nomacro - j $L18 - addu $9,$9,32 - .set macro - .set reorder - -$L19: - j $31 - .end bn_sqr_words - .rdata - .align 2 -$LC0: - - .byte 0x44,0x69,0x76,0x69,0x73,0x69,0x6f,0x6e - .byte 0x20,0x77,0x6f,0x75,0x6c,0x64,0x20,0x6f - .byte 0x76,0x65,0x72,0x66,0x6c,0x6f,0x77,0xa - .byte 0x0 - .text - .align 2 - .globl bn_div64 - .ent bn_div64 -bn_div64: - .frame $sp,56,$31 # vars= 0, regs= 7/0, args= 16, extra= 8 - .mask 0x901f0000,-8 - .fmask 0x00000000,0 - .set noreorder - .cpload $25 - .set reorder - subu $sp,$sp,56 - .cprestore 16 - sw $16,24($sp) - move $16,$4 - sw $17,28($sp) - move $17,$5 - sw $18,32($sp) - move $18,$6 - sw $20,40($sp) - move $20,$0 - sw $19,36($sp) - li $19,0x00000002 # 2 - sw $31,48($sp) - .set noreorder - .set nomacro - bne $18,$0,$L26 - sw $28,44($sp) - .set macro - .set reorder - - .set noreorder - .set nomacro - j $L43 - li $2,-1 # 0xffffffff - .set macro - .set reorder - -$L26: - move $4,$18 - jal BN_num_bits_word - move $4,$2 - li $2,0x00000020 # 32 - .set noreorder - .set nomacro - beq $4,$2,$L27 - li $2,0x00000001 # 1 - .set macro - .set reorder - - sll $2,$2,$4 - sltu $2,$2,$16 - .set noreorder - .set nomacro - beq $2,$0,$L44 - li $5,0x00000020 # 32 - .set macro - .set reorder - - la $4,__iob+32 - la $5,$LC0 - jal fprintf - jal abort -$L27: - li $5,0x00000020 # 32 -$L44: - sltu $2,$16,$18 - .set noreorder - .set nomacro - bne $2,$0,$L28 - subu $4,$5,$4 - .set macro - .set reorder - - subu $16,$16,$18 -$L28: - .set noreorder - .set nomacro - beq $4,$0,$L29 - li $10,-65536 # 0xffff0000 - .set macro - .set reorder - - sll $18,$18,$4 - sll $3,$16,$4 - subu $2,$5,$4 - srl $2,$17,$2 - or $16,$3,$2 - sll $17,$17,$4 -$L29: - srl $7,$18,16 - andi $9,$18,0xffff -$L30: - srl $2,$16,16 - .set noreorder - .set nomacro - beq $2,$7,$L34 - li $6,0x0000ffff # 65535 - .set macro - .set reorder - - divu $6,$16,$7 -$L34: - mult $6,$9 - mflo $5 - #nop - #nop - mult $6,$7 - and $2,$17,$10 - srl $8,$2,16 - mflo $4 -$L35: - subu $3,$16,$4 - and $2,$3,$10 - .set noreorder - .set nomacro - bne $2,$0,$L36 - sll $2,$3,16 - .set macro - .set reorder - - addu $2,$2,$8 - sltu $2,$2,$5 - .set noreorder - .set nomacro - beq $2,$0,$L36 - subu $5,$5,$9 - .set macro - .set reorder - - subu $4,$4,$7 - .set noreorder - .set nomacro - j $L35 - addu $6,$6,-1 - .set macro - .set reorder - -$L36: - mult $6,$7 - mflo $5 - #nop - #nop - mult $6,$9 - mflo $4 - #nop - #nop - srl $3,$4,16 - sll $2,$4,16 - and $4,$2,$10 - sltu $2,$17,$4 - .set noreorder - .set nomacro - beq $2,$0,$L40 - addu $5,$5,$3 - .set macro - .set reorder - - addu $5,$5,1 -$L40: - sltu $2,$16,$5 - .set noreorder - .set nomacro - beq $2,$0,$L41 - subu $17,$17,$4 - .set macro - .set reorder - - addu $16,$16,$18 - addu $6,$6,-1 -$L41: - addu $19,$19,-1 - .set noreorder - .set nomacro - beq $19,$0,$L31 - subu $16,$16,$5 - .set macro - .set reorder - - sll $20,$6,16 - sll $3,$16,16 - srl $2,$17,16 - or $16,$3,$2 - .set noreorder - .set nomacro - j $L30 - sll $17,$17,16 - .set macro - .set reorder - -$L31: - or $2,$20,$6 -$L43: - lw $31,48($sp) - lw $20,40($sp) - lw $19,36($sp) - lw $18,32($sp) - lw $17,28($sp) - lw $16,24($sp) - addu $sp,$sp,56 - j $31 - .end bn_div64 - - .globl abort .text - .globl fprintf .text - .globl BN_num_bits_word .text diff --git a/src/lib/libcrypto/bn/asm/sparcv8plus.S b/src/lib/libcrypto/bn/asm/sparcv8plus.S index 8c56e2e7e7..63de1860f2 100644 --- a/src/lib/libcrypto/bn/asm/sparcv8plus.S +++ b/src/lib/libcrypto/bn/asm/sparcv8plus.S @@ -144,6 +144,19 @@ * } */ +#if defined(__SUNPRO_C) && defined(__sparcv9) + /* They've said -xarch=v9 at command line */ + .register %g2,#scratch + .register %g3,#scratch +# define FRAME_SIZE -192 +#elif defined(__GNUC__) && defined(__arch64__) + /* They've said -m64 at command line */ + .register %g2,#scratch + .register %g3,#scratch +# define FRAME_SIZE -192 +#else +# define FRAME_SIZE -96 +#endif /* * GNU assembler can't stand stuw:-( */ @@ -619,8 +632,6 @@ bn_sub_words: * Andy. */ -#define FRAME_SIZE -96 - /* * Here is register usage map for *all* routines below. */ diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h index f1719a5877..e484b7fc11 100644 --- a/src/lib/libcrypto/bn/bn.h +++ b/src/lib/libcrypto/bn/bn.h @@ -55,6 +55,59 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -77,6 +130,7 @@ #include /* FILE */ #endif #include +#include #ifdef __cplusplus extern "C" { @@ -94,9 +148,11 @@ extern "C" { /* #define BN_DEBUG */ /* #define BN_DEBUG_RAND */ +#ifndef OPENSSL_SMALL_FOOTPRINT #define BN_MUL_COMBA #define BN_SQR_COMBA #define BN_RECURSION +#endif /* This next option uses the C libraries (2 word)/(1 word) function. * If it is not defined, I use my C version (which is slower). @@ -137,6 +193,8 @@ extern "C" { #define BN_DEC_FMT1 "%lu" #define BN_DEC_FMT2 "%019lu" #define BN_DEC_NUM 19 +#define BN_HEX_FMT1 "%lX" +#define BN_HEX_FMT2 "%016lX" #endif /* This is where the long long data type is 64 bits, but long is 32. @@ -162,83 +220,37 @@ extern "C" { #define BN_DEC_FMT1 "%llu" #define BN_DEC_FMT2 "%019llu" #define BN_DEC_NUM 19 +#define BN_HEX_FMT1 "%llX" +#define BN_HEX_FMT2 "%016llX" #endif #ifdef THIRTY_TWO_BIT #ifdef BN_LLONG -# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) +# if defined(_WIN32) && !defined(__GNUC__) # define BN_ULLONG unsigned __int64 +# define BN_MASK (0xffffffffffffffffI64) # else # define BN_ULLONG unsigned long long +# define BN_MASK (0xffffffffffffffffLL) # endif #endif -#define BN_ULONG unsigned long -#define BN_LONG long +#define BN_ULONG unsigned int +#define BN_LONG int #define BN_BITS 64 #define BN_BYTES 4 #define BN_BITS2 32 #define BN_BITS4 16 -#ifdef OPENSSL_SYS_WIN32 -/* VC++ doesn't like the LL suffix */ -#define BN_MASK (0xffffffffffffffffL) -#else -#define BN_MASK (0xffffffffffffffffLL) -#endif #define BN_MASK2 (0xffffffffL) #define BN_MASK2l (0xffff) #define BN_MASK2h1 (0xffff8000L) #define BN_MASK2h (0xffff0000L) #define BN_TBIT (0x80000000L) #define BN_DEC_CONV (1000000000L) -#define BN_DEC_FMT1 "%lu" -#define BN_DEC_FMT2 "%09lu" -#define BN_DEC_NUM 9 -#endif - -#ifdef SIXTEEN_BIT -#ifndef BN_DIV2W -#define BN_DIV2W -#endif -#define BN_ULLONG unsigned long -#define BN_ULONG unsigned short -#define BN_LONG short -#define BN_BITS 32 -#define BN_BYTES 2 -#define BN_BITS2 16 -#define BN_BITS4 8 -#define BN_MASK (0xffffffff) -#define BN_MASK2 (0xffff) -#define BN_MASK2l (0xff) -#define BN_MASK2h1 (0xff80) -#define BN_MASK2h (0xff00) -#define BN_TBIT (0x8000) -#define BN_DEC_CONV (100000) #define BN_DEC_FMT1 "%u" -#define BN_DEC_FMT2 "%05u" -#define BN_DEC_NUM 5 -#endif - -#ifdef EIGHT_BIT -#ifndef BN_DIV2W -#define BN_DIV2W -#endif -#define BN_ULLONG unsigned short -#define BN_ULONG unsigned char -#define BN_LONG char -#define BN_BITS 16 -#define BN_BYTES 1 -#define BN_BITS2 8 -#define BN_BITS4 4 -#define BN_MASK (0xffff) -#define BN_MASK2 (0xff) -#define BN_MASK2l (0xf) -#define BN_MASK2h1 (0xf8) -#define BN_MASK2h (0xf0) -#define BN_TBIT (0x80) -#define BN_DEC_CONV (100) -#define BN_DEC_FMT1 "%u" -#define BN_DEC_FMT2 "%02u" -#define BN_DEC_NUM 2 +#define BN_DEC_FMT2 "%09u" +#define BN_DEC_NUM 9 +#define BN_HEX_FMT1 "%X" +#define BN_HEX_FMT2 "%08X" #endif #define BN_DEFAULT_BITS 1280 @@ -303,12 +315,8 @@ struct bn_mont_ctx_st BIGNUM N; /* The modulus */ BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 * (Ni is only stored for bignum algorithm) */ -#if 0 - /* OpenSSL 0.9.9 preview: */ - BN_ULONG n0[2];/* least significant word(s) of Ni */ -#else - BN_ULONG n0; /* least significant word of Ni */ -#endif + BN_ULONG n0[2];/* least significant word(s) of Ni; + (type changed with 0.9.9, was "BN_ULONG n0;" before) */ int flags; }; @@ -504,6 +512,7 @@ char * BN_bn2hex(const BIGNUM *a); char * BN_bn2dec(const BIGNUM *a); int BN_hex2bn(BIGNUM **a, const char *str); int BN_dec2bn(BIGNUM **a, const char *str); +int BN_asc2bn(BIGNUM **a, const char *str); int BN_gcd(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */ BIGNUM *BN_mod_inverse(BIGNUM *ret, @@ -531,17 +540,6 @@ int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb); int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, int do_trial_division, BN_GENCB *cb); -int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx); - -int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, - const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, - const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb); -int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, - BIGNUM *Xp1, BIGNUM *Xp2, - const BIGNUM *Xp, - const BIGNUM *e, BN_CTX *ctx, - BN_GENCB *cb); - BN_MONT_CTX *BN_MONT_CTX_new(void ); void BN_MONT_CTX_init(BN_MONT_CTX *ctx); int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b, @@ -560,19 +558,22 @@ BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, #define BN_BLINDING_NO_UPDATE 0x00000001 #define BN_BLINDING_NO_RECREATE 0x00000002 -BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod); +BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod); void BN_BLINDING_free(BN_BLINDING *b); int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); +#ifndef OPENSSL_NO_DEPRECATED unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *); void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long); +#endif +CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, - const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx, + const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx); @@ -625,24 +626,24 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, * t^p[0] + t^p[1] + ... + t^p[k] * where m = p[0] > p[1] > ... > p[k] = 0. */ -int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]); +int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]); /* r = a mod p */ int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const unsigned int p[], BN_CTX *ctx); /* r = (a * b) mod p */ -int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], + const int p[], BN_CTX *ctx); /* r = (a * b) mod p */ +int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx); /* r = (a * a) mod p */ -int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const unsigned int p[], +int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[], BN_CTX *ctx); /* r = (1 / b) mod p */ int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const unsigned int p[], BN_CTX *ctx); /* r = (a / b) mod p */ + const int p[], BN_CTX *ctx); /* r = (a / b) mod p */ int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const unsigned int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */ + const int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */ int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, - const unsigned int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */ + const int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a, - const unsigned int p[], BN_CTX *ctx); /* r^2 + r = a mod p */ -int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max); -int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a); + const int p[], BN_CTX *ctx); /* r^2 + r = a mod p */ +int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max); +int BN_GF2m_arr2poly(const int p[], BIGNUM *a); /* faster mod functions for the 'NIST primes' * 0 <= a < p^2 */ @@ -751,10 +752,12 @@ int RAND_pseudo_bytes(unsigned char *buf,int num); #define bn_correct_top(a) \ { \ BN_ULONG *ftl; \ - if ((a)->top > 0) \ + int tmp_top = (a)->top; \ + if (tmp_top > 0) \ { \ - for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ - if (*(ftl--)) break; \ + for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \ + if (*(ftl--)) break; \ + (a)->top = tmp_top; \ } \ bn_pollute(a); \ } diff --git a/src/lib/libcrypto/bn/bn_asm.c b/src/lib/libcrypto/bn/bn_asm.c index 99bc2de491..c43c91cc09 100644 --- a/src/lib/libcrypto/bn/bn_asm.c +++ b/src/lib/libcrypto/bn/bn_asm.c @@ -75,6 +75,7 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) assert(num >= 0); if (num <= 0) return(c1); +#ifndef OPENSSL_SMALL_FOOTPRINT while (num&~3) { mul_add(rp[0],ap[0],w,c1); @@ -83,11 +84,11 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) mul_add(rp[3],ap[3],w,c1); ap+=4; rp+=4; num-=4; } - if (num) +#endif + while (num) { - mul_add(rp[0],ap[0],w,c1); if (--num==0) return c1; - mul_add(rp[1],ap[1],w,c1); if (--num==0) return c1; - mul_add(rp[2],ap[2],w,c1); return c1; + mul_add(rp[0],ap[0],w,c1); + ap++; rp++; num--; } return(c1); @@ -100,6 +101,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) assert(num >= 0); if (num <= 0) return(c1); +#ifndef OPENSSL_SMALL_FOOTPRINT while (num&~3) { mul(rp[0],ap[0],w,c1); @@ -108,11 +110,11 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) mul(rp[3],ap[3],w,c1); ap+=4; rp+=4; num-=4; } - if (num) +#endif + while (num) { - mul(rp[0],ap[0],w,c1); if (--num == 0) return c1; - mul(rp[1],ap[1],w,c1); if (--num == 0) return c1; - mul(rp[2],ap[2],w,c1); + mul(rp[0],ap[0],w,c1); + ap++; rp++; num--; } return(c1); } @@ -121,6 +123,8 @@ void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n) { assert(n >= 0); if (n <= 0) return; + +#ifndef OPENSSL_SMALL_FOOTPRINT while (n&~3) { sqr(r[0],r[1],a[0]); @@ -129,11 +133,11 @@ void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n) sqr(r[6],r[7],a[3]); a+=4; r+=8; n-=4; } - if (n) +#endif + while (n) { - sqr(r[0],r[1],a[0]); if (--n == 0) return; - sqr(r[2],r[3],a[1]); if (--n == 0) return; - sqr(r[4],r[5],a[2]); + sqr(r[0],r[1],a[0]); + a++; r+=2; n--; } } @@ -150,18 +154,20 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) bl=LBITS(w); bh=HBITS(w); - for (;;) +#ifndef OPENSSL_SMALL_FOOTPRINT + while (num&~3) { mul_add(rp[0],ap[0],bl,bh,c); - if (--num == 0) break; mul_add(rp[1],ap[1],bl,bh,c); - if (--num == 0) break; mul_add(rp[2],ap[2],bl,bh,c); - if (--num == 0) break; mul_add(rp[3],ap[3],bl,bh,c); - if (--num == 0) break; - ap+=4; - rp+=4; + ap+=4; rp+=4; num-=4; + } +#endif + while (num) + { + mul_add(rp[0],ap[0],bl,bh,c); + ap++; rp++; num--; } return(c); } @@ -177,18 +183,20 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) bl=LBITS(w); bh=HBITS(w); - for (;;) +#ifndef OPENSSL_SMALL_FOOTPRINT + while (num&~3) { mul(rp[0],ap[0],bl,bh,carry); - if (--num == 0) break; mul(rp[1],ap[1],bl,bh,carry); - if (--num == 0) break; mul(rp[2],ap[2],bl,bh,carry); - if (--num == 0) break; mul(rp[3],ap[3],bl,bh,carry); - if (--num == 0) break; - ap+=4; - rp+=4; + ap+=4; rp+=4; num-=4; + } +#endif + while (num) + { + mul(rp[0],ap[0],bl,bh,carry); + ap++; rp++; num--; } return(carry); } @@ -197,22 +205,21 @@ void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n) { assert(n >= 0); if (n <= 0) return; - for (;;) + +#ifndef OPENSSL_SMALL_FOOTPRINT + while (n&~3) { sqr64(r[0],r[1],a[0]); - if (--n == 0) break; - sqr64(r[2],r[3],a[1]); - if (--n == 0) break; - sqr64(r[4],r[5],a[2]); - if (--n == 0) break; - sqr64(r[6],r[7],a[3]); - if (--n == 0) break; - - a+=4; - r+=8; + a+=4; r+=8; n-=4; + } +#endif + while (n) + { + sqr64(r[0],r[1],a[0]); + a++; r+=2; n--; } } @@ -303,31 +310,30 @@ BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) assert(n >= 0); if (n <= 0) return((BN_ULONG)0); - for (;;) +#ifndef OPENSSL_SMALL_FOOTPRINT + while (n&~3) { ll+=(BN_ULLONG)a[0]+b[0]; r[0]=(BN_ULONG)ll&BN_MASK2; ll>>=BN_BITS2; - if (--n <= 0) break; - ll+=(BN_ULLONG)a[1]+b[1]; r[1]=(BN_ULONG)ll&BN_MASK2; ll>>=BN_BITS2; - if (--n <= 0) break; - ll+=(BN_ULLONG)a[2]+b[2]; r[2]=(BN_ULONG)ll&BN_MASK2; ll>>=BN_BITS2; - if (--n <= 0) break; - ll+=(BN_ULLONG)a[3]+b[3]; r[3]=(BN_ULONG)ll&BN_MASK2; ll>>=BN_BITS2; - if (--n <= 0) break; - - a+=4; - b+=4; - r+=4; + a+=4; b+=4; r+=4; n-=4; + } +#endif + while (n) + { + ll+=(BN_ULLONG)a[0]+b[0]; + r[0]=(BN_ULONG)ll&BN_MASK2; + ll>>=BN_BITS2; + a++; b++; r++; n--; } return((BN_ULONG)ll); } @@ -340,7 +346,8 @@ BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) if (n <= 0) return((BN_ULONG)0); c=0; - for (;;) +#ifndef OPENSSL_SMALL_FOOTPRINT + while (n&~3) { t=a[0]; t=(t+c)&BN_MASK2; @@ -348,35 +355,36 @@ BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) l=(t+b[0])&BN_MASK2; c+=(l < t); r[0]=l; - if (--n <= 0) break; - t=a[1]; t=(t+c)&BN_MASK2; c=(t < c); l=(t+b[1])&BN_MASK2; c+=(l < t); r[1]=l; - if (--n <= 0) break; - t=a[2]; t=(t+c)&BN_MASK2; c=(t < c); l=(t+b[2])&BN_MASK2; c+=(l < t); r[2]=l; - if (--n <= 0) break; - t=a[3]; t=(t+c)&BN_MASK2; c=(t < c); l=(t+b[3])&BN_MASK2; c+=(l < t); r[3]=l; - if (--n <= 0) break; - - a+=4; - b+=4; - r+=4; + a+=4; b+=4; r+=4; n-=4; + } +#endif + while(n) + { + t=a[0]; + t=(t+c)&BN_MASK2; + c=(t < c); + l=(t+b[0])&BN_MASK2; + c+=(l < t); + r[0]=l; + a++; b++; r++; n--; } return((BN_ULONG)c); } @@ -390,36 +398,35 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) assert(n >= 0); if (n <= 0) return((BN_ULONG)0); - for (;;) +#ifndef OPENSSL_SMALL_FOOTPRINT + while (n&~3) { t1=a[0]; t2=b[0]; r[0]=(t1-t2-c)&BN_MASK2; if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - t1=a[1]; t2=b[1]; r[1]=(t1-t2-c)&BN_MASK2; if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - t1=a[2]; t2=b[2]; r[2]=(t1-t2-c)&BN_MASK2; if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - t1=a[3]; t2=b[3]; r[3]=(t1-t2-c)&BN_MASK2; if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - - a+=4; - b+=4; - r+=4; + a+=4; b+=4; r+=4; n-=4; + } +#endif + while (n) + { + t1=a[0]; t2=b[0]; + r[0]=(t1-t2-c)&BN_MASK2; + if (t1 != t2) c=(t1 < t2); + a++; b++; r++; n--; } return(c); } -#ifdef BN_MUL_COMBA +#if defined(BN_MUL_COMBA) && !defined(OPENSSL_SMALL_FOOTPRINT) #undef bn_mul_comba8 #undef bn_mul_comba4 @@ -820,18 +827,134 @@ void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a) r[6]=c1; r[7]=c2; } + +#ifdef OPENSSL_NO_ASM +#ifdef OPENSSL_BN_ASM_MONT +#include +/* + * This is essentially reference implementation, which may or may not + * result in performance improvement. E.g. on IA-32 this routine was + * observed to give 40% faster rsa1024 private key operations and 10% + * faster rsa4096 ones, while on AMD64 it improves rsa1024 sign only + * by 10% and *worsens* rsa4096 sign by 15%. Once again, it's a + * reference implementation, one to be used as starting point for + * platform-specific assembler. Mentioned numbers apply to compiler + * generated code compiled with and without -DOPENSSL_BN_ASM_MONT and + * can vary not only from platform to platform, but even for compiler + * versions. Assembler vs. assembler improvement coefficients can + * [and are known to] differ and are to be documented elsewhere. + */ +int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0p, int num) + { + BN_ULONG c0,c1,ml,*tp,n0; +#ifdef mul64 + BN_ULONG mh; +#endif + volatile BN_ULONG *vp; + int i=0,j; + +#if 0 /* template for platform-specific implementation */ + if (ap==bp) return bn_sqr_mont(rp,ap,np,n0p,num); +#endif + vp = tp = alloca((num+2)*sizeof(BN_ULONG)); + + n0 = *n0p; + + c0 = 0; + ml = bp[0]; +#ifdef mul64 + mh = HBITS(ml); + ml = LBITS(ml); + for (j=0;j=np[num-1]) + { + c0 = bn_sub_words(rp,tp,np,num); + if (tp[num]!=0 || c0==0) + { + for(i=0;i +int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0p, int num) + { + BN_ULONG c0,c1,*tp,n0=*n0p; + volatile BN_ULONG *vp; + int i=0,j; + + vp = tp = alloca((num+2)*sizeof(BN_ULONG)); + + for(i=0;i<=num;i++) tp[i]=0; + + for(i=0;i=np[num-1]) + { + c0 = bn_sub_words(rp,tp,np,num); + if (tp[num]!=0 || c0==0) + { + for(i=0;imod, BN_FLG_CONSTTIME); ret->counter = BN_BLINDING_COUNTER; + CRYPTO_THREADID_current(&ret->tid); return(ret); err: if (ret != NULL) BN_BLINDING_free(ret); @@ -263,6 +267,7 @@ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ct return(ret); } +#ifndef OPENSSL_NO_DEPRECATED unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b) { return b->thread_id; @@ -272,6 +277,12 @@ void BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n) { b->thread_id = n; } +#endif + +CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *b) + { + return &b->tid; + } unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b) { @@ -284,7 +295,7 @@ void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags) } BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, - const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx, + const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx) diff --git a/src/lib/libcrypto/bn/bn_ctx.c b/src/lib/libcrypto/bn/bn_ctx.c index b3452f1a91..3f2256f675 100644 --- a/src/lib/libcrypto/bn/bn_ctx.c +++ b/src/lib/libcrypto/bn/bn_ctx.c @@ -161,7 +161,7 @@ static void ctxdbg(BN_CTX *ctx) fprintf(stderr,"(%08x): ", (unsigned int)ctx); while(bnidx < ctx->used) { - fprintf(stderr,"%02x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax); + fprintf(stderr,"%03x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax); if(!(bnidx % BN_CTX_POOL_SIZE)) item = item->next; } @@ -171,8 +171,8 @@ static void ctxdbg(BN_CTX *ctx) while(fpidx < stack->depth) { while(bnidx++ < stack->indexes[fpidx]) - fprintf(stderr," "); - fprintf(stderr,"^^ "); + fprintf(stderr," "); + fprintf(stderr,"^^^ "); bnidx++; fpidx++; } diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c index d6ddc9cbe3..802a43d642 100644 --- a/src/lib/libcrypto/bn/bn_div.c +++ b/src/lib/libcrypto/bn/bn_div.c @@ -229,7 +229,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, if (dv == NULL) res=BN_CTX_get(ctx); else res=dv; - if (sdiv == NULL || res == NULL) goto err; + if (sdiv == NULL || res == NULL || tmp == NULL || snum == NULL) + goto err; /* First we normalise the numbers */ norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); @@ -336,7 +337,7 @@ X) -> 0x%08X\n", t2 -= d1; } #else /* !BN_LLONG */ - BN_ULONG t2l,t2h,ql,qh; + BN_ULONG t2l,t2h; q=bn_div_words(n0,n1,d0); #ifdef BN_DEBUG_LEVITTE @@ -354,9 +355,12 @@ X) -> 0x%08X\n", t2l = d1 * q; t2h = BN_UMULT_HIGH(d1,q); #else + { + BN_ULONG ql, qh; t2l=LBITS(d1); t2h=HBITS(d1); ql =LBITS(q); qh =HBITS(q); mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */ + } #endif for (;;) @@ -560,7 +564,7 @@ X) -> 0x%08X\n", t2 -= d1; } #else /* !BN_LLONG */ - BN_ULONG t2l,t2h,ql,qh; + BN_ULONG t2l,t2h; q=bn_div_words(n0,n1,d0); #ifdef BN_DEBUG_LEVITTE @@ -578,9 +582,12 @@ X) -> 0x%08X\n", t2l = d1 * q; t2h = BN_UMULT_HIGH(d1,q); #else + { + BN_ULONG ql, qh; t2l=LBITS(d1); t2h=HBITS(d1); ql =LBITS(q); qh =HBITS(q); mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */ + } #endif for (;;) diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c index 70a33f0d93..d9b6c737fc 100644 --- a/src/lib/libcrypto/bn/bn_exp.c +++ b/src/lib/libcrypto/bn/bn_exp.c @@ -134,7 +134,8 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) rr = BN_CTX_get(ctx); else rr = r; - if ((v = BN_CTX_get(ctx)) == NULL) goto err; + v = BN_CTX_get(ctx); + if (rr == NULL || v == NULL) goto err; if (BN_copy(v,a) == NULL) goto err; bits=BN_num_bits(p); diff --git a/src/lib/libcrypto/bn/bn_gf2m.c b/src/lib/libcrypto/bn/bn_gf2m.c index ae642ccb39..527b0fa15b 100644 --- a/src/lib/libcrypto/bn/bn_gf2m.c +++ b/src/lib/libcrypto/bn/bn_gf2m.c @@ -121,74 +121,12 @@ static const BN_ULONG SQR_tb[16] = SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \ SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF] #endif -#ifdef SIXTEEN_BIT -#define SQR1(w) \ - SQR_tb[(w) >> 12 & 0xF] << 8 | SQR_tb[(w) >> 8 & 0xF] -#define SQR0(w) \ - SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF] -#endif -#ifdef EIGHT_BIT -#define SQR1(w) \ - SQR_tb[(w) >> 4 & 0xF] -#define SQR0(w) \ - SQR_tb[(w) & 15] -#endif /* Product of two polynomials a, b each with degree < BN_BITS2 - 1, * result is a polynomial r with degree < 2 * BN_BITS - 1 * The caller MUST ensure that the variables have the right amount * of space allocated. */ -#ifdef EIGHT_BIT -static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a, const BN_ULONG b) - { - register BN_ULONG h, l, s; - BN_ULONG tab[4], top1b = a >> 7; - register BN_ULONG a1, a2; - - a1 = a & (0x7F); a2 = a1 << 1; - - tab[0] = 0; tab[1] = a1; tab[2] = a2; tab[3] = a1^a2; - - s = tab[b & 0x3]; l = s; - s = tab[b >> 2 & 0x3]; l ^= s << 2; h = s >> 6; - s = tab[b >> 4 & 0x3]; l ^= s << 4; h ^= s >> 4; - s = tab[b >> 6 ]; l ^= s << 6; h ^= s >> 2; - - /* compensate for the top bit of a */ - - if (top1b & 01) { l ^= b << 7; h ^= b >> 1; } - - *r1 = h; *r0 = l; - } -#endif -#ifdef SIXTEEN_BIT -static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a, const BN_ULONG b) - { - register BN_ULONG h, l, s; - BN_ULONG tab[4], top1b = a >> 15; - register BN_ULONG a1, a2; - - a1 = a & (0x7FFF); a2 = a1 << 1; - - tab[0] = 0; tab[1] = a1; tab[2] = a2; tab[3] = a1^a2; - - s = tab[b & 0x3]; l = s; - s = tab[b >> 2 & 0x3]; l ^= s << 2; h = s >> 14; - s = tab[b >> 4 & 0x3]; l ^= s << 4; h ^= s >> 12; - s = tab[b >> 6 & 0x3]; l ^= s << 6; h ^= s >> 10; - s = tab[b >> 8 & 0x3]; l ^= s << 8; h ^= s >> 8; - s = tab[b >>10 & 0x3]; l ^= s << 10; h ^= s >> 6; - s = tab[b >>12 & 0x3]; l ^= s << 12; h ^= s >> 4; - s = tab[b >>14 ]; l ^= s << 14; h ^= s >> 2; - - /* compensate for the top bit of a */ - - if (top1b & 01) { l ^= b << 15; h ^= b >> 1; } - - *r1 = h; *r0 = l; - } -#endif #ifdef THIRTY_TWO_BIT static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a, const BN_ULONG b) { @@ -321,7 +259,7 @@ int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) /* Performs modular reduction of a and store result in r. r could be a. */ -int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]) +int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]) { int j, k; int n, dN, d0, d1; @@ -422,11 +360,11 @@ int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]) int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p) { int ret = 0; - const int max = BN_num_bits(p); - unsigned int *arr=NULL; + const int max = BN_num_bits(p) + 1; + int *arr=NULL; bn_check_top(a); bn_check_top(p); - if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err; + if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -444,7 +382,7 @@ err: /* Compute the product of two polynomials a and b, reduce modulo p, and store * the result in r. r could be a or b; a could be b. */ -int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsigned int p[], BN_CTX *ctx) +int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const int p[], BN_CTX *ctx) { int zlen, i, j, k, ret = 0; BIGNUM *s; @@ -500,12 +438,12 @@ err: int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx) { int ret = 0; - const int max = BN_num_bits(p); - unsigned int *arr=NULL; + const int max = BN_num_bits(p) + 1; + int *arr=NULL; bn_check_top(a); bn_check_top(b); bn_check_top(p); - if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err; + if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -521,7 +459,7 @@ err: /* Square a, reduce the result mod p, and store it in a. r could be a. */ -int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_CTX *ctx) +int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx) { int i, ret = 0; BIGNUM *s; @@ -556,12 +494,12 @@ err: int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { int ret = 0; - const int max = BN_num_bits(p); - unsigned int *arr=NULL; + const int max = BN_num_bits(p) + 1; + int *arr=NULL; bn_check_top(a); bn_check_top(p); - if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err; + if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -643,7 +581,7 @@ err: * function is only provided for convenience; for best performance, use the * BN_GF2m_mod_inv function. */ -int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const unsigned int p[], BN_CTX *ctx) +int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const int p[], BN_CTX *ctx) { BIGNUM *field; int ret = 0; @@ -769,7 +707,7 @@ err: * function is only provided for convenience; for best performance, use the * BN_GF2m_mod_div function. */ -int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx, const unsigned int p[], BN_CTX *ctx) +int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx, const int p[], BN_CTX *ctx) { BIGNUM *field; int ret = 0; @@ -794,7 +732,7 @@ err: * the result in r. r could be a. * Uses simple square-and-multiply algorithm A.5.1 from IEEE P1363. */ -int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsigned int p[], BN_CTX *ctx) +int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const int p[], BN_CTX *ctx) { int ret = 0, i, n; BIGNUM *u; @@ -840,12 +778,12 @@ err: int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx) { int ret = 0; - const int max = BN_num_bits(p); - unsigned int *arr=NULL; + const int max = BN_num_bits(p) + 1; + int *arr=NULL; bn_check_top(a); bn_check_top(b); bn_check_top(p); - if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err; + if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -863,7 +801,7 @@ err: * the result in r. r could be a. * Uses exponentiation as in algorithm A.4.1 from IEEE P1363. */ -int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_CTX *ctx) +int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx) { int ret = 0; BIGNUM *u; @@ -899,11 +837,11 @@ err: int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { int ret = 0; - const int max = BN_num_bits(p); - unsigned int *arr=NULL; + const int max = BN_num_bits(p) + 1; + int *arr=NULL; bn_check_top(a); bn_check_top(p); - if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err; + if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -920,10 +858,9 @@ err: /* Find r such that r^2 + r = a mod p. r could be a. If no r exists returns 0. * Uses algorithms A.4.7 and A.4.6 from IEEE P1363. */ -int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p[], BN_CTX *ctx) +int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], BN_CTX *ctx) { - int ret = 0, count = 0; - unsigned int j; + int ret = 0, count = 0, j; BIGNUM *a, *z, *rho, *w, *w2, *tmp; bn_check_top(a_); @@ -1018,11 +955,11 @@ err: int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { int ret = 0; - const int max = BN_num_bits(p); - unsigned int *arr=NULL; + const int max = BN_num_bits(p) + 1; + int *arr=NULL; bn_check_top(a); bn_check_top(p); - if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * + if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) @@ -1038,20 +975,17 @@ err: } /* Convert the bit-string representation of a polynomial - * ( \sum_{i=0}^n a_i * x^i , where a_0 is *not* zero) into an array - * of integers corresponding to the bits with non-zero coefficient. + * ( \sum_{i=0}^n a_i * x^i) into an array of integers corresponding + * to the bits with non-zero coefficient. Array is terminated with -1. * Up to max elements of the array will be filled. Return value is total - * number of coefficients that would be extracted if array was large enough. + * number of array elements that would be filled if array was large enough. */ -int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max) +int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max) { int i, j, k = 0; BN_ULONG mask; - if (BN_is_zero(a) || !BN_is_bit_set(a, 0)) - /* a_0 == 0 => return error (the unsigned int array - * must be terminated by 0) - */ + if (BN_is_zero(a)) return 0; for (i = a->top - 1; i >= 0; i--) @@ -1071,24 +1005,28 @@ int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max) } } + if (k < max) { + p[k] = -1; + k++; + } + return k; } /* Convert the coefficient array representation of a polynomial to a - * bit-string. The array must be terminated by 0. + * bit-string. The array must be terminated by -1. */ -int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a) +int BN_GF2m_arr2poly(const int p[], BIGNUM *a) { int i; bn_check_top(a); BN_zero(a); - for (i = 0; p[i] != 0; i++) + for (i = 0; p[i] != -1; i++) { if (BN_set_bit(a, p[i]) == 0) return 0; } - BN_set_bit(a, 0); bn_check_top(a); return 1; diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h index 27ac4397a1..8e5e98e3f2 100644 --- a/src/lib/libcrypto/bn/bn_lcl.h +++ b/src/lib/libcrypto/bn/bn_lcl.h @@ -255,7 +255,8 @@ extern "C" { : "r"(a), "r"(b)); \ ret; }) # endif /* compiler */ -# elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG) +# elif (defined(__x86_64) || defined(__x86_64__)) && \ + (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT)) # if defined(__GNUC__) # define BN_UMULT_HIGH(a,b) ({ \ register BN_ULONG ret,discard; \ diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c index 32a8fbaf51..5470fbe6ef 100644 --- a/src/lib/libcrypto/bn/bn_lib.c +++ b/src/lib/libcrypto/bn/bn_lib.c @@ -133,15 +133,34 @@ int BN_get_params(int which) const BIGNUM *BN_value_one(void) { - static BN_ULONG data_one=1L; - static BIGNUM const_one={&data_one,1,1,0,BN_FLG_STATIC_DATA}; + static const BN_ULONG data_one=1L; + static const BIGNUM const_one={(BN_ULONG *)&data_one,1,1,0,BN_FLG_STATIC_DATA}; return(&const_one); } +char *BN_options(void) + { + static int init=0; + static char data[16]; + + if (!init) + { + init++; +#ifdef BN_LLONG + BIO_snprintf(data,sizeof data,"bn(%d,%d)", + (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8); +#else + BIO_snprintf(data,sizeof data,"bn(%d,%d)", + (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8); +#endif + } + return(data); + } + int BN_num_bits_word(BN_ULONG l) { - static const char bits[256]={ + static const unsigned char bits[256]={ 0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4, 5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5, 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6, @@ -216,7 +235,7 @@ int BN_num_bits_word(BN_ULONG l) else #endif { -#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) +#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) if (l & 0xff00L) return(bits[(int)(l>>8)]+8); else @@ -744,7 +763,7 @@ int BN_is_bit_set(const BIGNUM *a, int n) i=n/BN_BITS2; j=n%BN_BITS2; if (a->top <= i) return 0; - return(((a->d[i])>>j)&((BN_ULONG)1)); + return (int)(((a->d[i])>>j)&((BN_ULONG)1)); } int BN_mask_bits(BIGNUM *a, int n) diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c index 4799b152dd..7224637ab3 100644 --- a/src/lib/libcrypto/bn/bn_mont.c +++ b/src/lib/libcrypto/bn/bn_mont.c @@ -122,26 +122,10 @@ #define MONT_WORD /* use the faster word-based algorithm */ -#if defined(MONT_WORD) && defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32) -/* This condition means we have a specific non-default build: - * In the 0.9.8 branch, OPENSSL_BN_ASM_MONT is normally not set for any - * BN_BITS2<=32 platform; an explicit "enable-montasm" is required. - * I.e., if we are here, the user intentionally deviates from the - * normal stable build to get better Montgomery performance from - * the 0.9.9-dev backport. - * - * In this case only, we also enable BN_from_montgomery_word() - * (another non-stable feature from 0.9.9-dev). - */ -#define MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD -#endif - -#ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD +#ifdef MONT_WORD static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont); #endif - - int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_MONT_CTX *mont, BN_CTX *ctx) { @@ -153,11 +137,7 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, if (num>1 && a->top==num && b->top==num) { if (bn_wexpand(r,num) == NULL) return(0); -#if 0 /* for OpenSSL 0.9.9 mont->n0 */ if (bn_mul_mont(r->d,a->d,b->d,mont->N.d,mont->n0,num)) -#else - if (bn_mul_mont(r->d,a->d,b->d,mont->N.d,&mont->n0,num)) -#endif { r->neg = a->neg^b->neg; r->top = num; @@ -181,7 +161,7 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, if (!BN_mul(tmp,a,b,ctx)) goto err; } /* reduce from aRR to aR */ -#ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD +#ifdef MONT_WORD if (!BN_from_montgomery_word(r,tmp,mont)) goto err; #else if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err; @@ -193,7 +173,7 @@ err: return(ret); } -#ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD +#ifdef MONT_WORD static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) { BIGNUM *n; @@ -217,15 +197,15 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) nrp= &(r->d[nl]); /* clear the top words of T */ +#if 1 for (i=r->top; id[i]=0; +#else + memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); +#endif r->top=max; -#if 0 /* for OpenSSL 0.9.9 mont->n0 */ n0=mont->n0[0]; -#else - n0=mont->n0; -#endif #ifdef BN_COUNT fprintf(stderr,"word BN_from_montgomery_word %d * %d\n",nl,nl); @@ -270,6 +250,8 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) } al=r->top-ri; +#define BRANCH_FREE 1 +#if BRANCH_FREE if (bn_wexpand(ret,ri) == NULL) return(0); x=0-(((al-ri)>>(sizeof(al)*8-1))&1); ret->top=x=(ri&~x)|(al&x); /* min(ri,al) */ @@ -317,164 +299,8 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) rp[i]=nrp[i], ap[i]=0; bn_correct_top(r); bn_correct_top(ret); - bn_check_top(ret); - - return(1); - } - -int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx) - { - int retn=0; - BIGNUM *t; - - BN_CTX_start(ctx); - if ((t = BN_CTX_get(ctx)) && BN_copy(t,a)) - retn = BN_from_montgomery_word(ret,t,mont); - BN_CTX_end(ctx); - return retn; - } - -#else /* !MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD */ - -int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx) - { - int retn=0; - -#ifdef MONT_WORD - BIGNUM *n,*r; - BN_ULONG *ap,*np,*rp,n0,v,*nrp; - int al,nl,max,i,x,ri; - - BN_CTX_start(ctx); - if ((r = BN_CTX_get(ctx)) == NULL) goto err; - - if (!BN_copy(r,a)) goto err; - n= &(mont->N); - - ap=a->d; - /* mont->ri is the size of mont->N in bits (rounded up - to the word size) */ - al=ri=mont->ri/BN_BITS2; - - nl=n->top; - if ((al == 0) || (nl == 0)) { r->top=0; return(1); } - - max=(nl+al+1); /* allow for overflow (no?) XXX */ - if (bn_wexpand(r,max) == NULL) goto err; - - r->neg=a->neg^n->neg; - np=n->d; - rp=r->d; - nrp= &(r->d[nl]); - - /* clear the top words of T */ -#if 1 - for (i=r->top; id[i]=0; #else - memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); -#endif - - r->top=max; - n0=mont->n0; - -#ifdef BN_COUNT - fprintf(stderr,"word BN_from_montgomery %d * %d\n",nl,nl); -#endif - for (i=0; i= v) - continue; - else - { - if (((++nrp[0])&BN_MASK2) != 0) continue; - if (((++nrp[1])&BN_MASK2) != 0) continue; - for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ; - } - } - bn_correct_top(r); - - /* mont->ri will be a multiple of the word size and below code - * is kind of BN_rshift(ret,r,mont->ri) equivalent */ - if (r->top <= ri) - { - ret->top=0; - retn=1; - goto err; - } - al=r->top-ri; - -# define BRANCH_FREE 1 -# if BRANCH_FREE - if (bn_wexpand(ret,ri) == NULL) goto err; - x=0-(((al-ri)>>(sizeof(al)*8-1))&1); - ret->top=x=(ri&~x)|(al&x); /* min(ri,al) */ - ret->neg=r->neg; - - rp=ret->d; - ap=&(r->d[ri]); - - { - size_t m1,m2; - - v=bn_sub_words(rp,ap,np,ri); - /* this ----------------^^ works even in alri) nrp=rp; else nrp=ap; */ - /* in other words if subtraction result is real, then - * trick unconditional memcpy below to perform in-place - * "refresh" instead of actual copy. */ - m1=0-(size_t)(((al-ri)>>(sizeof(al)*8-1))&1); /* al>(sizeof(al)*8-1))&1); /* al>ri */ - m1|=m2; /* (al!=ri) */ - m1|=(0-(size_t)v); /* (al!=ri || v) */ - m1&=~m2; /* (al!=ri || v) && !al>ri */ - nrp=(BN_ULONG *)(((size_t)rp&~m1)|((size_t)ap&m1)); - } - - /* 'itop=al; ret->neg=r->neg; @@ -497,8 +323,30 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, al+=4; for (; iN)) >= 0) + { + if (!BN_usub(ret,ret,&(mont->N))) return(0); + } +#endif + bn_check_top(ret); + + return(1); + } +#endif /* MONT_WORD */ + +int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, + BN_CTX *ctx) + { + int retn=0; +#ifdef MONT_WORD + BIGNUM *t; + + BN_CTX_start(ctx); + if ((t = BN_CTX_get(ctx)) && BN_copy(t,a)) + retn = BN_from_montgomery_word(ret,t,mont); + BN_CTX_end(ctx); +#else /* !MONT_WORD */ BIGNUM *t1,*t2; BN_CTX_start(ctx); @@ -515,21 +363,18 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, if (!BN_mul(t1,t2,&mont->N,ctx)) goto err; if (!BN_add(t2,a,t1)) goto err; if (!BN_rshift(ret,t2,mont->ri)) goto err; -#endif /* MONT_WORD */ -#if !defined(BRANCH_FREE) || BRANCH_FREE==0 if (BN_ucmp(ret, &(mont->N)) >= 0) { if (!BN_usub(ret,ret,&(mont->N))) goto err; } -#endif retn=1; bn_check_top(ret); err: BN_CTX_end(ctx); +#endif /* MONT_WORD */ return(retn); } -#endif /* MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD */ BN_MONT_CTX *BN_MONT_CTX_new(void) { @@ -549,11 +394,7 @@ void BN_MONT_CTX_init(BN_MONT_CTX *ctx) BN_init(&(ctx->RR)); BN_init(&(ctx->N)); BN_init(&(ctx->Ni)); -#if 0 /* for OpenSSL 0.9.9 mont->n0 */ ctx->n0[0] = ctx->n0[1] = 0; -#else - ctx->n0 = 0; -#endif ctx->flags=0; } @@ -585,26 +426,22 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) BIGNUM tmod; BN_ULONG buf[2]; - mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; - BN_zero(R); -#if 0 /* for OpenSSL 0.9.9 mont->n0, would be "#if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)", - only certain BN_BITS2<=32 platforms actually need this */ - if (!(BN_set_bit(R,2*BN_BITS2))) goto err; /* R */ -#else - if (!(BN_set_bit(R,BN_BITS2))) goto err; /* R */ -#endif - - buf[0]=mod->d[0]; /* tmod = N mod word size */ - buf[1]=0; - BN_init(&tmod); tmod.d=buf; - tmod.top = buf[0] != 0 ? 1 : 0; tmod.dmax=2; tmod.neg=0; -#if 0 /* for OpenSSL 0.9.9 mont->n0, would be "#if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)"; - only certain BN_BITS2<=32 platforms actually need this */ + mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; + +#if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32) + /* Only certain BN_BITS2<=32 platforms actually make use of + * n0[1], and we could use the #else case (with a shorter R + * value) for the others. However, currently only the assembler + * files do know which is which. */ + + BN_zero(R); + if (!(BN_set_bit(R,2*BN_BITS2))) goto err; + tmod.top=0; if ((buf[0] = mod->d[0])) tmod.top=1; if ((buf[1] = mod->top>1 ? mod->d[1] : 0)) tmod.top=2; @@ -632,6 +469,12 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0; mont->n0[1] = (Ri->top > 1) ? Ri->d[1] : 0; #else + BN_zero(R); + if (!(BN_set_bit(R,BN_BITS2))) goto err; /* R */ + + buf[0]=mod->d[0]; /* tmod = N mod word size */ + buf[1]=0; + tmod.top = buf[0] != 0 ? 1 : 0; /* Ri = R^-1 mod N*/ if ((BN_mod_inverse(Ri,R,&tmod,ctx)) == NULL) goto err; @@ -647,12 +490,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) if (!BN_div(Ri,NULL,Ri,&tmod,ctx)) goto err; /* Ni = (R*Ri-1)/N, * keep only least significant word: */ -# if 0 /* for OpenSSL 0.9.9 mont->n0 */ mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0; mont->n0[1] = 0; -# else - mont->n0 = (Ri->top > 0) ? Ri->d[0] : 0; -# endif #endif } #else /* !MONT_WORD */ @@ -689,12 +528,8 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) if (!BN_copy(&(to->N),&(from->N))) return NULL; if (!BN_copy(&(to->Ni),&(from->Ni))) return NULL; to->ri=from->ri; -#if 0 /* for OpenSSL 0.9.9 mont->n0 */ to->n0[0]=from->n0[0]; to->n0[1]=from->n0[1]; -#else - to->n0=from->n0; -#endif return(to); } diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c index b848c8cc60..a0e9ec3b46 100644 --- a/src/lib/libcrypto/bn/bn_mul.c +++ b/src/lib/libcrypto/bn/bn_mul.c @@ -1028,17 +1028,19 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) assert(j <= al || j <= bl); k = j+j; t = BN_CTX_get(ctx); + if (t == NULL) + goto err; if (al > j || bl > j) { - bn_wexpand(t,k*4); - bn_wexpand(rr,k*4); + if (bn_wexpand(t,k*4) == NULL) goto err; + if (bn_wexpand(rr,k*4) == NULL) goto err; bn_mul_part_recursive(rr->d,a->d,b->d, j,al-j,bl-j,t->d); } else /* al <= j || bl <= j */ { - bn_wexpand(t,k*2); - bn_wexpand(rr,k*2); + if (bn_wexpand(t,k*2) == NULL) goto err; + if (bn_wexpand(rr,k*2) == NULL) goto err; bn_mul_recursive(rr->d,a->d,b->d, j,al-j,bl-j,t->d); } diff --git a/src/lib/libcrypto/bn/bn_opt.c b/src/lib/libcrypto/bn/bn_opt.c deleted file mode 100644 index 21cbb38f62..0000000000 --- a/src/lib/libcrypto/bn/bn_opt.c +++ /dev/null @@ -1,87 +0,0 @@ -/* crypto/bn/bn_opt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef BN_DEBUG -# undef NDEBUG /* avoid conflicting definitions */ -# define NDEBUG -#endif - -#include -#include -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -char *BN_options(void) - { - static int init=0; - static char data[16]; - - if (!init) - { - init++; -#ifdef BN_LLONG - BIO_snprintf(data,sizeof data,"bn(%d,%d)", - (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8); -#else - BIO_snprintf(data,sizeof data,"bn(%d,%d)", - (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8); -#endif - } - return(data); - } diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c index 810dde34e1..bebb466d08 100644 --- a/src/lib/libcrypto/bn/bn_print.c +++ b/src/lib/libcrypto/bn/bn_print.c @@ -294,6 +294,27 @@ err: return(0); } +int BN_asc2bn(BIGNUM **bn, const char *a) + { + const char *p = a; + if (*p == '-') + p++; + + if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x')) + { + if (!BN_hex2bn(bn, p + 2)) + return 0; + } + else + { + if (!BN_dec2bn(bn, p)) + return 0; + } + if (*a == '-') + (*bn)->neg = 1; + return 1; + } + #ifndef OPENSSL_NO_BIO #ifndef OPENSSL_NO_FP_API int BN_print_fp(FILE *fp, const BIGNUM *a) diff --git a/src/lib/libcrypto/bn/bn_x931p.c b/src/lib/libcrypto/bn/bn_x931p.c deleted file mode 100644 index 04c5c874ec..0000000000 --- a/src/lib/libcrypto/bn/bn_x931p.c +++ /dev/null @@ -1,272 +0,0 @@ -/* bn_x931p.c */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2005. - */ -/* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -/* X9.31 routines for prime derivation */ - -/* X9.31 prime derivation. This is used to generate the primes pi - * (p1, p2, q1, q2) from a parameter Xpi by checking successive odd - * integers. - */ - -static int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx, - BN_GENCB *cb) - { - int i = 0; - if (!BN_copy(pi, Xpi)) - return 0; - if (!BN_is_odd(pi) && !BN_add_word(pi, 1)) - return 0; - for(;;) - { - i++; - BN_GENCB_call(cb, 0, i); - /* NB 27 MR is specificed in X9.31 */ - if (BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb)) - break; - if (!BN_add_word(pi, 2)) - return 0; - } - BN_GENCB_call(cb, 2, i); - return 1; - } - -/* This is the main X9.31 prime derivation function. From parameters - * Xp1, Xp2 and Xp derive the prime p. If the parameters p1 or p2 are - * not NULL they will be returned too: this is needed for testing. - */ - -int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, - const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, - const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb) - { - int ret = 0; - - BIGNUM *t, *p1p2, *pm1; - - /* Only even e supported */ - if (!BN_is_odd(e)) - return 0; - - BN_CTX_start(ctx); - if (!p1) - p1 = BN_CTX_get(ctx); - - if (!p2) - p2 = BN_CTX_get(ctx); - - t = BN_CTX_get(ctx); - - p1p2 = BN_CTX_get(ctx); - - pm1 = BN_CTX_get(ctx); - - if (!bn_x931_derive_pi(p1, Xp1, ctx, cb)) - goto err; - - if (!bn_x931_derive_pi(p2, Xp2, ctx, cb)) - goto err; - - if (!BN_mul(p1p2, p1, p2, ctx)) - goto err; - - /* First set p to value of Rp */ - - if (!BN_mod_inverse(p, p2, p1, ctx)) - goto err; - - if (!BN_mul(p, p, p2, ctx)) - goto err; - - if (!BN_mod_inverse(t, p1, p2, ctx)) - goto err; - - if (!BN_mul(t, t, p1, ctx)) - goto err; - - if (!BN_sub(p, p, t)) - goto err; - - if (p->neg && !BN_add(p, p, p1p2)) - goto err; - - /* p now equals Rp */ - - if (!BN_mod_sub(p, p, Xp, p1p2, ctx)) - goto err; - - if (!BN_add(p, p, Xp)) - goto err; - - /* p now equals Yp0 */ - - for (;;) - { - int i = 1; - BN_GENCB_call(cb, 0, i++); - if (!BN_copy(pm1, p)) - goto err; - if (!BN_sub_word(pm1, 1)) - goto err; - if (!BN_gcd(t, pm1, e, ctx)) - goto err; - if (BN_is_one(t) - /* X9.31 specifies 8 MR and 1 Lucas test or any prime test - * offering similar or better guarantees 50 MR is considerably - * better. - */ - && BN_is_prime_fasttest_ex(p, 50, ctx, 1, cb)) - break; - if (!BN_add(p, p, p1p2)) - goto err; - } - - BN_GENCB_call(cb, 3, 0); - - ret = 1; - - err: - - BN_CTX_end(ctx); - - return ret; - } - -/* Generate pair of paramters Xp, Xq for X9.31 prime generation. - * Note: nbits paramter is sum of number of bits in both. - */ - -int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx) - { - BIGNUM *t; - int i; - /* Number of bits for each prime is of the form - * 512+128s for s = 0, 1, ... - */ - if ((nbits < 1024) || (nbits & 0xff)) - return 0; - nbits >>= 1; - /* The random value Xp must be between sqrt(2) * 2^(nbits-1) and - * 2^nbits - 1. By setting the top two bits we ensure that the lower - * bound is exceeded. - */ - if (!BN_rand(Xp, nbits, 1, 0)) - return 0; - - BN_CTX_start(ctx); - t = BN_CTX_get(ctx); - - for (i = 0; i < 1000; i++) - { - if (!BN_rand(Xq, nbits, 1, 0)) - return 0; - /* Check that |Xp - Xq| > 2^(nbits - 100) */ - BN_sub(t, Xp, Xq); - if (BN_num_bits(t) > (nbits - 100)) - break; - } - - BN_CTX_end(ctx); - - if (i < 1000) - return 1; - - return 0; - - } - -/* Generate primes using X9.31 algorithm. Of the values p, p1, p2, Xp1 - * and Xp2 only 'p' needs to be non-NULL. If any of the others are not NULL - * the relevant parameter will be stored in it. - * - * Due to the fact that |Xp - Xq| > 2^(nbits - 100) must be satisfied Xp and Xq - * are generated using the previous function and supplied as input. - */ - -int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, - BIGNUM *Xp1, BIGNUM *Xp2, - const BIGNUM *Xp, - const BIGNUM *e, BN_CTX *ctx, - BN_GENCB *cb) - { - int ret = 0; - - BN_CTX_start(ctx); - if (!Xp1) - Xp1 = BN_CTX_get(ctx); - if (!Xp2) - Xp2 = BN_CTX_get(ctx); - - if (!BN_rand(Xp1, 101, 0, 0)) - goto error; - if (!BN_rand(Xp2, 101, 0, 0)) - goto error; - if (!BN_X931_derive_prime_ex(p, p1, p2, Xp, Xp1, Xp2, e, ctx, cb)) - goto error; - - ret = 1; - - error: - BN_CTX_end(ctx); - - return ret; - - } - diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c index cf190380f5..0cd99c5b4b 100644 --- a/src/lib/libcrypto/bn/bntest.c +++ b/src/lib/libcrypto/bn/bntest.c @@ -486,7 +486,7 @@ static void print_word(BIO *bp,BN_ULONG w) return; } #endif - BIO_printf(bp,"%lX",w); + BIO_printf(bp,BN_HEX_FMT1,w); } int test_div_word(BIO *bp) @@ -732,6 +732,8 @@ int test_mont(BIO *bp, BN_CTX *ctx) BN_init(&n); mont=BN_MONT_CTX_new(); + if (mont == NULL) + return 0; BN_bntest_rand(&a,100,0,0); /**/ BN_bntest_rand(&b,100,0,0); /**/ @@ -1027,7 +1029,7 @@ int test_exp(BIO *bp, BN_CTX *ctx) BN_bntest_rand(a,20+i*5,0,0); /**/ BN_bntest_rand(b,2+i,0,0); /**/ - if (!BN_exp(d,a,b,ctx)) + if (BN_exp(d,a,b,ctx) <= 0) return(0); if (bp != NULL) @@ -1116,8 +1118,8 @@ int test_gf2m_mod(BIO *bp) { BIGNUM *a,*b[2],*c,*d,*e; int i, j, ret = 0; - unsigned int p0[] = {163,7,6,3,0}; - unsigned int p1[] = {193,15,0}; + int p0[] = {163,7,6,3,0,-1}; + int p1[] = {193,15,0,-1}; a=BN_new(); b[0]=BN_new(); @@ -1174,8 +1176,8 @@ int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx) { BIGNUM *a,*b[2],*c,*d,*e,*f,*g,*h; int i, j, ret = 0; - unsigned int p0[] = {163,7,6,3,0}; - unsigned int p1[] = {193,15,0}; + int p0[] = {163,7,6,3,0,-1}; + int p1[] = {193,15,0,-1}; a=BN_new(); b[0]=BN_new(); @@ -1245,8 +1247,8 @@ int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx) { BIGNUM *a,*b[2],*c,*d; int i, j, ret = 0; - unsigned int p0[] = {163,7,6,3,0}; - unsigned int p1[] = {193,15,0}; + int p0[] = {163,7,6,3,0,-1}; + int p1[] = {193,15,0,-1}; a=BN_new(); b[0]=BN_new(); @@ -1304,8 +1306,8 @@ int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx) { BIGNUM *a,*b[2],*c,*d; int i, j, ret = 0; - unsigned int p0[] = {163,7,6,3,0}; - unsigned int p1[] = {193,15,0}; + int p0[] = {163,7,6,3,0,-1}; + int p1[] = {193,15,0,-1}; a=BN_new(); b[0]=BN_new(); @@ -1359,8 +1361,8 @@ int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx) { BIGNUM *a,*b[2],*c,*d,*e,*f; int i, j, ret = 0; - unsigned int p0[] = {163,7,6,3,0}; - unsigned int p1[] = {193,15,0}; + int p0[] = {163,7,6,3,0,-1}; + int p1[] = {193,15,0,-1}; a=BN_new(); b[0]=BN_new(); @@ -1422,8 +1424,8 @@ int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx) { BIGNUM *a,*b[2],*c,*d,*e,*f; int i, j, ret = 0; - unsigned int p0[] = {163,7,6,3,0}; - unsigned int p1[] = {193,15,0}; + int p0[] = {163,7,6,3,0,-1}; + int p1[] = {193,15,0,-1}; a=BN_new(); b[0]=BN_new(); @@ -1493,8 +1495,8 @@ int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx) { BIGNUM *a,*b[2],*c,*d,*e,*f; int i, j, ret = 0; - unsigned int p0[] = {163,7,6,3,0}; - unsigned int p1[] = {193,15,0}; + int p0[] = {163,7,6,3,0,-1}; + int p1[] = {193,15,0,-1}; a=BN_new(); b[0]=BN_new(); @@ -1552,8 +1554,8 @@ int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx) { BIGNUM *a,*b[2],*c,*d,*e; int i, j, s = 0, t, ret = 0; - unsigned int p0[] = {163,7,6,3,0}; - unsigned int p1[] = {193,15,0}; + int p0[] = {163,7,6,3,0,-1}; + int p1[] = {193,15,0,-1}; a=BN_new(); b[0]=BN_new(); diff --git a/src/lib/libcrypto/bn/exptest.c b/src/lib/libcrypto/bn/exptest.c index f598a07cf5..074a8e882a 100644 --- a/src/lib/libcrypto/bn/exptest.c +++ b/src/lib/libcrypto/bn/exptest.c @@ -163,7 +163,7 @@ int main(int argc, char *argv[]) { if (BN_cmp(r_simple,r_mont) != 0) printf("\nsimple and mont results differ\n"); - if (BN_cmp(r_simple,r_mont) != 0) + if (BN_cmp(r_simple,r_mont_const) != 0) printf("\nsimple and mont const time results differ\n"); if (BN_cmp(r_simple,r_recp) != 0) printf("\nsimple and recp results differ\n"); @@ -187,7 +187,7 @@ int main(int argc, char *argv[]) BN_free(b); BN_free(m); BN_CTX_free(ctx); - ERR_remove_state(0); + ERR_remove_thread_state(NULL); CRYPTO_mem_leaks(out); BIO_free(out); printf(" done\n"); diff --git a/src/lib/libcrypto/buffer/Makefile.ssl b/src/lib/libcrypto/buffer/Makefile.ssl deleted file mode 100644 index b131ca3078..0000000000 --- a/src/lib/libcrypto/buffer/Makefile.ssl +++ /dev/null @@ -1,94 +0,0 @@ -# -# SSLeay/crypto/buffer/Makefile -# - -DIR= buffer -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= buffer.c buf_err.c -LIBOBJ= buffer.o buf_err.o - -SRC= $(LIBSRC) - -EXHEADER= buffer.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -buf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -buf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -buf_err.o: ../../include/openssl/symhacks.h buf_err.c -buffer.o: ../../e_os.h ../../include/openssl/bio.h -buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -buffer.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -buffer.o: ../cryptlib.h buffer.c diff --git a/src/lib/libcrypto/buffer/buf_err.c b/src/lib/libcrypto/buffer/buf_err.c index 3e25bbe879..8f1de6192b 100644 --- a/src/lib/libcrypto/buffer/buf_err.c +++ b/src/lib/libcrypto/buffer/buf_err.c @@ -1,6 +1,6 @@ /* crypto/buffer/buf_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/src/lib/libcrypto/buffer/buf_str.c b/src/lib/libcrypto/buffer/buf_str.c deleted file mode 100644 index 28dd1e401e..0000000000 --- a/src/lib/libcrypto/buffer/buf_str.c +++ /dev/null @@ -1,116 +0,0 @@ -/* crypto/buffer/buf_str.c */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -char *BUF_strdup(const char *str) - { - if (str == NULL) return(NULL); - return BUF_strndup(str, strlen(str)); - } - -char *BUF_strndup(const char *str, size_t siz) - { - char *ret; - - if (str == NULL) return(NULL); - - ret=OPENSSL_malloc(siz+1); - if (ret == NULL) - { - BUFerr(BUF_F_BUF_STRNDUP,ERR_R_MALLOC_FAILURE); - return(NULL); - } - BUF_strlcpy(ret,str,siz+1); - return(ret); - } - -void *BUF_memdup(const void *data, size_t siz) - { - void *ret; - - if (data == NULL) return(NULL); - - ret=OPENSSL_malloc(siz); - if (ret == NULL) - { - BUFerr(BUF_F_BUF_MEMDUP,ERR_R_MALLOC_FAILURE); - return(NULL); - } - return memcpy(ret, data, siz); - } - -size_t BUF_strlcpy(char *dst, const char *src, size_t size) - { - size_t l = 0; - for(; size > 1 && *src; size--) - { - *dst++ = *src++; - l++; - } - if (size) - *dst = '\0'; - return l + strlen(src); - } - -size_t BUF_strlcat(char *dst, const char *src, size_t size) - { - size_t l = 0; - for(; size > 0 && *dst; size--, dst++) - l++; - return l + BUF_strlcpy(dst, src, size); - } diff --git a/src/lib/libcrypto/buffer/buffer.c b/src/lib/libcrypto/buffer/buffer.c index b3e947771d..620ea8d536 100644 --- a/src/lib/libcrypto/buffer/buffer.c +++ b/src/lib/libcrypto/buffer/buffer.c @@ -89,10 +89,10 @@ void BUF_MEM_free(BUF_MEM *a) OPENSSL_free(a); } -int BUF_MEM_grow(BUF_MEM *str, int len) +int BUF_MEM_grow(BUF_MEM *str, size_t len) { char *ret; - unsigned int n; + size_t n; if (str->length >= len) { @@ -125,10 +125,10 @@ int BUF_MEM_grow(BUF_MEM *str, int len) return(len); } -int BUF_MEM_grow_clean(BUF_MEM *str, int len) +int BUF_MEM_grow_clean(BUF_MEM *str, size_t len) { char *ret; - unsigned int n; + size_t n; if (str->length >= len) { @@ -161,3 +161,84 @@ int BUF_MEM_grow_clean(BUF_MEM *str, int len) } return(len); } + +char *BUF_strdup(const char *str) + { + if (str == NULL) return(NULL); + return BUF_strndup(str, strlen(str)); + } + +char *BUF_strndup(const char *str, size_t siz) + { + char *ret; + + if (str == NULL) return(NULL); + + ret=OPENSSL_malloc(siz+1); + if (ret == NULL) + { + BUFerr(BUF_F_BUF_STRNDUP,ERR_R_MALLOC_FAILURE); + return(NULL); + } + BUF_strlcpy(ret,str,siz+1); + return(ret); + } + +void *BUF_memdup(const void *data, size_t siz) + { + void *ret; + + if (data == NULL) return(NULL); + + ret=OPENSSL_malloc(siz); + if (ret == NULL) + { + BUFerr(BUF_F_BUF_MEMDUP,ERR_R_MALLOC_FAILURE); + return(NULL); + } + return memcpy(ret, data, siz); + } + +size_t BUF_strlcpy(char *dst, const char *src, size_t size) + { + size_t l = 0; + for(; size > 1 && *src; size--) + { + *dst++ = *src++; + l++; + } + if (size) + *dst = '\0'; + return l + strlen(src); + } + +size_t BUF_strlcat(char *dst, const char *src, size_t size) + { + size_t l = 0; + for(; size > 0 && *dst; size--, dst++) + l++; + return l + BUF_strlcpy(dst, src, size); + } + +void BUF_reverse(unsigned char *out, unsigned char *in, size_t size) + { + size_t i; + if (in) + { + out += size - 1; + for (i = 0; i < size; i++) + *in++ = *out--; + } + else + { + unsigned char *q; + char c; + q = out + size - 1; + for (i = 0; i < size/2; i++) + { + c = *q; + *q-- = *out; + *out++ = c; + } + } + } diff --git a/src/lib/libcrypto/buffer/buffer.h b/src/lib/libcrypto/buffer/buffer.h index 1db9607450..178e418282 100644 --- a/src/lib/libcrypto/buffer/buffer.h +++ b/src/lib/libcrypto/buffer/buffer.h @@ -76,18 +76,19 @@ extern "C" { struct buf_mem_st { - int length; /* current number of bytes */ + size_t length; /* current number of bytes */ char *data; - int max; /* size of buffer */ + size_t max; /* size of buffer */ }; BUF_MEM *BUF_MEM_new(void); void BUF_MEM_free(BUF_MEM *a); -int BUF_MEM_grow(BUF_MEM *str, int len); -int BUF_MEM_grow_clean(BUF_MEM *str, int len); +int BUF_MEM_grow(BUF_MEM *str, size_t len); +int BUF_MEM_grow_clean(BUF_MEM *str, size_t len); char * BUF_strdup(const char *str); char * BUF_strndup(const char *str, size_t siz); void * BUF_memdup(const void *data, size_t siz); +void BUF_reverse(unsigned char *out, unsigned char *in, size_t siz); /* safe string functions */ size_t BUF_strlcpy(char *dst,const char *src,size_t siz); diff --git a/src/lib/libcrypto/cast/Makefile.ssl b/src/lib/libcrypto/cast/Makefile.ssl deleted file mode 100644 index 98393a37ba..0000000000 --- a/src/lib/libcrypto/cast/Makefile.ssl +++ /dev/null @@ -1,120 +0,0 @@ -# -# SSLeay/crypto/cast/Makefile -# - -DIR= cast -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CAST_ENC=c_enc.o -# or use -#CAST_ENC=asm/cx86-elf.o -#CAST_ENC=asm/cx86-out.o -#CAST_ENC=asm/cx86-sol.o -#CAST_ENC=asm/cx86bdsi.o - -CFLAGS= $(INCLUDES) $(CFLAG) -ASFLAGS= $(INCLUDES) $(ASFLAG) - -GENERAL=Makefile -TEST=casttest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c -LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o - -SRC= $(LIBSRC) - -EXHEADER= cast.h -HEADER= cast_s.h cast_lcl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -# elf -asm/cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > cx86-elf.s) - -# a.out -asm/cx86-out.o: asm/cx86unix.cpp - $(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o - -# bsdi -asm/cx86bsdi.o: asm/cx86unix.cpp - $(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o - -asm/cx86unix.cpp: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) cast-586.pl cpp $(PROCESSOR) >cx86unix.cpp) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/cx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -c_cfb64.o: ../../e_os.h ../../include/openssl/cast.h -c_cfb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -c_cfb64.o: c_cfb64.c cast_lcl.h -c_ecb.o: ../../e_os.h ../../include/openssl/cast.h -c_ecb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -c_ecb.o: ../../include/openssl/opensslv.h c_ecb.c cast_lcl.h -c_enc.o: ../../e_os.h ../../include/openssl/cast.h -c_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -c_enc.o: c_enc.c cast_lcl.h -c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h -c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -c_ofb64.o: c_ofb64.c cast_lcl.h -c_skey.o: ../../e_os.h ../../include/openssl/cast.h -c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -c_skey.o: c_skey.c cast_lcl.h cast_s.h diff --git a/src/lib/libcrypto/cast/asm/cast-586.pl b/src/lib/libcrypto/cast/asm/cast-586.pl index 0ed55d1905..7a0083ecb8 100644 --- a/src/lib/libcrypto/cast/asm/cast-586.pl +++ b/src/lib/libcrypto/cast/asm/cast-586.pl @@ -3,7 +3,8 @@ # define for pentium pro friendly version $ppro=1; -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; require "cbc.pl"; diff --git a/src/lib/libcrypto/cast/c_cfb64.c b/src/lib/libcrypto/cast/c_cfb64.c index 514c005c32..dcec13a201 100644 --- a/src/lib/libcrypto/cast/c_cfb64.c +++ b/src/lib/libcrypto/cast/c_cfb64.c @@ -65,7 +65,7 @@ */ void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, CAST_KEY *schedule, unsigned char *ivec, + long length, const CAST_KEY *schedule, unsigned char *ivec, int *num, int enc) { register CAST_LONG v0,v1,t; @@ -119,4 +119,3 @@ void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out, v0=v1=ti[0]=ti[1]=t=c=cc=0; *num=n; } - diff --git a/src/lib/libcrypto/cast/c_ecb.c b/src/lib/libcrypto/cast/c_ecb.c index f2dc606226..b6a3b1fff9 100644 --- a/src/lib/libcrypto/cast/c_ecb.c +++ b/src/lib/libcrypto/cast/c_ecb.c @@ -63,7 +63,7 @@ const char CAST_version[]="CAST" OPENSSL_VERSION_PTEXT; void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, - CAST_KEY *ks, int enc) + const CAST_KEY *ks, int enc) { CAST_LONG l,d[2]; @@ -77,4 +77,3 @@ void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, l=d[1]; l2n(l,out); l=d[0]=d[1]=0; } - diff --git a/src/lib/libcrypto/cast/c_enc.c b/src/lib/libcrypto/cast/c_enc.c index e80f65b698..2ae54f5cfb 100644 --- a/src/lib/libcrypto/cast/c_enc.c +++ b/src/lib/libcrypto/cast/c_enc.c @@ -60,9 +60,10 @@ #include "cast_lcl.h" #ifndef OPENBSD_CAST_ASM -void CAST_encrypt(CAST_LONG *data, CAST_KEY *key) +void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key) { - register CAST_LONG l,r,*k,t; + register CAST_LONG l,r,t; + const register CAST_LONG *k; k= &(key->data[0]); l=data[0]; @@ -92,9 +93,10 @@ void CAST_encrypt(CAST_LONG *data, CAST_KEY *key) data[0]=r&0xffffffffL; } -void CAST_decrypt(CAST_LONG *data, CAST_KEY *key) +void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key) { - register CAST_LONG l,r,*k,t; + register CAST_LONG l,r,t; + const register CAST_LONG *k; k= &(key->data[0]); l=data[0]; @@ -126,7 +128,7 @@ void CAST_decrypt(CAST_LONG *data, CAST_KEY *key) #endif void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - CAST_KEY *ks, unsigned char *iv, int enc) + const CAST_KEY *ks, unsigned char *iv, int enc) { register CAST_LONG tin0,tin1; register CAST_LONG tout0,tout1,xor0,xor1; @@ -206,4 +208,3 @@ void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, tin0=tin1=tout0=tout1=xor0=xor1=0; tin[0]=tin[1]=0; } - diff --git a/src/lib/libcrypto/cast/c_ofb64.c b/src/lib/libcrypto/cast/c_ofb64.c index fd0469a62f..cb3222456c 100644 --- a/src/lib/libcrypto/cast/c_ofb64.c +++ b/src/lib/libcrypto/cast/c_ofb64.c @@ -64,7 +64,7 @@ * 64bit block we have used is contained in *num; */ void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, CAST_KEY *schedule, unsigned char *ivec, + long length, const CAST_KEY *schedule, unsigned char *ivec, int *num) { register CAST_LONG v0,v1,t; @@ -108,4 +108,3 @@ void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, t=v0=v1=ti[0]=ti[1]=0; *num=n; } - diff --git a/src/lib/libcrypto/cast/c_skey.c b/src/lib/libcrypto/cast/c_skey.c index 68e690a60c..76e40005c9 100644 --- a/src/lib/libcrypto/cast/c_skey.c +++ b/src/lib/libcrypto/cast/c_skey.c @@ -57,11 +57,6 @@ */ #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - #include "cast_lcl.h" #include "cast_s.h" @@ -77,7 +72,7 @@ #define S6 CAST_S_table6 #define S7 CAST_S_table7 -FIPS_NON_FIPS_VCIPHER_Init(CAST) +void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data) { CAST_LONG x[16]; CAST_LONG z[16]; diff --git a/src/lib/libcrypto/cast/cast.h b/src/lib/libcrypto/cast/cast.h index 1faf5806aa..1a264f8143 100644 --- a/src/lib/libcrypto/cast/cast.h +++ b/src/lib/libcrypto/cast/cast.h @@ -72,7 +72,7 @@ extern "C" { #define CAST_ENCRYPT 1 #define CAST_DECRYPT 0 -#define CAST_LONG unsigned long +#define CAST_LONG unsigned int #define CAST_BLOCK 8 #define CAST_KEY_LENGTH 16 @@ -83,21 +83,19 @@ typedef struct cast_key_st int short_key; /* Use reduced rounds for short key */ } CAST_KEY; -#ifdef OPENSSL_FIPS -void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); -#endif + void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); -void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, +void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key, int enc); -void CAST_encrypt(CAST_LONG *data,CAST_KEY *key); -void CAST_decrypt(CAST_LONG *data,CAST_KEY *key); +void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key); +void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key); void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - CAST_KEY *ks, unsigned char *iv, int enc); + const CAST_KEY *ks, unsigned char *iv, int enc); void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, CAST_KEY *schedule, unsigned char *ivec, + long length, const CAST_KEY *schedule, unsigned char *ivec, int *num, int enc); void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, CAST_KEY *schedule, unsigned char *ivec, + long length, const CAST_KEY *schedule, unsigned char *ivec, int *num); #ifdef __cplusplus diff --git a/src/lib/libcrypto/cms/cms_smime.c b/src/lib/libcrypto/cms/cms_smime.c index f35883aa22..4a799eb897 100644 --- a/src/lib/libcrypto/cms/cms_smime.c +++ b/src/lib/libcrypto/cms/cms_smime.c @@ -171,7 +171,7 @@ CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags) if (!cms) return NULL; - if (CMS_final(cms, in, NULL, flags)) + if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags)) return cms; CMS_ContentInfo_free(cms); @@ -214,10 +214,7 @@ CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, return NULL; if(!(flags & CMS_DETACHED)) - { - flags &= ~CMS_STREAM; CMS_set_detached(cms, 0); - } if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags)) return cms; @@ -269,10 +266,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, return NULL; if(!(flags & CMS_DETACHED)) - { - flags &= ~CMS_STREAM; CMS_set_detached(cms, 0); - } if ((flags & (CMS_STREAM|CMS_PARTIAL)) || CMS_final(cms, in, NULL, flags)) @@ -456,6 +450,7 @@ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, X509_STORE *store, unsigned int flags) { int r; + flags &= ~(CMS_DETACHED|CMS_TEXT); r = CMS_verify(rcms, certs, store, NULL, NULL, flags); if (r <= 0) return r; @@ -486,10 +481,7 @@ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, } if(!(flags & CMS_DETACHED)) - { - flags &= ~CMS_STREAM; CMS_set_detached(cms, 0); - } if ((flags & (CMS_STREAM|CMS_PARTIAL)) || CMS_final(cms, data, NULL, flags)) @@ -517,7 +509,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, BIO *rct_cont = NULL; int r = 0; - flags &= ~CMS_STREAM; + flags &= ~(CMS_STREAM|CMS_TEXT); /* Not really detached but avoids content being allocated */ flags |= CMS_PARTIAL|CMS_BINARY|CMS_DETACHED; if (!pkey || !signcert) @@ -598,10 +590,7 @@ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data, } if(!(flags & CMS_DETACHED)) - { - flags &= ~CMS_STREAM; CMS_set_detached(cms, 0); - } if ((flags & (CMS_STREAM|CMS_PARTIAL)) || CMS_final(cms, data, NULL, flags)) @@ -781,12 +770,9 @@ CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags) return NULL; if(!(flags & CMS_DETACHED)) - { - flags &= ~CMS_STREAM; CMS_set_detached(cms, 0); - } - if (CMS_final(cms, in, NULL, flags)) + if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags)) return cms; CMS_ContentInfo_free(cms); diff --git a/src/lib/libcrypto/comp/Makefile.ssl b/src/lib/libcrypto/comp/Makefile.ssl deleted file mode 100644 index f70ba1b285..0000000000 --- a/src/lib/libcrypto/comp/Makefile.ssl +++ /dev/null @@ -1,114 +0,0 @@ -# -# SSLeay/crypto/comp/Makefile -# - -DIR= comp -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= comp_lib.c comp_err.c \ - c_rle.c c_zlib.c - -LIBOBJ= comp_lib.o comp_err.o \ - c_rle.o c_zlib.o - -SRC= $(LIBSRC) - -EXHEADER= comp.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -c_rle.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -c_rle.o: ../../include/openssl/bn.h ../../include/openssl/comp.h -c_rle.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -c_rle.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_rle.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_rle.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -c_rle.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h c_rle.c -c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -c_zlib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h -c_zlib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -c_zlib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_zlib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_zlib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -c_zlib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -c_zlib.o: c_zlib.c -comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h -comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -comp_err.o: ../../include/openssl/opensslconf.h -comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -comp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -comp_err.o: comp_err.c -comp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -comp_lib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h -comp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -comp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -comp_lib.o: ../../include/openssl/opensslconf.h -comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -comp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -comp_lib.o: ../../include/openssl/symhacks.h comp_lib.c diff --git a/src/lib/libcrypto/comp/c_zlib.c b/src/lib/libcrypto/comp/c_zlib.c index 8df7792c50..8adf35f3fc 100644 --- a/src/lib/libcrypto/comp/c_zlib.c +++ b/src/lib/libcrypto/comp/c_zlib.c @@ -781,6 +781,7 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) default: ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; + } return ret; diff --git a/src/lib/libcrypto/comp/comp_err.c b/src/lib/libcrypto/comp/comp_err.c index 187d68b725..661c94c3a4 100644 --- a/src/lib/libcrypto/comp/comp_err.c +++ b/src/lib/libcrypto/comp/comp_err.c @@ -1,6 +1,6 @@ /* crypto/comp/comp_err.c */ /* ==================================================================== - * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/src/lib/libcrypto/conf/Makefile.ssl b/src/lib/libcrypto/conf/Makefile.ssl deleted file mode 100644 index c5873bc6e7..0000000000 --- a/src/lib/libcrypto/conf/Makefile.ssl +++ /dev/null @@ -1,183 +0,0 @@ -# -# SSLeay/crypto/conf/Makefile -# - -DIR= conf -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \ - conf_mall.c conf_sap.c - -LIBOBJ= conf_err.o conf_lib.o conf_api.o conf_def.o conf_mod.o \ - conf_mall.o conf_sap.o - -SRC= $(LIBSRC) - -EXHEADER= conf.h conf_api.h -HEADER= conf_def.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -conf_api.o: ../../e_os.h ../../include/openssl/bio.h -conf_api.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h -conf_api.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_api.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_api.o: conf_api.c -conf_def.o: ../../e_os.h ../../include/openssl/bio.h -conf_def.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -conf_def.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h -conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_def.o: ../cryptlib.h conf_def.c conf_def.h -conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h -conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -conf_err.o: ../../include/openssl/opensslconf.h -conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_err.o: conf_err.c -conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h -conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h -conf_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -conf_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_lib.o: conf_lib.c -conf_mall.o: ../../e_os.h ../../include/openssl/aes.h -conf_mall.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -conf_mall.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -conf_mall.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -conf_mall.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -conf_mall.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -conf_mall.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -conf_mall.o: ../../include/openssl/engine.h ../../include/openssl/err.h -conf_mall.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -conf_mall.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -conf_mall.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -conf_mall.o: ../../include/openssl/objects.h -conf_mall.o: ../../include/openssl/opensslconf.h -conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -conf_mall.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -conf_mall.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -conf_mall.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -conf_mall.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -conf_mall.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -conf_mall.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mall.c -conf_mod.o: ../../e_os.h ../../include/openssl/aes.h -conf_mod.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -conf_mod.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -conf_mod.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -conf_mod.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -conf_mod.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -conf_mod.o: ../../include/openssl/err.h ../../include/openssl/evp.h -conf_mod.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -conf_mod.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -conf_mod.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -conf_mod.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -conf_mod.o: ../../include/openssl/opensslconf.h -conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -conf_mod.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -conf_mod.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -conf_mod.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -conf_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_mod.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -conf_mod.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -conf_mod.o: ../cryptlib.h conf_mod.c -conf_sap.o: ../../e_os.h ../../include/openssl/aes.h -conf_sap.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -conf_sap.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -conf_sap.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -conf_sap.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -conf_sap.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -conf_sap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -conf_sap.o: ../../include/openssl/engine.h ../../include/openssl/err.h -conf_sap.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -conf_sap.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -conf_sap.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -conf_sap.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -conf_sap.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -conf_sap.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -conf_sap.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -conf_sap.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_sap.c diff --git a/src/lib/libcrypto/conf/README b/src/lib/libcrypto/conf/README index ca58d0240f..96e53b34ed 100644 --- a/src/lib/libcrypto/conf/README +++ b/src/lib/libcrypto/conf/README @@ -1,8 +1,3 @@ -WARNING WARNING WARNING!!! - -This stuff is experimental, may change radically or be deleted altogether -before OpenSSL 0.9.7 release. You have been warned! - Configuration modules. These are a set of modules which can perform various configuration functions. @@ -13,7 +8,7 @@ The routines read a configuration file set up like this: ----- #default section -openssl_init=init_section +openssl_conf=init_section [init_section] @@ -30,29 +25,27 @@ path=/some/path/to/some/dso.so other_stuff=other_value ---- -When this file is loaded a configuration module with the specified -string (module* in the above example) is looked up and its init -function called as: +When this file is loaded a configuration module with the specified string +(module* in the above example) is looked up and its init function called as: int conf_init_func(CONF_IMODULE *md, CONF *cnf); -The function can then take whatever action is appropriate, for example -further lookups based on the value. Multiple instances of the same -config module can be loaded. +The function can then take whatever action is appropriate, for example further +lookups based on the value. Multiple instances of the same config module can be +loaded. -When the application closes down the modules are cleaned up by calling -an optional finish function: +When the application closes down the modules are cleaned up by calling an +optional finish function: void conf_finish_func(CONF_IMODULE *md); The finish functions are called in reverse order: that is the last module loaded is the first one cleaned up. -If no module exists with a given name then an attempt is made to load -a DSO with the supplied name. This might mean that "module3" attempts -to load a DSO called libmodule3.so or module3.dll for example. An explicit -DSO name can be given by including a separate section as in the module4 example -above. +If no module exists with a given name then an attempt is made to load a DSO +with the supplied name. This might mean that "module3" attempts to load a DSO +called libmodule3.so or module3.dll for example. An explicit DSO name can be +given by including a separate section as in the module4 example above. The DSO is expected to at least contain an initialization function: @@ -64,15 +57,17 @@ void OPENSSL_finish(CONF_IMODULE *md); Static modules can also be added using, -int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func *ffunc); +int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func +*ffunc); -where "name" is the name in the configuration file this function corresponds to. +where "name" is the name in the configuration file this function corresponds +to. -A set of builtin modules (currently only an ASN1 non functional test module) can be -added by calling OPENSSL_load_builtin_modules(). +A set of builtin modules (currently only an ASN1 non functional test module) +can be added by calling OPENSSL_load_builtin_modules(). -The function OPENSSL_config() is intended as a simple configuration function that -any application can call to perform various default configuration tasks. It uses the -file openssl.cnf in the usual locations. +The function OPENSSL_config() is intended as a simple configuration function +that any application can call to perform various default configuration tasks. +It uses the file openssl.cnf in the usual locations. diff --git a/src/lib/libcrypto/conf/conf.h b/src/lib/libcrypto/conf/conf.h index 8aa06bc5ec..c2199978a3 100644 --- a/src/lib/libcrypto/conf/conf.h +++ b/src/lib/libcrypto/conf/conf.h @@ -79,8 +79,7 @@ typedef struct } CONF_VALUE; DECLARE_STACK_OF(CONF_VALUE) -DECLARE_STACK_OF(CONF_MODULE) -DECLARE_STACK_OF(CONF_IMODULE) +DECLARE_LHASH_OF(CONF_VALUE); struct conf_st; struct conf_method_st; @@ -105,6 +104,9 @@ struct conf_method_st typedef struct conf_imodule_st CONF_IMODULE; typedef struct conf_module_st CONF_MODULE; +DECLARE_STACK_OF(CONF_MODULE) +DECLARE_STACK_OF(CONF_IMODULE) + /* DSO module function typedefs */ typedef int conf_init_func(CONF_IMODULE *md, const CONF *cnf); typedef void conf_finish_func(CONF_IMODULE *md); @@ -117,18 +119,23 @@ typedef void conf_finish_func(CONF_IMODULE *md); #define CONF_MFLAGS_DEFAULT_SECTION 0x20 int CONF_set_default_method(CONF_METHOD *meth); -void CONF_set_nconf(CONF *conf,LHASH *hash); -LHASH *CONF_load(LHASH *conf,const char *file,long *eline); +void CONF_set_nconf(CONF *conf,LHASH_OF(CONF_VALUE) *hash); +LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf,const char *file, + long *eline); #ifndef OPENSSL_NO_FP_API -LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline); +LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp, + long *eline); #endif -LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline); -STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section); -char *CONF_get_string(LHASH *conf,const char *group,const char *name); -long CONF_get_number(LHASH *conf,const char *group,const char *name); -void CONF_free(LHASH *conf); -int CONF_dump_fp(LHASH *conf, FILE *out); -int CONF_dump_bio(LHASH *conf, BIO *out); +LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,long *eline); +STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf, + const char *section); +char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf,const char *group, + const char *name); +long CONF_get_number(LHASH_OF(CONF_VALUE) *conf,const char *group, + const char *name); +void CONF_free(LHASH_OF(CONF_VALUE) *conf); +int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out); +int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out); void OPENSSL_config(const char *config_name); void OPENSSL_no_config(void); @@ -140,7 +147,7 @@ struct conf_st { CONF_METHOD *meth; void *meth_data; - LHASH *data; + LHASH_OF(CONF_VALUE) *data; }; CONF *NCONF_new(CONF_METHOD *meth); @@ -214,6 +221,7 @@ void ERR_load_CONF_strings(void); #define CONF_F_CONF_LOAD_BIO 102 #define CONF_F_CONF_LOAD_FP 103 #define CONF_F_CONF_MODULES_LOAD 116 +#define CONF_F_CONF_PARSE_LIST 119 #define CONF_F_DEF_LOAD 120 #define CONF_F_DEF_LOAD_BIO 121 #define CONF_F_MODULE_INIT 115 @@ -233,6 +241,7 @@ void ERR_load_CONF_strings(void); /* Reason codes. */ #define CONF_R_ERROR_LOADING_DSO 110 +#define CONF_R_LIST_CANNOT_BE_NULL 115 #define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100 #define CONF_R_MISSING_EQUAL_SIGN 101 #define CONF_R_MISSING_FINISH_FUNCTION 111 diff --git a/src/lib/libcrypto/conf/conf_api.c b/src/lib/libcrypto/conf/conf_api.c index 909d72b4b8..22617e5fa1 100644 --- a/src/lib/libcrypto/conf/conf_api.c +++ b/src/lib/libcrypto/conf/conf_api.c @@ -69,16 +69,12 @@ #include #include "e_os.h" -static void value_free_hash(CONF_VALUE *a, LHASH *conf); -static void value_free_stack(CONF_VALUE *a,LHASH *conf); -static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE *, LHASH *) -static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_stack, CONF_VALUE *, LHASH *) -/* We don't use function pointer casting or wrapper functions - but cast each - * callback parameter inside the callback functions. */ -/* static unsigned long hash(CONF_VALUE *v); */ -static unsigned long hash(const void *v_void); -/* static int cmp_conf(CONF_VALUE *a,CONF_VALUE *b); */ -static int cmp_conf(const void *a_void,const void *b_void); +static void value_free_hash_doall_arg(CONF_VALUE *a, + LHASH_OF(CONF_VALUE) *conf); +static void value_free_stack_doall(CONF_VALUE *a); +static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE, + LHASH_OF(CONF_VALUE)) +static IMPLEMENT_LHASH_DOALL_FN(value_free_stack, CONF_VALUE) /* Up until OpenSSL 0.9.5a, this was get_section */ CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section) @@ -88,7 +84,7 @@ CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section) if ((conf == NULL) || (section == NULL)) return(NULL); vv.name=NULL; vv.section=(char *)section; - v=(CONF_VALUE *)lh_retrieve(conf->data,&vv); + v=lh_CONF_VALUE_retrieve(conf->data,&vv); return(v); } @@ -118,7 +114,7 @@ int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value) return 0; } - v = (CONF_VALUE *)lh_insert(conf->data, value); + v = lh_CONF_VALUE_insert(conf->data, value); if (v != NULL) { (void)sk_CONF_VALUE_delete_ptr(ts,v); @@ -141,24 +137,24 @@ char *_CONF_get_string(const CONF *conf, const char *section, const char *name) { vv.name=(char *)name; vv.section=(char *)section; - v=(CONF_VALUE *)lh_retrieve(conf->data,&vv); + v=lh_CONF_VALUE_retrieve(conf->data,&vv); if (v != NULL) return(v->value); if (strcmp(section,"ENV") == 0) { - p=Getenv(name); + p=getenv(name); if (p != NULL) return(p); } } vv.section="default"; vv.name=(char *)name; - v=(CONF_VALUE *)lh_retrieve(conf->data,&vv); + v=lh_CONF_VALUE_retrieve(conf->data,&vv); if (v != NULL) return(v->value); else return(NULL); } else - return(Getenv(name)); + return(getenv(name)); } #if 0 /* There's no way to provide error checking with this function, so @@ -182,6 +178,34 @@ long _CONF_get_number(CONF *conf, char *section, char *name) } #endif +static unsigned long conf_value_hash(const CONF_VALUE *v) + { + return (lh_strhash(v->section)<<2)^lh_strhash(v->name); + } +static IMPLEMENT_LHASH_HASH_FN(conf_value, CONF_VALUE) + +static int conf_value_cmp(const CONF_VALUE *a, const CONF_VALUE *b) + { + int i; + + if (a->section != b->section) + { + i=strcmp(a->section,b->section); + if (i) return(i); + } + + if ((a->name != NULL) && (b->name != NULL)) + { + i=strcmp(a->name,b->name); + return(i); + } + else if (a->name == b->name) + return(0); + else + return((a->name == NULL)?-1:1); + } +static IMPLEMENT_LHASH_COMP_FN(conf_value, CONF_VALUE) + int _CONF_new_data(CONF *conf) { if (conf == NULL) @@ -189,7 +213,7 @@ int _CONF_new_data(CONF *conf) return 0; } if (conf->data == NULL) - if ((conf->data = lh_new(hash, cmp_conf)) == NULL) + if ((conf->data = lh_CONF_VALUE_new()) == NULL) { return 0; } @@ -200,105 +224,73 @@ void _CONF_free_data(CONF *conf) { if (conf == NULL || conf->data == NULL) return; - conf->data->down_load=0; /* evil thing to make sure the 'OPENSSL_free()' - * works as expected */ - lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(value_free_hash), - conf->data); + lh_CONF_VALUE_down_load(conf->data)=0; /* evil thing to make + * sure the 'OPENSSL_free()' works as + * expected */ + lh_CONF_VALUE_doall_arg(conf->data, + LHASH_DOALL_ARG_FN(value_free_hash), + LHASH_OF(CONF_VALUE), conf->data); /* We now have only 'section' entries in the hash table. * Due to problems with */ - lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(value_free_stack), - conf->data); - lh_free(conf->data); + lh_CONF_VALUE_doall(conf->data, LHASH_DOALL_FN(value_free_stack)); + lh_CONF_VALUE_free(conf->data); } -static void value_free_hash(CONF_VALUE *a, LHASH *conf) +static void value_free_hash_doall_arg(CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf) { if (a->name != NULL) - { - a=(CONF_VALUE *)lh_delete(conf,a); - } + (void)lh_CONF_VALUE_delete(conf,a); } -static void value_free_stack(CONF_VALUE *a, LHASH *conf) +static void value_free_stack_doall(CONF_VALUE *a) { CONF_VALUE *vv; - STACK *sk; + STACK_OF(CONF_VALUE) *sk; int i; if (a->name != NULL) return; - sk=(STACK *)a->value; - for (i=sk_num(sk)-1; i>=0; i--) + sk=(STACK_OF(CONF_VALUE) *)a->value; + for (i=sk_CONF_VALUE_num(sk)-1; i>=0; i--) { - vv=(CONF_VALUE *)sk_value(sk,i); + vv=sk_CONF_VALUE_value(sk,i); OPENSSL_free(vv->value); OPENSSL_free(vv->name); OPENSSL_free(vv); } - if (sk != NULL) sk_free(sk); + if (sk != NULL) sk_CONF_VALUE_free(sk); OPENSSL_free(a->section); OPENSSL_free(a); } -/* static unsigned long hash(CONF_VALUE *v) */ -static unsigned long hash(const void *v_void) - { - CONF_VALUE *v = (CONF_VALUE *)v_void; - return((lh_strhash(v->section)<<2)^lh_strhash(v->name)); - } - -/* static int cmp_conf(CONF_VALUE *a, CONF_VALUE *b) */ -static int cmp_conf(const void *a_void,const void *b_void) - { - int i; - CONF_VALUE *a = (CONF_VALUE *)a_void; - CONF_VALUE *b = (CONF_VALUE *)b_void; - - if (a->section != b->section) - { - i=strcmp(a->section,b->section); - if (i) return(i); - } - - if ((a->name != NULL) && (b->name != NULL)) - { - i=strcmp(a->name,b->name); - return(i); - } - else if (a->name == b->name) - return(0); - else - return((a->name == NULL)?-1:1); - } - /* Up until OpenSSL 0.9.5a, this was new_section */ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section) { - STACK *sk=NULL; + STACK_OF(CONF_VALUE) *sk=NULL; int ok=0,i; CONF_VALUE *v=NULL,*vv; - if ((sk=sk_new_null()) == NULL) + if ((sk=sk_CONF_VALUE_new_null()) == NULL) goto err; - if ((v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL) + if ((v=OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL) goto err; i=strlen(section)+1; - if ((v->section=(char *)OPENSSL_malloc(i)) == NULL) + if ((v->section=OPENSSL_malloc(i)) == NULL) goto err; memcpy(v->section,section,i); v->name=NULL; v->value=(char *)sk; - vv=(CONF_VALUE *)lh_insert(conf->data,v); + vv=lh_CONF_VALUE_insert(conf->data,v); assert(vv == NULL); ok=1; err: if (!ok) { - if (sk != NULL) sk_free(sk); + if (sk != NULL) sk_CONF_VALUE_free(sk); if (v != NULL) OPENSSL_free(v); v=NULL; } diff --git a/src/lib/libcrypto/conf/conf_def.c b/src/lib/libcrypto/conf/conf_def.c index d8bce8732a..0b571b0394 100644 --- a/src/lib/libcrypto/conf/conf_def.c +++ b/src/lib/libcrypto/conf/conf_def.c @@ -129,7 +129,7 @@ static CONF *def_create(CONF_METHOD *meth) { CONF *ret; - ret = (CONF *)OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *)); + ret = OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *)); if (ret) if (meth->init(ret) == 0) { @@ -145,7 +145,7 @@ static int def_init_default(CONF *conf) return 0; conf->meth = &default_method; - conf->meth_data = (void *)CONF_type_default; + conf->meth_data = CONF_type_default; conf->data = NULL; return 1; @@ -722,7 +722,7 @@ static char *scan_dquote(CONF *conf, char *p) return(p); } -static void dump_value(CONF_VALUE *a, BIO *out) +static void dump_value_doall_arg(CONF_VALUE *a, BIO *out) { if (a->name) BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value); @@ -730,11 +730,12 @@ static void dump_value(CONF_VALUE *a, BIO *out) BIO_printf(out, "[[%s]]\n", a->section); } -static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE *, BIO *) +static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE, BIO) static int def_dump(const CONF *conf, BIO *out) { - lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value), out); + lh_CONF_VALUE_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value), + BIO, out); return 1; } diff --git a/src/lib/libcrypto/conf/conf_err.c b/src/lib/libcrypto/conf/conf_err.c index a16a5e0bd4..25bb5dc9aa 100644 --- a/src/lib/libcrypto/conf/conf_err.c +++ b/src/lib/libcrypto/conf/conf_err.c @@ -1,6 +1,6 @@ /* crypto/conf/conf_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -75,6 +75,7 @@ static ERR_STRING_DATA CONF_str_functs[]= {ERR_FUNC(CONF_F_CONF_LOAD_BIO), "CONF_load_bio"}, {ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"}, {ERR_FUNC(CONF_F_CONF_MODULES_LOAD), "CONF_modules_load"}, +{ERR_FUNC(CONF_F_CONF_PARSE_LIST), "CONF_parse_list"}, {ERR_FUNC(CONF_F_DEF_LOAD), "DEF_LOAD"}, {ERR_FUNC(CONF_F_DEF_LOAD_BIO), "DEF_LOAD_BIO"}, {ERR_FUNC(CONF_F_MODULE_INIT), "MODULE_INIT"}, @@ -97,6 +98,7 @@ static ERR_STRING_DATA CONF_str_functs[]= static ERR_STRING_DATA CONF_str_reasons[]= { {ERR_REASON(CONF_R_ERROR_LOADING_DSO) ,"error loading dso"}, +{ERR_REASON(CONF_R_LIST_CANNOT_BE_NULL) ,"list cannot be null"}, {ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET),"missing close square bracket"}, {ERR_REASON(CONF_R_MISSING_EQUAL_SIGN) ,"missing equal sign"}, {ERR_REASON(CONF_R_MISSING_FINISH_FUNCTION),"missing finish function"}, diff --git a/src/lib/libcrypto/conf/conf_lib.c b/src/lib/libcrypto/conf/conf_lib.c index 2a3399d269..54046defca 100644 --- a/src/lib/libcrypto/conf/conf_lib.c +++ b/src/lib/libcrypto/conf/conf_lib.c @@ -69,7 +69,7 @@ static CONF_METHOD *default_CONF_method=NULL; /* Init a 'CONF' structure from an old LHASH */ -void CONF_set_nconf(CONF *conf, LHASH *hash) +void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash) { if (default_CONF_method == NULL) default_CONF_method = NCONF_default(); @@ -87,9 +87,10 @@ int CONF_set_default_method(CONF_METHOD *meth) return 1; } -LHASH *CONF_load(LHASH *conf, const char *file, long *eline) +LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file, + long *eline) { - LHASH *ltmp; + LHASH_OF(CONF_VALUE) *ltmp; BIO *in=NULL; #ifdef OPENSSL_SYS_VMS @@ -110,10 +111,11 @@ LHASH *CONF_load(LHASH *conf, const char *file, long *eline) } #ifndef OPENSSL_NO_FP_API -LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline) +LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp, + long *eline) { BIO *btmp; - LHASH *ltmp; + LHASH_OF(CONF_VALUE) *ltmp; if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) { CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB); return NULL; @@ -124,7 +126,8 @@ LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline) } #endif -LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline) +LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp, + long *eline) { CONF ctmp; int ret; @@ -137,7 +140,8 @@ LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline) return NULL; } -STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section) +STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf, + const char *section) { if (conf == NULL) { @@ -151,7 +155,8 @@ STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section) } } -char *CONF_get_string(LHASH *conf,const char *group,const char *name) +char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf,const char *group, + const char *name) { if (conf == NULL) { @@ -165,7 +170,8 @@ char *CONF_get_string(LHASH *conf,const char *group,const char *name) } } -long CONF_get_number(LHASH *conf,const char *group,const char *name) +long CONF_get_number(LHASH_OF(CONF_VALUE) *conf,const char *group, + const char *name) { int status; long result = 0; @@ -189,7 +195,7 @@ long CONF_get_number(LHASH *conf,const char *group,const char *name) return result; } -void CONF_free(LHASH *conf) +void CONF_free(LHASH_OF(CONF_VALUE) *conf) { CONF ctmp; CONF_set_nconf(&ctmp, conf); @@ -197,7 +203,7 @@ void CONF_free(LHASH *conf) } #ifndef OPENSSL_NO_FP_API -int CONF_dump_fp(LHASH *conf, FILE *out) +int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out) { BIO *btmp; int ret; @@ -212,7 +218,7 @@ int CONF_dump_fp(LHASH *conf, FILE *out) } #endif -int CONF_dump_bio(LHASH *conf, BIO *out) +int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out) { CONF ctmp; CONF_set_nconf(&ctmp, conf); diff --git a/src/lib/libcrypto/conf/conf_mall.c b/src/lib/libcrypto/conf/conf_mall.c index 1cc1fd5534..c6f4cb2d55 100644 --- a/src/lib/libcrypto/conf/conf_mall.c +++ b/src/lib/libcrypto/conf/conf_mall.c @@ -63,7 +63,6 @@ #include #include #include -#include #ifndef OPENSSL_NO_ENGINE #include #endif @@ -77,6 +76,5 @@ void OPENSSL_load_builtin_modules(void) #ifndef OPENSSL_NO_ENGINE ENGINE_add_conf_module(); #endif - EVP_add_alg_module(); } diff --git a/src/lib/libcrypto/conf/conf_mod.c b/src/lib/libcrypto/conf/conf_mod.c index ee9c677d9b..df1642a0a5 100644 --- a/src/lib/libcrypto/conf/conf_mod.c +++ b/src/lib/libcrypto/conf/conf_mod.c @@ -582,8 +582,14 @@ int CONF_parse_list(const char *list_, int sep, int nospc, { int ret; const char *lstart, *tmpend, *p; - lstart = list_; + if(list_ == NULL) + { + CONFerr(CONF_F_CONF_PARSE_LIST, CONF_R_LIST_CANNOT_BE_NULL); + return 0; + } + + lstart = list_; for(;;) { if (nospc) diff --git a/src/lib/libcrypto/cpt_err.c b/src/lib/libcrypto/cpt_err.c index 9fd41fff8c..139b9284e4 100644 --- a/src/lib/libcrypto/cpt_err.c +++ b/src/lib/libcrypto/cpt_err.c @@ -1,6 +1,6 @@ /* crypto/cpt_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/src/lib/libcrypto/cryptlib.c b/src/lib/libcrypto/cryptlib.c index 8f9e88e403..b4449b86d6 100644 --- a/src/lib/libcrypto/cryptlib.c +++ b/src/lib/libcrypto/cryptlib.c @@ -1,6 +1,6 @@ /* crypto/cryptlib.c */ /* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -121,17 +121,279 @@ static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */ #endif +DECLARE_STACK_OF(CRYPTO_dynlock) + +/* real #defines in crypto.h, keep these upto date */ +static const char* const lock_names[CRYPTO_NUM_LOCKS] = + { + "<>", + "err", + "ex_data", + "x509", + "x509_info", + "x509_pkey", + "x509_crl", + "x509_req", + "dsa", + "rsa", + "evp_pkey", + "x509_store", + "ssl_ctx", + "ssl_cert", + "ssl_session", + "ssl_sess_cert", + "ssl", + "ssl_method", + "rand", + "rand2", + "debug_malloc", + "BIO", + "gethostbyname", + "getservbyname", + "readdir", + "RSA_blinding", + "dh", + "debug_malloc2", + "dso", + "dynlock", + "engine", + "ui", + "ecdsa", + "ec", + "ecdh", + "bn", + "ec_pre_comp", + "store", + "comp", + "fips", + "fips2", +#if CRYPTO_NUM_LOCKS != 41 +# error "Inconsistency between crypto.h and cryptlib.c" +#endif + }; + +/* This is for applications to allocate new type names in the non-dynamic + array of lock names. These are numbered with positive numbers. */ +static STACK_OF(OPENSSL_STRING) *app_locks=NULL; + +/* For applications that want a more dynamic way of handling threads, the + following stack is used. These are externally numbered with negative + numbers. */ +static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL; + + static void (MS_FAR *locking_callback)(int mode,int type, - const char *file,int line)=NULL; + const char *file,int line)=0; static int (MS_FAR *add_lock_callback)(int *pointer,int amount, - int type,const char *file,int line)=NULL; -static unsigned long (MS_FAR *id_callback)(void)=NULL; + int type,const char *file,int line)=0; +#ifndef OPENSSL_NO_DEPRECATED +static unsigned long (MS_FAR *id_callback)(void)=0; +#endif +static void (MS_FAR *threadid_callback)(CRYPTO_THREADID *)=0; +static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback) + (const char *file,int line)=0; +static void (MS_FAR *dynlock_lock_callback)(int mode, + struct CRYPTO_dynlock_value *l, const char *file,int line)=0; +static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l, + const char *file,int line)=0; + +int CRYPTO_get_new_lockid(char *name) + { + char *str; + int i; + +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) + /* A hack to make Visual C++ 5.0 work correctly when linking as + * a DLL using /MT. Without this, the application cannot use + * any floating point printf's. + * It also seems to be needed for Visual C 1.5 (win16) */ + SSLeay_MSVC5_hack=(double)name[0]*(double)name[1]; +#endif + + if ((app_locks == NULL) && ((app_locks=sk_OPENSSL_STRING_new_null()) == NULL)) + { + CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); + return(0); + } + if ((str=BUF_strdup(name)) == NULL) + { + CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); + return(0); + } + i=sk_OPENSSL_STRING_push(app_locks,str); + if (!i) + OPENSSL_free(str); + else + i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */ + return(i); + } int CRYPTO_num_locks(void) { return CRYPTO_NUM_LOCKS; } +int CRYPTO_get_new_dynlockid(void) + { + int i = 0; + CRYPTO_dynlock *pointer = NULL; + + if (dynlock_create_callback == NULL) + { + CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK); + return(0); + } + CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); + if ((dyn_locks == NULL) + && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL)) + { + CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); + CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); + return(0); + } + CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); + + pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock)); + if (pointer == NULL) + { + CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); + return(0); + } + pointer->references = 1; + pointer->data = dynlock_create_callback(__FILE__,__LINE__); + if (pointer->data == NULL) + { + OPENSSL_free(pointer); + CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); + return(0); + } + + CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); + /* First, try to find an existing empty slot */ + i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); + /* If there was none, push, thereby creating a new one */ + if (i == -1) + /* Since sk_push() returns the number of items on the + stack, not the location of the pushed item, we need + to transform the returned number into a position, + by decreasing it. */ + i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1; + else + /* If we found a place with a NULL pointer, put our pointer + in it. */ + (void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); + CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); + + if (i == -1) + { + dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); + OPENSSL_free(pointer); + } + else + i += 1; /* to avoid 0 */ + return -i; + } + +void CRYPTO_destroy_dynlockid(int i) + { + CRYPTO_dynlock *pointer = NULL; + if (i) + i = -i-1; + if (dynlock_destroy_callback == NULL) + return; + + CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); + + if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks)) + { + CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); + return; + } + pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); + if (pointer != NULL) + { + --pointer->references; +#ifdef REF_CHECK + if (pointer->references < 0) + { + fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n"); + abort(); + } + else +#endif + if (pointer->references <= 0) + { + (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL); + } + else + pointer = NULL; + } + CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); + + if (pointer) + { + dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); + OPENSSL_free(pointer); + } + } + +struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i) + { + CRYPTO_dynlock *pointer = NULL; + if (i) + i = -i-1; + + CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); + + if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks)) + pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); + if (pointer) + pointer->references++; + + CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); + + if (pointer) + return pointer->data; + return NULL; + } + +struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void)) + (const char *file,int line) + { + return(dynlock_create_callback); + } + +void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, + struct CRYPTO_dynlock_value *l, const char *file,int line) + { + return(dynlock_lock_callback); + } + +void (*CRYPTO_get_dynlock_destroy_callback(void)) + (struct CRYPTO_dynlock_value *l, const char *file,int line) + { + return(dynlock_destroy_callback); + } + +void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func) + (const char *file, int line)) + { + dynlock_create_callback=func; + } + +void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode, + struct CRYPTO_dynlock_value *l, const char *file, int line)) + { + dynlock_lock_callback=func; + } + +void CRYPTO_set_dynlock_destroy_callback(void (*func) + (struct CRYPTO_dynlock_value *l, const char *file, int line)) + { + dynlock_destroy_callback=func; + } + + void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file, int line) { @@ -156,6 +418,108 @@ void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type, add_lock_callback=func; } +/* the memset() here and in set_pointer() seem overkill, but for the sake of + * CRYPTO_THREADID_cmp() this avoids any platform silliness that might cause two + * "equal" THREADID structs to not be memcmp()-identical. */ +void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val) + { + memset(id, 0, sizeof(*id)); + id->val = val; + } + +static const unsigned char hash_coeffs[] = { 3, 5, 7, 11, 13, 17, 19, 23 }; +void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr) + { + unsigned char *dest = (void *)&id->val; + unsigned int accum = 0; + unsigned char dnum = sizeof(id->val); + + memset(id, 0, sizeof(*id)); + id->ptr = ptr; + if (sizeof(id->val) >= sizeof(id->ptr)) + { + /* 'ptr' can be embedded in 'val' without loss of uniqueness */ + id->val = (unsigned long)id->ptr; + return; + } + /* hash ptr ==> val. Each byte of 'val' gets the mod-256 total of a + * linear function over the bytes in 'ptr', the co-efficients of which + * are a sequence of low-primes (hash_coeffs is an 8-element cycle) - + * the starting prime for the sequence varies for each byte of 'val' + * (unique polynomials unless pointers are >64-bit). For added spice, + * the totals accumulate rather than restarting from zero, and the index + * of the 'val' byte is added each time (position dependence). If I was + * a black-belt, I'd scan big-endian pointers in reverse to give + * low-order bits more play, but this isn't crypto and I'd prefer nobody + * mistake it as such. Plus I'm lazy. */ + while (dnum--) + { + const unsigned char *src = (void *)&id->ptr; + unsigned char snum = sizeof(id->ptr); + while (snum--) + accum += *(src++) * hash_coeffs[(snum + dnum) & 7]; + accum += dnum; + *(dest++) = accum & 255; + } + } + +int CRYPTO_THREADID_set_callback(void (*func)(CRYPTO_THREADID *)) + { + if (threadid_callback) + return 0; + threadid_callback = func; + return 1; + } + +void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *) + { + return threadid_callback; + } + +void CRYPTO_THREADID_current(CRYPTO_THREADID *id) + { + if (threadid_callback) + { + threadid_callback(id); + return; + } +#ifndef OPENSSL_NO_DEPRECATED + /* If the deprecated callback was set, fall back to that */ + if (id_callback) + { + CRYPTO_THREADID_set_numeric(id, id_callback()); + return; + } +#endif + /* Else pick a backup */ +#ifdef OPENSSL_SYS_WIN16 + CRYPTO_THREADID_set_numeric(id, (unsigned long)GetCurrentTask()); +#elif defined(OPENSSL_SYS_WIN32) + CRYPTO_THREADID_set_numeric(id, (unsigned long)GetCurrentThreadId()); +#elif defined(OPENSSL_SYS_BEOS) + CRYPTO_THREADID_set_numeric(id, (unsigned long)find_thread(NULL)); +#else + /* For everything else, default to using the address of 'errno' */ + CRYPTO_THREADID_set_pointer(id, &errno); +#endif + } + +int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b) + { + return memcmp(a, b, sizeof(*a)); + } + +void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src) + { + memcpy(dest, src, sizeof(*src)); + } + +unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id) + { + return id->val; + } + +#ifndef OPENSSL_NO_DEPRECATED unsigned long (*CRYPTO_get_id_callback(void))(void) { return(id_callback); @@ -178,6 +542,8 @@ unsigned long CRYPTO_thread_id(void) ret=(unsigned long)GetCurrentThreadId(); #elif defined(GETPID_IS_MEANINGLESS) ret=1L; +#elif defined(OPENSSL_SYS_BEOS) + ret=(unsigned long)find_thread(NULL); #else ret=(unsigned long)getpid(); #endif @@ -186,19 +552,13 @@ unsigned long CRYPTO_thread_id(void) ret=id_callback(); return(ret); } - -static void (*do_dynlock_cb)(int mode, int type, const char *file, int line); - -void int_CRYPTO_set_do_dynlock_callback( - void (*dyn_cb)(int mode, int type, const char *file, int line)) - { - do_dynlock_cb = dyn_cb; - } +#endif void CRYPTO_lock(int mode, int type, const char *file, int line) { #ifdef LOCK_DEBUG { + CRYPTO_THREADID id; char *rw_text,*operation_text; if (mode & CRYPTO_LOCK) @@ -215,15 +575,25 @@ void CRYPTO_lock(int mode, int type, const char *file, int line) else rw_text="ERROR"; + CRYPTO_THREADID_current(&id); fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n", - CRYPTO_thread_id(), rw_text, operation_text, + CRYPTO_THREADID_hash(&id), rw_text, operation_text, CRYPTO_get_lock_name(type), file, line); } #endif if (type < 0) { - if (do_dynlock_cb) - do_dynlock_cb(mode, type, file, line); + if (dynlock_lock_callback != NULL) + { + struct CRYPTO_dynlock_value *pointer + = CRYPTO_get_dynlock_value(type); + + OPENSSL_assert(pointer != NULL); + + dynlock_lock_callback(mode, pointer, file, line); + + CRYPTO_destroy_dynlockid(type); + } } else if (locking_callback != NULL) @@ -243,11 +613,14 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, ret=add_lock_callback(pointer,amount,type,file,line); #ifdef LOCK_DEBUG + { + CRYPTO_THREADID id; + CRYPTO_THREADID_current(&id); fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n", - CRYPTO_thread_id(), - before,amount,ret, + CRYPTO_THREADID_hash(&id), before,amount,ret, CRYPTO_get_lock_name(type), file,line); + } #endif } else @@ -256,11 +629,15 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, ret= *pointer+amount; #ifdef LOCK_DEBUG + { + CRYPTO_THREADID id; + CRYPTO_THREADID_current(&id); fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n", - CRYPTO_thread_id(), + CRYPTO_THREADID_hash(&id), *pointer,amount,ret, CRYPTO_get_lock_name(type), file,line); + } #endif *pointer=ret; CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line); @@ -268,6 +645,18 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, return(ret); } +const char *CRYPTO_get_lock_name(int type) + { + if (type < 0) + return("dynamic"); + else if (type < CRYPTO_NUM_LOCKS) + return(lock_names[type]); + else if (type-CRYPTO_NUM_LOCKS > sk_OPENSSL_STRING_num(app_locks)) + return("ERROR"); + else + return(sk_OPENSSL_STRING_value(app_locks,type-CRYPTO_NUM_LOCKS)); + } + #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ defined(__INTEL__) || \ defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64) @@ -301,70 +690,16 @@ void OPENSSL_cpuid_setup(void) unsigned long *OPENSSL_ia32cap_loc(void) { return NULL; } #endif int OPENSSL_NONPIC_relocated = 0; -#if !defined(OPENSSL_CPUID_SETUP) +#if !defined(OPENSSL_CPUID_SETUP) && !defined(OPENSSL_CPUID_OBJ) void OPENSSL_cpuid_setup(void) {} #endif #if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL) - -#ifdef OPENSSL_FIPS - -#include -#if defined(__GNUC__) && __GNUC__>=2 -static int DllInit(void) __attribute__((constructor)); -#elif defined(_MSC_VER) -static int DllInit(void); -# ifdef _WIN64 -# pragma section(".CRT$XCU",read) - __declspec(allocate(".CRT$XCU")) -# else -# pragma data_seg(".CRT$XCU") -# endif - static int (*p)(void) = DllInit; -# pragma data_seg() -#endif - -static int DllInit(void) -{ -#if defined(_WIN32_WINNT) - union { int(*f)(void); BYTE *p; } t = { DllInit }; - HANDLE hModuleSnap = INVALID_HANDLE_VALUE; - IMAGE_DOS_HEADER *dos_header; - IMAGE_NT_HEADERS *nt_headers; - MODULEENTRY32 me32 = {sizeof(me32)}; - - hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,0); - if (hModuleSnap != INVALID_HANDLE_VALUE && - Module32First(hModuleSnap,&me32)) do - { - if (t.p >= me32.modBaseAddr && - t.p < me32.modBaseAddr+me32.modBaseSize) - { - dos_header=(IMAGE_DOS_HEADER *)me32.modBaseAddr; - if (dos_header->e_magic==IMAGE_DOS_SIGNATURE) - { - nt_headers=(IMAGE_NT_HEADERS *) - ((BYTE *)dos_header+dos_header->e_lfanew); - if (nt_headers->Signature==IMAGE_NT_SIGNATURE && - me32.modBaseAddr!=(BYTE*)nt_headers->OptionalHeader.ImageBase) - OPENSSL_NONPIC_relocated=1; - } - break; - } - } while (Module32Next(hModuleSnap,&me32)); - - if (hModuleSnap != INVALID_HANDLE_VALUE) - CloseHandle(hModuleSnap); -#endif - OPENSSL_cpuid_setup(); - return 0; -} - -#else - #ifdef __CYGWIN__ /* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */ #include +/* this has side-effect of _WIN32 getting defined, which otherwise + * is mutually exclusive with __CYGWIN__... */ #endif /* All we really need to do is remove the 'error' state when a thread @@ -405,16 +740,27 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, } #endif -#endif - #if defined(_WIN32) && !defined(__CYGWIN__) #include +#include #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 int OPENSSL_isservice(void) { HWINSTA h; DWORD len; WCHAR *name; + static union { void *p; int (*f)(void); } _OPENSSL_isservice = { NULL }; + + if (_OPENSSL_isservice.p == NULL) { + HANDLE h = GetModuleHandle(NULL); + if (h != NULL) + _OPENSSL_isservice.p = GetProcAddress(h,"_OPENSSL_isservice"); + if (_OPENSSL_isservice.p == NULL) + _OPENSSL_isservice.p = (void *)-1; + } + + if (_OPENSSL_isservice.p != (void *)-1) + return (*_OPENSSL_isservice.f)(); (void)GetDesktopWindow(); /* return value is ignored */ @@ -513,7 +859,7 @@ void OPENSSL_showfatal (const char *fmta,...) #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 /* this -------------v--- guards NT-specific calls */ - if (GetVersion() < 0x80000000 && OPENSSL_isservice()) + if (GetVersion() < 0x80000000 && OPENSSL_isservice() > 0) { HANDLE h = RegisterEventSource(0,_T("OPENSSL")); const TCHAR *pmsg=buf; ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0); @@ -539,7 +885,13 @@ void OpenSSLDie(const char *file,int line,const char *assertion) OPENSSL_showfatal( "%s(%d): OpenSSL internal error, assertion failed: %s\n", file,line,assertion); +#if !defined(_WIN32) || defined(__CYGWIN__) abort(); +#else + /* Win32 abort() customarily shows a dialog, but we just did that... */ + raise(SIGABRT); + _exit(3); +#endif } void *OPENSSL_stderr(void) { return stderr; } diff --git a/src/lib/libcrypto/crypto-lib.com b/src/lib/libcrypto/crypto-lib.com index 8f1c1d5a80..a4b6635091 100644 --- a/src/lib/libcrypto/crypto-lib.com +++ b/src/lib/libcrypto/crypto-lib.com @@ -6,10 +6,11 @@ $! A-Com Computing, Inc. $! byer@mail.all-net.net $! $! Changes by Richard Levitte +$! Zoltan Arpadffy $! $! This command files compiles and creates the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" -$! library for OpenSSL. The "xxx" denotes the machine architecture of AXP -$! or VAX. +$! library for OpenSSL. The "xxx" denotes the machine architecture, ALPHA, +$! IA64 or VAX. $! $! It was re-written so it would try to determine what "C" compiler to use $! or you can specify which "C" compiler to use. @@ -17,28 +18,28 @@ $! $! Specify the following as P1 to build just that part or ALL to just $! build everything. $! -$! LIBRARY To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. -$! APPS To just compile the [.xxx.EXE.CRYPTO]*.EXE -$! ALL To do both LIBRARY and APPS +$! LIBRARY To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. +$! APPS To just compile the [.xxx.EXE.CRYPTO]*.EXE +$! ALL To do both LIBRARY and APPS $! $! Specify DEBUG or NODEBUG as P2 to compile with or without debugger $! information. $! $! Specify which compiler at P3 to try to compile under. $! -$! VAXC For VAX C. -$! DECC For DEC C. -$! GNUC For GNU C. +$! VAXC For VAX C. +$! DECC For DEC C. +$! GNUC For GNU C. $! -$! If you don't speficy a compiler, it will try to determine which +$! If you don't specify a compiler, it will try to determine which $! "C" compiler to use. $! $! P4, if defined, sets a TCP/IP library to use, through one of the following $! keywords: $! -$! UCX for UCX -$! TCPIP for TCPIP (post UCX) -$! SOCKETSHR for SOCKETSHR+NETLIB +$! UCX For UCX +$! TCPIP For TCPIP (post UCX) +$! SOCKETSHR For SOCKETSHR+NETLIB $! $! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) $! @@ -54,36 +55,49 @@ $ TCPIP_LIB = "" $! $! Check Which Architecture We Are Using. $! -$ IF (F$GETSYI("CPU").GE.128) +$ IF (F$GETSYI("CPU").LT.128) $ THEN $! -$! The Architecture Is AXP +$! The Architecture Is VAX $! -$ ARCH := AXP +$ ARCH = "VAX" $! $! Else... $! $ ELSE $! -$! The Architecture Is VAX. +$! The Architecture Is Alpha, IA64 or whatever comes in the future. $! -$ ARCH := VAX +$ ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE") +$ IF (ARCH .EQS. "") THEN ARCH = "UNK" $! $! End The Architecture Check. $! $ ENDIF $! $! Define The Different Encryption Types. +$! NOTE: Some might think this list ugly. However, it's made this way to +$! reflect the SDIRS variable in [-]Makefile.org as closely as possible, +$! thereby making it fairly easy to verify that the lists are the same. $! +$ ET_WHIRLPOOL = "WHRLPOOL" +$ IF ARCH .EQS. "VAX" THEN ET_WHIRLPOOL = "" $ ENCRYPT_TYPES = "Basic,"+ - "OBJECTS,"+ - - "MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - - "DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,"+ - - "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,"+ - + "MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ET_WHIRLPOOL+","+ - + "DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,MODES,"+ - + "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,"+ - "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ - - "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - + "EVP,EVP_2,EVP_3,ASN1,ASN1_2,PEM,X509,X509V3,"+ - "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ - - "STORE,CMS,PQUEUE,JPAKE" + "STORE,CMS,PQUEUE,TS,JPAKE" +$! Define The OBJ Directory. +$! +$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.CRYPTO] +$! +$! Define The EXE Directory. +$! +$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.CRYPTO] $! $! Check To Make Sure We Have Valid Command Line Parameters. $! @@ -97,9 +111,6 @@ $! Tell The User What Kind of Machine We Run On. $! $ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine." $! -$! Define The OBJ Directory. -$! -$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.CRYPTO] $! $! Check To See If The Architecture Specific OBJ Directory Exists. $! @@ -114,10 +125,6 @@ $! End The Architecture Specific OBJ Directory Check. $! $ ENDIF $! -$! Define The EXE Directory. -$! -$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.CRYPTO] -$! $! Check To See If The Architecture Specific Directory Exists. $! $ IF (F$PARSE(EXE_DIR).EQS."") @@ -161,15 +168,16 @@ $! $ APPS_DES = "DES/DES,CBC3_ENC" $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" $ -$ LIB_ = "cryptlib,dyn_lck,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str,o_dir,o_init,fips_err" +$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,cpt_err,ebcdic,uid,o_time,o_str,o_dir" $ LIB_MD2 = "md2_dgst,md2_one" $ LIB_MD4 = "md4_dgst,md4_one" $ LIB_MD5 = "md5_dgst,md5_one" $ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one,sha256,sha512" $ LIB_MDC2 = "mdc2dgst,mdc2_one" -$ LIB_HMAC = "hmac" +$ LIB_HMAC = "hmac,hm_ameth,hm_pmeth" $ LIB_RIPEMD = "rmd_dgst,rmd_one" -$ LIB_DES = "des_lib,set_key,ecb_enc,cbc_enc,"+ - +$ LIB_WHRLPOOL = "wp_dgst,wp_block" +$ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ - "ecb3_enc,cfb64enc,cfb64ede,cfb_enc,ofb64ede,"+ - "enc_read,enc_writ,ofb64enc,"+ - "ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ - @@ -184,36 +192,39 @@ $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64" $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64" $ LIB_CAMELLIA = "camellia,cmll_misc,cmll_ecb,cmll_cbc,cmll_ofb,"+ - "cmll_cfb,cmll_ctr" -$ LIB_SEED = "seed,seed_cbc,seed_ecb,seed_cfb,seed_ofb" +$ LIB_SEED = "seed,seed_ecb,seed_cbc,seed_cfb,seed_ofb" +$ LIB_MODES = "cbc128,ctr128,cfb128,ofb128" $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper" -$ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm" +$ IF F$TRNLNM("OPENSSL_NO_ASM") .OR. ARCH .NES. "VAX" THEN - + LIB_BN_ASM = "bn_asm" $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ - "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ - "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ - "bn_recp,bn_mont,bn_mpi,bn_exp2,bn_gf2m,bn_nist,"+ - - "bn_depr,bn_x931p,bn_const,bn_opt" + "bn_depr,bn_const" $ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_nist,ec_cvt,ec_mult,"+ - "ec_err,ec_curve,ec_check,ec_print,ec_asn1,ec_key,"+ - - "ec2_smpl,ec2_mult" + "ec2_smpl,ec2_mult,ec_ameth,ec_pmeth,eck_prn" $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - - "rsa_pss,rsa_x931,rsa_x931g,rsa_asn1,rsa_depr,rsa_eng" + "rsa_pss,rsa_x931,rsa_asn1,rsa_depr,rsa_ameth,rsa_prn,"+ - + "rsa_pmeth" $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ - - "dsa_err,dsa_ossl,dsa_depr,dsa_utl" + "dsa_err,dsa_ossl,dsa_depr,dsa_ameth,dsa_pmeth,dsa_prn" $ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err" -$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr" +$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr,"+ - + "dh_ameth,dh_pmeth,dh_prn" $ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err" $ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ - - "dso_openssl,dso_win32,dso_vms" + "dso_openssl,dso_win32,dso_vms,dso_beos" $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ - "eng_table,eng_pkey,eng_fat,eng_all,"+ - "tb_rsa,tb_dsa,tb_ecdsa,tb_dh,tb_ecdh,tb_rand,tb_store,"+ - - "tb_cipher,tb_digest,"+ - - "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,eng_padlock"+ - - "eng_aesni" -$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,"+ - - "aes_ctr,aes_ige,aes_wrap" -$ LIB_BUFFER = "buffer,buf_str,buf_err" + "tb_cipher,tb_digest,tb_pkmeth,tb_asnmth,"+ - + "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev" +$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr,"+ - + "aes_ige,aes_wrap" +$ LIB_BUFFER = "buffer,buf_err" $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - "bss_mem,bss_null,bss_fd,"+ - "bss_file,bss_sock,bss_conn,"+ - @@ -225,33 +236,34 @@ $ LIB_STACK = "stack" $ LIB_LHASH = "lhash,lh_stats" $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ - "rand_vms" -$ LIB_ERR = "err,err_def,err_all,err_prn,err_str,err_bio" -$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" -$ LIB_EVP = "encode,digest,dig_eng,evp_enc,evp_key,evp_acnf,evp_cnf,"+ - +$ LIB_ERR = "err,err_all,err_prn" +$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err,obj_xref" +$ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ - "e_des,e_bf,e_idea,e_des3,e_camellia,"+ - "e_rc4,e_aes,names,e_seed,"+ - - "e_xcbc_d,e_rc2,e_cast,e_rc5,enc_min" -$ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - + "e_xcbc_d,e_rc2,e_cast,e_rc5" +$ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1,m_wp," + - "m_dss,m_dss1,m_mdc2,m_ripemd,m_ecdsa,"+ - "p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ - "bio_md,bio_b64,bio_enc,evp_err,e_null,"+ - "c_all,c_allc,c_alld,evp_lib,bio_ok,"+- "evp_pkey,evp_pbe,p5_crpt,p5_crpt2" -$ LIB_EVP_3 = "e_old" +$ LIB_EVP_3 = "e_old,pmeth_lib,pmeth_fn,pmeth_gn,m_sigver" $ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ - "a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,"+ - "a_enum,a_utf8,a_sign,a_digest,a_verify,a_mbstr,a_strex,"+ - "x_algor,x_val,x_pubkey,x_sig,x_req,x_attrib,x_bignum,"+ - "x_long,x_name,x_x509,x_x509a,x_crl,x_info,x_spki,nsseq,"+ - - "d2i_pu,d2i_pr,i2d_pu,i2d_pr" + "x_nx509,d2i_pu,d2i_pr,i2d_pu,i2d_pr" $ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ - "tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ - + "tasn_prn,ameth_lib,"+ - "f_int,f_string,n_pkey,"+ - - "f_enum,a_hdr,x_pkey,a_bool,x_exten,asn_mime,"+ - - "asn1_gen,asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ - + "f_enum,x_pkey,a_bool,x_exten,bio_asn1,bio_ndef,asn_mime,"+ - + "asn1_gen,asn1_par,asn1_lib,asn1_err,a_bytes,a_strnid,"+ - "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid" $ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ - - "pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey" + "pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey,pvkfmt" $ LIB_X509 = "x509_def,x509_d2,x509_r2x,x509_cmp,"+ - "x509_obj,x509_req,x509spki,x509_vfy,"+ - "x509_set,x509cset,x509rset,x509_err,"+ - @@ -267,7 +279,7 @@ $ LIB_X509V3 = "v3_bcons,v3_bitst,v3_conf,v3_extku,v3_ia5,v3_lib,"+ - $ LIB_CONF = "conf_err,conf_lib,conf_api,conf_def,conf_mod,conf_mall,conf_sap" $ LIB_TXT_DB = "txt_db" $ LIB_PKCS7 = "pk7_asn1,pk7_lib,pkcs7err,pk7_doit,pk7_smime,pk7_attr,"+ - - "pk7_mime" + "pk7_mime,bio_pk7" $ LIB_PKCS12 = "p12_add,p12_asn,p12_attr,p12_crpt,p12_crt,p12_decr,"+ - "p12_init,p12_key,p12_kiss,p12_mutl,"+ - "p12_utl,p12_npas,pk12err,p12_p8d,p12_p8e" @@ -282,6 +294,9 @@ $ LIB_STORE = "str_err,str_lib,str_meth,str_mem" $ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ - "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess" $ LIB_PQUEUE = "pqueue" +$ LIB_TS = "ts_err,ts_req_utils,ts_req_print,ts_rsp_utils,ts_rsp_print,"+ - + "ts_rsp_sign,ts_rsp_verify,ts_verify_ctx,ts_lib,ts_conf,"+ - + "ts_asn1" $ LIB_JPAKE = "jpake,jpake_err" $! $! Setup exceptional compilations @@ -292,7 +307,7 @@ $ ! Disable the DOLLARID warning $ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,o_dir" $ ! Disable disjoint optimization $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - - "sha_dgst,sha1dgst,rmd_dgst,bf_enc," + "seed,sha_dgst,sha1dgst,rmd_dgst,bf_enc," $ ! Disable the MIXLINKAGE warning $ COMPILEWITH_CC6 = ",enc_read,set_key," $! @@ -335,11 +350,11 @@ $! Create The Library and Apps Module Names. $! $ LIB_MODULE = "LIB_" + MODULE_NAME $ APPS_MODULE = "APPS_" + MODULE_NAME -$ IF (MODULE_NAME.EQS."ASN1_2") +$ IF (F$EXTRACT(0,5,MODULE_NAME).EQS."ASN1_") $ THEN $ MODULE_NAME = "ASN1" $ ENDIF -$ IF (MODULE_NAME.EQS."EVP_2") +$ IF (F$EXTRACT(0,4,MODULE_NAME).EQS."EVP_") $ THEN $ MODULE_NAME = "EVP" $ ENDIF @@ -354,7 +369,7 @@ $! $ IF F$TYPE('LIB_MODULE') .EQS. "" $ THEN $ WRITE SYS$ERROR "" -$ WRITE SYS$ERROR "The module ",MODULE_NAME," does not exist. Continuing..." +$ WRITE SYS$ERROR "The module ",MODULE_NAME1," does not exist. Continuing..." $ WRITE SYS$ERROR "" $ GOTO MODULE_NEXT $ ENDIF @@ -695,7 +710,7 @@ $! $ IF (F$SEARCH(OPT_FILE).EQS."") $ THEN $! -$! Figure Out If We Need An AXP Or A VAX Linker Option File. +$! Figure Out If We Need A non-VAX Or A VAX Linker Option File. $! $ IF ARCH .EQS. "VAX" $ THEN @@ -715,19 +730,19 @@ $! Else... $! $ ELSE $! -$! Create The AXP Linker Option File. +$! Create The non-VAX Linker Option File. $! $ CREATE 'OPT_FILE' $DECK ! -! Default System Options File For AXP To Link Agianst +! Default System Options File For non-VAX To Link Agianst ! The Sharable C Runtime Library. ! SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE SYS$SHARE:CMA$OPEN_RTL/SHARE $EOD $! -$! End The VAX/AXP DEC C Option File Check. +$! End The DEC C Option File Check. $! $ ENDIF $! @@ -764,12 +779,12 @@ $! Else... $! $ ELSE $! -$! Else, Check To See If P1 Has A Valid Arguement. +$! Else, Check To See If P1 Has A Valid Argument. $! $ IF (P1.EQS."LIBRARY").OR.(P1.EQS."APPS") $ THEN $! -$! A Valid Arguement. +$! A Valid Argument. $! $ BUILDALL = P1 $! @@ -788,15 +803,16 @@ $ WRITE SYS$OUTPUT " APPS : To Compile Just The [.xxx.EXE.CRYPTO]*.E $ WRITE SYS$OUTPUT "" $ WRITE SYS$OUTPUT " Where 'xxx' Stands For:" $ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT " AXP : Alpha Architecture." -$ WRITE SYS$OUTPUT " VAX : VAX Architecture." +$ WRITE SYS$OUTPUT " ALPHA : Alpha Architecture." +$ WRITE SYS$OUTPUT " IA64 : IA64 Architecture." +$ WRITE SYS$OUTPUT " VAX : VAX Architecture." $ WRITE SYS$OUTPUT "" $! $! Time To EXIT. $! $ EXIT $! -$! End The Valid Arguement Check. +$! End The Valid Argument Check. $! $ ENDIF $! @@ -849,7 +865,7 @@ $! Time To EXIT. $! $ EXIT $! -$! End The Valid Arguement Check. +$! End The Valid Argument Check. $! $ ENDIF $! @@ -914,7 +930,7 @@ $ ELSE $! $! Check To See If We Have VAXC Or DECC. $! -$ IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."") +$ IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."") $ THEN $! $! Looks Like DECC, Set To Use DECC. @@ -1020,12 +1036,12 @@ $ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" - THEN CC = "CC/DECC" $ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + - "/NOLIST/PREFIX=ALL" + - - "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP])" + - + "/INCLUDE=(SYS$DISK:[],SYS$DISK:[._''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + - CCEXTRAFLAGS $! $! Define The Linker Options File Name. $! -$ OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT" +$ OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT" $! $! End DECC Check. $! @@ -1047,14 +1063,14 @@ $! $! Compile Using VAXC. $! $ CC = "CC" -$ IF ARCH.EQS."AXP" +$ IF ARCH.NES."VAX" $ THEN -$ WRITE SYS$OUTPUT "There is no VAX C on Alpha!" +$ WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!" $ EXIT $ ENDIF $ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC" $ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + - - "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + - + "/INCLUDE=(SYS$DISK:[],SYS$DISK:[._''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + - CCEXTRAFLAGS $ CCDEFS = """VAXC""," + CCDEFS $! @@ -1064,7 +1080,7 @@ $ DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB] $! $! Define The Linker Options File Name. $! -$ OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT" +$ OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT" $! $! End VAXC Check $! @@ -1086,12 +1102,12 @@ $! $! Use GNU C... $! $ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + - - "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + - + "/INCLUDE=(SYS$DISK:[],SYS$DISK:[._''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + - CCEXTRAFLAGS $! $! Define The Linker Options File Name. $! -$ OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT" +$ OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT" $! $! End The GNU C Check. $! @@ -1136,7 +1152,7 @@ $! Show user the result $! $ WRITE/SYMBOL SYS$OUTPUT "Main C Compiling Command: ",CC $! -$! Else The User Entered An Invalid Arguement. +$! Else The User Entered An Invalid Argument. $! $ ELSE $! @@ -1154,14 +1170,14 @@ $! Time To EXIT. $! $ EXIT $! -$! End The Valid Arguement Check. +$! End The Valid Argument Check. $! $ ENDIF $! $! Build a MACRO command for the architecture at hand $! $ IF ARCH .EQS. "VAX" THEN MACRO = "MACRO/''DEBUGGER'" -$ IF ARCH .EQS. "AXP" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'" +$ IF ARCH .NES. "VAX" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'" $! $! Show user the result $! @@ -1249,7 +1265,7 @@ $! Print info $! $ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB $! -$! Else The User Entered An Invalid Arguement. +$! Else The User Entered An Invalid Argument. $! $ ELSE $! diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h index 0e4fb0723c..b0360cec51 100644 --- a/src/lib/libcrypto/crypto.h +++ b/src/lib/libcrypto/crypto.h @@ -1,6 +1,6 @@ /* crypto/crypto.h */ /* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -219,13 +219,9 @@ typedef struct openssl_item_st #define CRYPTO_LOCK_EC_PRE_COMP 36 #define CRYPTO_LOCK_STORE 37 #define CRYPTO_LOCK_COMP 38 -#ifndef OPENSSL_FIPS -#define CRYPTO_NUM_LOCKS 39 -#else #define CRYPTO_LOCK_FIPS 39 #define CRYPTO_LOCK_FIPS2 40 #define CRYPTO_NUM_LOCKS 41 -#endif #define CRYPTO_LOCK 1 #define CRYPTO_UNLOCK 2 @@ -288,9 +284,10 @@ typedef struct bio_st BIO_dummy; struct crypto_ex_data_st { - STACK *sk; + STACK_OF(void) *sk; int dummy; /* gcc is screwing up this data structure :-( */ }; +DECLARE_STACK_OF(void) /* This stuff is basically class callback functions * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */ @@ -347,7 +344,14 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) /* Set standard debugging functions (not done by default * unless CRYPTO_MDEBUG is defined) */ -void CRYPTO_malloc_debug_init(void); +#define CRYPTO_malloc_debug_init() do {\ + CRYPTO_set_mem_debug_functions(\ + CRYPTO_dbg_malloc,\ + CRYPTO_dbg_realloc,\ + CRYPTO_dbg_free,\ + CRYPTO_dbg_set_options,\ + CRYPTO_dbg_get_options);\ + } while(0) int CRYPTO_mem_ctrl(int mode); int CRYPTO_is_mem_check_on(void); @@ -420,16 +424,32 @@ void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type, const char *file, int line)); int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type, const char *file,int line); + +/* Don't use this structure directly. */ +typedef struct crypto_threadid_st + { + void *ptr; + unsigned long val; + } CRYPTO_THREADID; +/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */ +void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val); +void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr); +int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *)); +void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *); +void CRYPTO_THREADID_current(CRYPTO_THREADID *id); +int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b); +void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src); +unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id); +#ifndef OPENSSL_NO_DEPRECATED void CRYPTO_set_id_callback(unsigned long (*func)(void)); unsigned long (*CRYPTO_get_id_callback(void))(void); unsigned long CRYPTO_thread_id(void); +#endif + const char *CRYPTO_get_lock_name(int type); int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file, int line); -void int_CRYPTO_set_do_dynlock_callback( - void (*do_dynlock_cb)(int mode, int type, const char *file, int line)); - int CRYPTO_get_new_dynlockid(void); void CRYPTO_destroy_dynlockid(int i); struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i); @@ -454,10 +474,6 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int), void (*f)(void *,int), void (*so)(long), long (*go)(void)); -void CRYPTO_set_mem_info_functions( - int (*push_info_fn)(const char *info, const char *file, int line), - int (*pop_info_fn)(void), - int (*remove_all_info_fn)(void)); void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *)); void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *)); void CRYPTO_get_mem_ex_functions(void *(**m)(size_t,const char *,int), @@ -514,9 +530,6 @@ void CRYPTO_dbg_free(void *addr,int before_p); void CRYPTO_dbg_set_options(long bits); long CRYPTO_dbg_get_options(void); -int CRYPTO_dbg_push_info(const char *info, const char *file, int line); -int CRYPTO_dbg_pop_info(void); -int CRYPTO_dbg_remove_all_info(void); #ifndef OPENSSL_NO_FP_API void CRYPTO_mem_leaks_fp(FILE *); @@ -534,69 +547,12 @@ unsigned long *OPENSSL_ia32cap_loc(void); #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) int OPENSSL_isservice(void); -#ifdef OPENSSL_FIPS -#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ - alg " previous FIPS forbidden algorithm error ignored"); - -#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ - #alg " Algorithm forbidden in FIPS mode"); - -#ifdef OPENSSL_FIPS_STRICT -#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg) -#else -#define FIPS_BAD_ALGORITHM(alg) \ - { \ - FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \ - ERR_add_error_data(2, "Algorithm=", #alg); \ - return 0; \ - } -#endif - -/* Low level digest API blocking macro */ - -#define FIPS_NON_FIPS_MD_Init(alg) \ - int alg##_Init(alg##_CTX *c) \ - { \ - if (FIPS_mode()) \ - FIPS_BAD_ALGORITHM(alg) \ - return private_##alg##_Init(c); \ - } \ - int private_##alg##_Init(alg##_CTX *c) - -/* For ciphers the API often varies from cipher to cipher and each needs to - * be treated as a special case. Variable key length ciphers (Blowfish, RC4, - * CAST) however are very similar and can use a blocking macro. - */ - -#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ - void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \ - { \ - if (FIPS_mode()) \ - FIPS_BAD_ABORT(alg) \ - private_##alg##_set_key(key, len, data); \ - } \ - void private_##alg##_set_key(alg##_KEY *key, int len, \ - const unsigned char *data) - -#else - -#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ - void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) - -#define FIPS_NON_FIPS_MD_Init(alg) \ - int alg##_Init(alg##_CTX *c) - -#endif /* def OPENSSL_FIPS */ - /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. */ void ERR_load_CRYPTO_strings(void); -#define OPENSSL_HAVE_INIT 1 -void OPENSSL_init(void); - /* Error codes for the CRYPTO functions. */ /* Function codes. */ diff --git a/src/lib/libcrypto/des/Makefile.ssl b/src/lib/libcrypto/des/Makefile.ssl deleted file mode 100644 index 0d9ba2b42f..0000000000 --- a/src/lib/libcrypto/des/Makefile.ssl +++ /dev/null @@ -1,316 +0,0 @@ -# -# SSLeay/crypto/des/Makefile -# - -DIR= des -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES=-I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r -RANLIB= ranlib -DES_ENC= des_enc.o fcrypt_b.o -# or use -#DES_ENC= dx86-elf.o yx86-elf.o - -CFLAGS= $(INCLUDES) $(CFLAG) -ASFLAGS= $(INCLUDES) $(ASFLAG) - -GENERAL=Makefile -TEST=destest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \ - ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c \ - fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c \ - qud_cksm.c rand_key.c rpc_enc.c set_key.c \ - des_enc.c fcrypt_b.c \ - xcbc_enc.c \ - str2key.c cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \ - read2pwd.c - -LIBOBJ= set_key.o ecb_enc.o cbc_enc.o \ - ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o \ - enc_read.o enc_writ.o ofb64enc.o \ - ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o \ - ${DES_ENC} \ - fcrypt.o xcbc_enc.o rpc_enc.o cbc_cksm.o \ - ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o - -SRC= $(LIBSRC) - -EXHEADER= des.h des_old.h -HEADER= des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -des: des.o cbc3_enc.o lib - $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB) - -# elf -asm/dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s) - -asm/yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s) - -# a.out -asm/dx86-out.o: asm/dx86unix.cpp - $(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o - -asm/yx86-out.o: asm/yx86unix.cpp - $(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o - -# bsdi -asm/dx86bsdi.o: asm/dx86unix.cpp - $(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o - -asm/yx86bsdi.o: asm/yx86unix.cpp - $(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o - -asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp) - -asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: installs - -installs: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -cbc_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -cbc_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -cbc_cksm.o: ../../include/openssl/opensslconf.h -cbc_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -cbc_cksm.o: cbc_cksm.c des_locl.h -cbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -cbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -cbc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -cbc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -cbc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -cbc_enc.o: ../../include/openssl/ui_compat.h cbc_enc.c des_locl.h ncbc_enc.c -cfb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -cfb64ede.o: ../../include/openssl/opensslconf.h -cfb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -cfb64ede.o: cfb64ede.c des_locl.h -cfb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -cfb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -cfb64enc.o: ../../include/openssl/opensslconf.h -cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -cfb64enc.o: cfb64enc.c des_locl.h -cfb_enc.o: ../../e_os.h ../../include/openssl/crypto.h -cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -cfb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -cfb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -cfb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -cfb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -cfb_enc.o: cfb_enc.c des_locl.h -des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -des_enc.o: ../../include/openssl/ui_compat.h des_enc.c des_locl.h ncbc_enc.c -des_old.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -des_old.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -des_old.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -des_old.o: ../../include/openssl/ui_compat.h des_old.c -des_old2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -des_old2.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -des_old2.o: ../../include/openssl/opensslconf.h -des_old2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -des_old2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -des_old2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -des_old2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -des_old2.o: des_old2.c -ecb3_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ecb3_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ecb3_enc.o: ../../include/openssl/opensslconf.h -ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ecb3_enc.o: des_locl.h ecb3_enc.c -ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h -ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ede_cbcm_enc.o: ../../include/openssl/opensslconf.h -ede_cbcm_enc.o: ../../include/openssl/opensslv.h -ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c -enc_read.o: ../../e_os.h ../../include/openssl/bio.h -enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -enc_read.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -enc_read.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -enc_read.o: ../cryptlib.h des_locl.h enc_read.c -enc_writ.o: ../../e_os.h ../../include/openssl/bio.h -enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c -fcrypt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -fcrypt.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -fcrypt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -fcrypt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fcrypt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -fcrypt.o: ../../include/openssl/ui_compat.h des_locl.h fcrypt.c -fcrypt_b.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -fcrypt_b.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -fcrypt_b.o: ../../include/openssl/opensslconf.h -fcrypt_b.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -fcrypt_b.o: des_locl.h fcrypt_b.c -ofb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ofb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ofb64ede.o: ../../include/openssl/opensslconf.h -ofb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ofb64ede.o: des_locl.h ofb64ede.c -ofb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ofb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ofb64enc.o: ../../include/openssl/opensslconf.h -ofb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ofb64enc.o: des_locl.h ofb64enc.c -ofb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ofb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ofb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ofb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ofb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ofb_enc.o: ../../include/openssl/ui_compat.h des_locl.h ofb_enc.c -pcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -pcbc_enc.o: ../../include/openssl/opensslconf.h -pcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pcbc_enc.o: des_locl.h pcbc_enc.c -qud_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -qud_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -qud_cksm.o: ../../include/openssl/opensslconf.h -qud_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -qud_cksm.o: des_locl.h qud_cksm.c -rand_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -rand_key.o: ../../include/openssl/opensslconf.h -rand_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -rand_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_key.o: rand_key.c -read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -read2pwd.o: ../../include/openssl/opensslconf.h -read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -read2pwd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -read2pwd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -read2pwd.o: read2pwd.c -rpc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rpc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -rpc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -rpc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rpc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -rpc_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h rpc_des.h -rpc_enc.o: rpc_enc.c -set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -set_key.o: ../../include/openssl/ui_compat.h des_locl.h set_key.c -str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -str2key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -str2key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -str2key.o: ../../include/openssl/ui_compat.h des_locl.h str2key.c -xcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -xcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -xcbc_enc.o: ../../include/openssl/opensslconf.h -xcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -xcbc_enc.o: des_locl.h xcbc_enc.c diff --git a/src/lib/libcrypto/des/asm/crypt586.pl b/src/lib/libcrypto/des/asm/crypt586.pl index 1d04ed6def..e36f7d44bd 100644 --- a/src/lib/libcrypto/des/asm/crypt586.pl +++ b/src/lib/libcrypto/des/asm/crypt586.pl @@ -6,7 +6,8 @@ # things perfect. # -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; &asm_init($ARGV[0],"crypt586.pl"); @@ -22,7 +23,7 @@ sub fcrypt_body { local($name,$do_ip)=@_; - &function_begin($name,"EXTRN _DES_SPtrans:DWORD"); + &function_begin($name); &comment(""); &comment("Load the 2 words"); diff --git a/src/lib/libcrypto/des/asm/des-586.pl b/src/lib/libcrypto/des/asm/des-586.pl index 60d577cc8d..5b5f39cebd 100644 --- a/src/lib/libcrypto/des/asm/des-586.pl +++ b/src/lib/libcrypto/des/asm/des-586.pl @@ -4,7 +4,8 @@ # Svend Olaf Mikkelsen # -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; require "cbc.pl"; require "desboth.pl"; @@ -18,33 +19,110 @@ require "desboth.pl"; $L="edi"; $R="esi"; +$trans="ebp"; +$small_footprint=1 if (grep(/\-DOPENSSL_SMALL_FOOTPRINT/,@ARGV)); +# one can discuss setting this variable to 1 unconditionally, as +# the folded loop is only 3% slower than unrolled, but >7 times smaller -&external_label("DES_SPtrans"); +&public_label("DES_SPtrans"); + +&DES_encrypt_internal(); +&DES_decrypt_internal(); &DES_encrypt("DES_encrypt1",1); &DES_encrypt("DES_encrypt2",0); +&DES_encrypt3("DES_encrypt3",1); +&DES_encrypt3("DES_decrypt3",0); +&cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1); +&cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5); +&DES_SPtrans(); + +&asm_finish(); -if (!$main'openbsd) +sub DES_encrypt_internal() { - &DES_encrypt3("DES_encrypt3",1); - &DES_encrypt3("DES_decrypt3",0); - &cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1); - &cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5); + &function_begin_B("_x86_DES_encrypt"); + + if ($small_footprint) + { + &lea("edx",&DWP(128,"ecx")); + &push("edx"); + &push("ecx"); + &set_label("eloop"); + &D_ENCRYPT(0,$L,$R,0,$trans,"eax","ebx","ecx","edx",&swtmp(0)); + &comment(""); + &D_ENCRYPT(1,$R,$L,2,$trans,"eax","ebx","ecx","edx",&swtmp(0)); + &comment(""); + &add("ecx",16); + &cmp("ecx",&swtmp(1)); + &mov(&swtmp(0),"ecx"); + &jb(&label("eloop")); + &add("esp",8); + } + else + { + &push("ecx"); + for ($i=0; $i<16; $i+=2) + { + &comment("Round $i"); + &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0)); + &comment("Round ".sprintf("%d",$i+1)); + &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0)); + } + &add("esp",4); } + &ret(); -&asm_finish(); + &function_end_B("_x86_DES_encrypt"); + } + +sub DES_decrypt_internal() + { + &function_begin_B("_x86_DES_decrypt"); + + if ($small_footprint) + { + &push("ecx"); + &lea("ecx",&DWP(128,"ecx")); + &push("ecx"); + &set_label("dloop"); + &D_ENCRYPT(0,$L,$R,-2,$trans,"eax","ebx","ecx","edx",&swtmp(0)); + &comment(""); + &D_ENCRYPT(1,$R,$L,-4,$trans,"eax","ebx","ecx","edx",&swtmp(0)); + &comment(""); + &sub("ecx",16); + &cmp("ecx",&swtmp(1)); + &mov(&swtmp(0),"ecx"); + &ja(&label("dloop")); + &add("esp",8); + } + else + { + &push("ecx"); + for ($i=15; $i>0; $i-=2) + { + &comment("Round $i"); + &D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0)); + &comment("Round ".sprintf("%d",$i-1)); + &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0)); + } + &add("esp",4); + } + &ret(); + &function_end_B("_x86_DES_decrypt"); + } + sub DES_encrypt { local($name,$do_ip)=@_; - &function_begin_B($name,"EXTRN _DES_SPtrans:DWORD"); + &function_begin_B($name); &push("esi"); &push("edi"); &comment(""); &comment("Load the 2 words"); - $trans="ebp"; if ($do_ip) { @@ -77,39 +155,20 @@ sub DES_encrypt } # PIC-ification:-) - &picmeup($trans,"DES_SPtrans"); - #if ($cpp) { &picmeup($trans,"DES_SPtrans"); } - #else { &lea($trans,&DWP("DES_SPtrans")); } + &call (&label("pic_point")); + &set_label("pic_point"); + &blindpop($trans); + &lea ($trans,&DWP(&label("DES_SPtrans")."-".&label("pic_point"),$trans)); &mov( "ecx", &wparam(1) ); - &cmp("ebx","0"); - &je(&label("start_decrypt")); - - for ($i=0; $i<16; $i+=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx"); - } - &jmp(&label("end")); - &set_label("start_decrypt"); - - for ($i=15; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx"); - } - - &set_label("end"); + &cmp("ebx","0"); + &je(&label("decrypt")); + &call("_x86_DES_encrypt"); + &jmp(&label("done")); + &set_label("decrypt"); + &call("_x86_DES_decrypt"); + &set_label("done"); if ($do_ip) { @@ -143,7 +202,7 @@ sub DES_encrypt sub D_ENCRYPT { - local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_; + local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t,$wp1)=@_; &mov( $u, &DWP(&n2a($S*4),$tmp2,"",0)); &xor( $tmp1, $tmp1); @@ -170,7 +229,7 @@ sub D_ENCRYPT &and( $t, "0xff" ); &xor( $L, &DWP("0x600",$trans,$tmp1,0)); &xor( $L, &DWP("0x700",$trans,$tmp2,0)); - &mov( $tmp2, &wparam(1) ); + &mov( $tmp2, $wp1 ); &xor( $L, &DWP("0x400",$trans,$u,0)); &xor( $L, &DWP("0x500",$trans,$t,0)); } @@ -253,3 +312,142 @@ sub FP_new &rotr($tt , 4); } +sub DES_SPtrans + { + &set_label("DES_SPtrans",64); + &data_word(0x02080800, 0x00080000, 0x02000002, 0x02080802); + &data_word(0x02000000, 0x00080802, 0x00080002, 0x02000002); + &data_word(0x00080802, 0x02080800, 0x02080000, 0x00000802); + &data_word(0x02000802, 0x02000000, 0x00000000, 0x00080002); + &data_word(0x00080000, 0x00000002, 0x02000800, 0x00080800); + &data_word(0x02080802, 0x02080000, 0x00000802, 0x02000800); + &data_word(0x00000002, 0x00000800, 0x00080800, 0x02080002); + &data_word(0x00000800, 0x02000802, 0x02080002, 0x00000000); + &data_word(0x00000000, 0x02080802, 0x02000800, 0x00080002); + &data_word(0x02080800, 0x00080000, 0x00000802, 0x02000800); + &data_word(0x02080002, 0x00000800, 0x00080800, 0x02000002); + &data_word(0x00080802, 0x00000002, 0x02000002, 0x02080000); + &data_word(0x02080802, 0x00080800, 0x02080000, 0x02000802); + &data_word(0x02000000, 0x00000802, 0x00080002, 0x00000000); + &data_word(0x00080000, 0x02000000, 0x02000802, 0x02080800); + &data_word(0x00000002, 0x02080002, 0x00000800, 0x00080802); + # nibble 1 + &data_word(0x40108010, 0x00000000, 0x00108000, 0x40100000); + &data_word(0x40000010, 0x00008010, 0x40008000, 0x00108000); + &data_word(0x00008000, 0x40100010, 0x00000010, 0x40008000); + &data_word(0x00100010, 0x40108000, 0x40100000, 0x00000010); + &data_word(0x00100000, 0x40008010, 0x40100010, 0x00008000); + &data_word(0x00108010, 0x40000000, 0x00000000, 0x00100010); + &data_word(0x40008010, 0x00108010, 0x40108000, 0x40000010); + &data_word(0x40000000, 0x00100000, 0x00008010, 0x40108010); + &data_word(0x00100010, 0x40108000, 0x40008000, 0x00108010); + &data_word(0x40108010, 0x00100010, 0x40000010, 0x00000000); + &data_word(0x40000000, 0x00008010, 0x00100000, 0x40100010); + &data_word(0x00008000, 0x40000000, 0x00108010, 0x40008010); + &data_word(0x40108000, 0x00008000, 0x00000000, 0x40000010); + &data_word(0x00000010, 0x40108010, 0x00108000, 0x40100000); + &data_word(0x40100010, 0x00100000, 0x00008010, 0x40008000); + &data_word(0x40008010, 0x00000010, 0x40100000, 0x00108000); + # nibble 2 + &data_word(0x04000001, 0x04040100, 0x00000100, 0x04000101); + &data_word(0x00040001, 0x04000000, 0x04000101, 0x00040100); + &data_word(0x04000100, 0x00040000, 0x04040000, 0x00000001); + &data_word(0x04040101, 0x00000101, 0x00000001, 0x04040001); + &data_word(0x00000000, 0x00040001, 0x04040100, 0x00000100); + &data_word(0x00000101, 0x04040101, 0x00040000, 0x04000001); + &data_word(0x04040001, 0x04000100, 0x00040101, 0x04040000); + &data_word(0x00040100, 0x00000000, 0x04000000, 0x00040101); + &data_word(0x04040100, 0x00000100, 0x00000001, 0x00040000); + &data_word(0x00000101, 0x00040001, 0x04040000, 0x04000101); + &data_word(0x00000000, 0x04040100, 0x00040100, 0x04040001); + &data_word(0x00040001, 0x04000000, 0x04040101, 0x00000001); + &data_word(0x00040101, 0x04000001, 0x04000000, 0x04040101); + &data_word(0x00040000, 0x04000100, 0x04000101, 0x00040100); + &data_word(0x04000100, 0x00000000, 0x04040001, 0x00000101); + &data_word(0x04000001, 0x00040101, 0x00000100, 0x04040000); + # nibble 3 + &data_word(0x00401008, 0x10001000, 0x00000008, 0x10401008); + &data_word(0x00000000, 0x10400000, 0x10001008, 0x00400008); + &data_word(0x10401000, 0x10000008, 0x10000000, 0x00001008); + &data_word(0x10000008, 0x00401008, 0x00400000, 0x10000000); + &data_word(0x10400008, 0x00401000, 0x00001000, 0x00000008); + &data_word(0x00401000, 0x10001008, 0x10400000, 0x00001000); + &data_word(0x00001008, 0x00000000, 0x00400008, 0x10401000); + &data_word(0x10001000, 0x10400008, 0x10401008, 0x00400000); + &data_word(0x10400008, 0x00001008, 0x00400000, 0x10000008); + &data_word(0x00401000, 0x10001000, 0x00000008, 0x10400000); + &data_word(0x10001008, 0x00000000, 0x00001000, 0x00400008); + &data_word(0x00000000, 0x10400008, 0x10401000, 0x00001000); + &data_word(0x10000000, 0x10401008, 0x00401008, 0x00400000); + &data_word(0x10401008, 0x00000008, 0x10001000, 0x00401008); + &data_word(0x00400008, 0x00401000, 0x10400000, 0x10001008); + &data_word(0x00001008, 0x10000000, 0x10000008, 0x10401000); + # nibble 4 + &data_word(0x08000000, 0x00010000, 0x00000400, 0x08010420); + &data_word(0x08010020, 0x08000400, 0x00010420, 0x08010000); + &data_word(0x00010000, 0x00000020, 0x08000020, 0x00010400); + &data_word(0x08000420, 0x08010020, 0x08010400, 0x00000000); + &data_word(0x00010400, 0x08000000, 0x00010020, 0x00000420); + &data_word(0x08000400, 0x00010420, 0x00000000, 0x08000020); + &data_word(0x00000020, 0x08000420, 0x08010420, 0x00010020); + &data_word(0x08010000, 0x00000400, 0x00000420, 0x08010400); + &data_word(0x08010400, 0x08000420, 0x00010020, 0x08010000); + &data_word(0x00010000, 0x00000020, 0x08000020, 0x08000400); + &data_word(0x08000000, 0x00010400, 0x08010420, 0x00000000); + &data_word(0x00010420, 0x08000000, 0x00000400, 0x00010020); + &data_word(0x08000420, 0x00000400, 0x00000000, 0x08010420); + &data_word(0x08010020, 0x08010400, 0x00000420, 0x00010000); + &data_word(0x00010400, 0x08010020, 0x08000400, 0x00000420); + &data_word(0x00000020, 0x00010420, 0x08010000, 0x08000020); + # nibble 5 + &data_word(0x80000040, 0x00200040, 0x00000000, 0x80202000); + &data_word(0x00200040, 0x00002000, 0x80002040, 0x00200000); + &data_word(0x00002040, 0x80202040, 0x00202000, 0x80000000); + &data_word(0x80002000, 0x80000040, 0x80200000, 0x00202040); + &data_word(0x00200000, 0x80002040, 0x80200040, 0x00000000); + &data_word(0x00002000, 0x00000040, 0x80202000, 0x80200040); + &data_word(0x80202040, 0x80200000, 0x80000000, 0x00002040); + &data_word(0x00000040, 0x00202000, 0x00202040, 0x80002000); + &data_word(0x00002040, 0x80000000, 0x80002000, 0x00202040); + &data_word(0x80202000, 0x00200040, 0x00000000, 0x80002000); + &data_word(0x80000000, 0x00002000, 0x80200040, 0x00200000); + &data_word(0x00200040, 0x80202040, 0x00202000, 0x00000040); + &data_word(0x80202040, 0x00202000, 0x00200000, 0x80002040); + &data_word(0x80000040, 0x80200000, 0x00202040, 0x00000000); + &data_word(0x00002000, 0x80000040, 0x80002040, 0x80202000); + &data_word(0x80200000, 0x00002040, 0x00000040, 0x80200040); + # nibble 6 + &data_word(0x00004000, 0x00000200, 0x01000200, 0x01000004); + &data_word(0x01004204, 0x00004004, 0x00004200, 0x00000000); + &data_word(0x01000000, 0x01000204, 0x00000204, 0x01004000); + &data_word(0x00000004, 0x01004200, 0x01004000, 0x00000204); + &data_word(0x01000204, 0x00004000, 0x00004004, 0x01004204); + &data_word(0x00000000, 0x01000200, 0x01000004, 0x00004200); + &data_word(0x01004004, 0x00004204, 0x01004200, 0x00000004); + &data_word(0x00004204, 0x01004004, 0x00000200, 0x01000000); + &data_word(0x00004204, 0x01004000, 0x01004004, 0x00000204); + &data_word(0x00004000, 0x00000200, 0x01000000, 0x01004004); + &data_word(0x01000204, 0x00004204, 0x00004200, 0x00000000); + &data_word(0x00000200, 0x01000004, 0x00000004, 0x01000200); + &data_word(0x00000000, 0x01000204, 0x01000200, 0x00004200); + &data_word(0x00000204, 0x00004000, 0x01004204, 0x01000000); + &data_word(0x01004200, 0x00000004, 0x00004004, 0x01004204); + &data_word(0x01000004, 0x01004200, 0x01004000, 0x00004004); + # nibble 7 + &data_word(0x20800080, 0x20820000, 0x00020080, 0x00000000); + &data_word(0x20020000, 0x00800080, 0x20800000, 0x20820080); + &data_word(0x00000080, 0x20000000, 0x00820000, 0x00020080); + &data_word(0x00820080, 0x20020080, 0x20000080, 0x20800000); + &data_word(0x00020000, 0x00820080, 0x00800080, 0x20020000); + &data_word(0x20820080, 0x20000080, 0x00000000, 0x00820000); + &data_word(0x20000000, 0x00800000, 0x20020080, 0x20800080); + &data_word(0x00800000, 0x00020000, 0x20820000, 0x00000080); + &data_word(0x00800000, 0x00020000, 0x20000080, 0x20820080); + &data_word(0x00020080, 0x20000000, 0x00000000, 0x00820000); + &data_word(0x20800080, 0x20020080, 0x20020000, 0x00800080); + &data_word(0x20820000, 0x00000080, 0x00800080, 0x20020000); + &data_word(0x20820080, 0x00800000, 0x20800000, 0x20000080); + &data_word(0x00820000, 0x00020080, 0x20020080, 0x20800000); + &data_word(0x00000080, 0x20820000, 0x00820080, 0x00000000); + &data_word(0x20000000, 0x20800080, 0x00020000, 0x00820080); + } diff --git a/src/lib/libcrypto/des/asm/des686.pl b/src/lib/libcrypto/des/asm/des686.pl deleted file mode 100644 index d3ad5d5edd..0000000000 --- a/src/lib/libcrypto/des/asm/des686.pl +++ /dev/null @@ -1,230 +0,0 @@ -#!/usr/local/bin/perl - -$prog="des686.pl"; - -# base code is in microsft -# op dest, source -# format. -# - -# WILL NOT WORK ANYMORE WITH desboth.pl -require "desboth.pl"; - -if ( ($ARGV[0] eq "elf")) - { require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "a.out")) - { $aout=1; require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "sol")) - { $sol=1; require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "cpp")) - { $cpp=1; require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "win32")) - { require "x86ms.pl"; } -else - { - print STDERR <<"EOF"; -Pick one target type from - elf - linux, FreeBSD etc - a.out - old linux - sol - x86 solaris - cpp - format so x86unix.cpp can be used - win32 - Windows 95/Windows NT -EOF - exit(1); - } - -&comment("Don't even think of reading this code"); -&comment("It was automatically generated by $prog"); -&comment("Which is a perl program used to generate the x86 assember for"); -&comment("any of elf, a.out, Win32, or Solaris"); -&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+"); -&comment("eric "); -&comment(""); - -&file("dx86xxxx"); - -$L="edi"; -$R="esi"; - -&DES_encrypt("DES_encrypt1",1); -&DES_encrypt("DES_encrypt2",0); - -&DES_encrypt3("DES_encrypt3",1); -&DES_encrypt3("DES_decrypt3",0); - -&file_end(); - -sub DES_encrypt - { - local($name,$do_ip)=@_; - - &function_begin($name,"EXTRN _DES_SPtrans:DWORD"); - - &comment(""); - &comment("Load the 2 words"); - &mov("eax",&wparam(0)); - &mov($L,&DWP(0,"eax","",0)); - &mov($R,&DWP(4,"eax","",0)); - - $ksp=&wparam(1); - - if ($do_ip) - { - &comment(""); - &comment("IP"); - &IP_new($L,$R,"eax"); - } - - &comment(""); - &comment("fixup rotate"); - &rotl($R,3); - &rotl($L,3); - &exch($L,$R); - - &comment(""); - &comment("load counter, key_schedule and enc flag"); - &mov("eax",&wparam(2)); # get encrypt flag - &mov("ebp",&wparam(1)); # get ks - &cmp("eax","0"); - &je(&label("start_decrypt")); - - # encrypting part - - for ($i=0; $i<16; $i+=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($R,$L,($i+1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); - } - &jmp(&label("end")); - - &set_label("start_decrypt"); - - for ($i=15; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &D_ENCRYPT($R,$L,($i-1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); - } - - &set_label("end"); - - &comment(""); - &comment("Fixup"); - &rotr($L,3); # r - &rotr($R,3); # l - - if ($do_ip) - { - &comment(""); - &comment("FP"); - &FP_new($R,$L,"eax"); - } - - &mov("eax",&wparam(0)); - &mov(&DWP(0,"eax","",0),$L); - &mov(&DWP(4,"eax","",0),$R); - - &function_end($name); - } - - -# The logic is to load R into 2 registers and operate on both at the same time. -# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte' -# while also masking the other copy and doing a lookup. We then also accumulate the -# L value in 2 registers then combine them at the end. -sub D_ENCRYPT - { - local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_; - - &mov( $u, &DWP(&n2a($S*4),$ks,"",0)); - &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0)); - &xor( $u, $R ); - &xor( $t, $R ); - &rotr( $t, 4 ); - - # the numbers at the end of the line are origional instruction order - &mov( $tmp2, $u ); # 1 2 - &mov( $tmp1, $t ); # 1 1 - &and( $tmp2, "0xfc" ); # 1 4 - &and( $tmp1, "0xfc" ); # 1 3 - &shr( $t, 8 ); # 1 5 - &xor( $L, &DWP("0x100+$desSP",$tmp1,"",0)); # 1 7 - &shr( $u, 8 ); # 1 6 - &mov( $tmp1, &DWP(" $desSP",$tmp2,"",0)); # 1 8 - - &mov( $tmp2, $u ); # 2 2 - &xor( $L, $tmp1 ); # 1 9 - &and( $tmp2, "0xfc" ); # 2 4 - &mov( $tmp1, $t ); # 2 1 - &and( $tmp1, "0xfc" ); # 2 3 - &shr( $t, 8 ); # 2 5 - &xor( $L, &DWP("0x300+$desSP",$tmp1,"",0)); # 2 7 - &shr( $u, 8 ); # 2 6 - &mov( $tmp1, &DWP("0x200+$desSP",$tmp2,"",0)); # 2 8 - &mov( $tmp2, $u ); # 3 2 - - &xor( $L, $tmp1 ); # 2 9 - &and( $tmp2, "0xfc" ); # 3 4 - - &mov( $tmp1, $t ); # 3 1 - &shr( $u, 8 ); # 3 6 - &and( $tmp1, "0xfc" ); # 3 3 - &shr( $t, 8 ); # 3 5 - &xor( $L, &DWP("0x500+$desSP",$tmp1,"",0)); # 3 7 - &mov( $tmp1, &DWP("0x400+$desSP",$tmp2,"",0)); # 3 8 - - &and( $t, "0xfc" ); # 4 1 - &xor( $L, $tmp1 ); # 3 9 - - &and( $u, "0xfc" ); # 4 2 - &xor( $L, &DWP("0x700+$desSP",$t,"",0)); # 4 3 - &xor( $L, &DWP("0x600+$desSP",$u,"",0)); # 4 4 - } - -sub PERM_OP - { - local($a,$b,$tt,$shift,$mask)=@_; - - &mov( $tt, $a ); - &shr( $tt, $shift ); - &xor( $tt, $b ); - &and( $tt, $mask ); - &xor( $b, $tt ); - &shl( $tt, $shift ); - &xor( $a, $tt ); - } - -sub IP_new - { - local($l,$r,$tt)=@_; - - &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f"); - &PERM_OP($l,$r,$tt,16,"0x0000ffff"); - &PERM_OP($r,$l,$tt, 2,"0x33333333"); - &PERM_OP($l,$r,$tt, 8,"0x00ff00ff"); - &PERM_OP($r,$l,$tt, 1,"0x55555555"); - } - -sub FP_new - { - local($l,$r,$tt)=@_; - - &PERM_OP($l,$r,$tt, 1,"0x55555555"); - &PERM_OP($r,$l,$tt, 8,"0x00ff00ff"); - &PERM_OP($l,$r,$tt, 2,"0x33333333"); - &PERM_OP($r,$l,$tt,16,"0x0000ffff"); - &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f"); - } - -sub n2a - { - sprintf("%d",$_[0]); - } diff --git a/src/lib/libcrypto/des/des-lib.com b/src/lib/libcrypto/des/des-lib.com index fc2c35a1ce..348f1c0470 100644 --- a/src/lib/libcrypto/des/des-lib.com +++ b/src/lib/libcrypto/des/des-lib.com @@ -9,7 +9,7 @@ $! Changes by Richard Levitte $! $! This command files compiles and creates the $! "[.xxx.EXE.CRYPTO.DES]LIBDES.OLB" library. The "xxx" denotes the machine -$! architecture of AXP or VAX. +$! architecture of ALPHA, IA64 or VAX. $! $! It was re-written to try to determine which "C" compiler to try to use $! or the user can specify a compiler in P3. @@ -45,25 +45,34 @@ $! $! $! Check Which Architecture We Are Using. $! -$ IF (F$GETSYI("CPU").GE.128) +$ IF (F$GETSYI("CPU").LT.128) $ THEN $! -$! The Architecture Is AXP. +$! The Architecture Is VAX $! -$ ARCH := AXP +$ ARCH := VAX $! $! Else... $! $ ELSE $! -$! The Architecture Is VAX. +$! The Architecture Is Alpha, IA64 or whatever comes in the future. $! -$ ARCH := VAX +$ ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE") +$ IF (ARCH .EQS. "") THEN ARCH = "UNK" $! $! End The Architecture Check. $! $ ENDIF $! +$! Define The OBJ Directory Name. +$! +$ OBJ_DIR := SYS$DISK:[--.'ARCH'.OBJ.CRYPTO.DES] +$! +$! Define The EXE Directory Name. +$! +$ EXE_DIR :== SYS$DISK:[--.'ARCH'.EXE.CRYPTO.DES] +$! $! Check To Make Sure We Have Valid Command Line Parameters. $! $ GOSUB CHECK_OPTIONS @@ -72,10 +81,6 @@ $! Tell The User What Kind of Machine We Run On. $! $ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine." $! -$! Define The OBJ Directory Name. -$! -$ OBJ_DIR := SYS$DISK:[--.'ARCH'.OBJ.CRYPTO.DES] -$! $! Check To See If The Architecture Specific OBJ Directory Exists. $! $ IF (F$PARSE(OBJ_DIR).EQS."") @@ -89,10 +94,6 @@ $! End The Architecture Specific OBJ Directory Check. $! $ ENDIF $! -$! Define The EXE Directory Name. -$! -$ EXE_DIR :== SYS$DISK:[--.'ARCH'.EXE.CRYPTO.DES] -$! $! Check To See If The Architecture Specific Directory Exists. $! $ IF (F$PARSE(EXE_DIR).EQS."") @@ -564,7 +565,7 @@ $! $ IF (F$SEARCH(OPT_FILE).EQS."") $ THEN $! -$! Figure Out If We Need An AXP Or A VAX Linker Option File. +$! Figure Out If We Need An non-VAX Or A VAX Linker Option File. $! $ IF (F$GETSYI("CPU").LT.128) $ THEN @@ -584,19 +585,19 @@ $! Else... $! $ ELSE $! -$! Create The AXP Linker Option File. +$! Create The non-VAX Linker Option File. $! $ CREATE 'OPT_FILE' $DECK ! -! Default System Options File For AXP To Link Agianst +! Default System Options File For non-VAX To Link Agianst ! The Sharable C Runtime Library. ! SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE SYS$SHARE:CMA$OPEN_RTL/SHARE $EOD $! -$! End The VAX/AXP DEC C Option File Check. +$! End The DEC C Option File Check. $! $ ENDIF $! @@ -658,13 +659,13 @@ $! Else... $! $ ELSE $! -$! Else, Check To See If P1 Has A Valid Arguement. +$! Else, Check To See If P1 Has A Valid Argument. $! $ IF (P1.EQS."LIBRARY").OR.(P1.EQS."DESTEST").OR.(P1.EQS."SPEED") - .OR.(P1.EQS."RPW").OR.(P1.EQS."DES").OR.(P1.EQS."DES_OPTS") $ THEN $! -$! A Valid Arguement. +$! A Valid Argument. $! $ BUILDALL = P1 $! @@ -677,7 +678,7 @@ $! $ WRITE SYS$OUTPUT "" $ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" $ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT " ALL : Just Build Everything. +$ WRITE SYS$OUTPUT " ALL : Just Build Everything." $ WRITE SYS$OUTPUT " LIBRARY : To Compile Just The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library." $ WRITE SYS$OUTPUT " DESTEST : To Compile Just The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program." $ WRITE SYS$OUTPUT " SPEED : To Compile Just The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program." @@ -687,15 +688,16 @@ $ WRITE SYS$OUTPUT " DES_OPTS : To Compile Just The [.xxx.EXE.CRYTPO.DES $ WRITE SYS$OUTPUT "" $ WRITE SYS$OUTPUT " Where 'xxx' Stands For: " $ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT " AXP : Alpha Architecture." -$ WRITE SYS$OUTPUT " VAX : VAX Architecture." +$ WRITE SYS$OUTPUT " ALPHA : Alpha Architecture." +$ WRITE SYS$OUTPUT " IA64 : IA64 Architecture." +$ WRITE SYS$OUTPUT " VAX : VAX Architecture." $ WRITE SYS$OUTPUT "" $! $! Time To EXIT. $! $ EXIT $! -$! End The Valid Arguement Check. +$! End The Valid Argument Check. $! $ ENDIF $! @@ -752,7 +754,7 @@ $! Time To EXIT. $! $ EXIT $! -$! End The Valid Arguement Check. +$! End The Valid Argument Check. $! $ ENDIF $! @@ -817,7 +819,7 @@ $ ELSE $! $! Check To See If We Have VAXC Or DECC. $! -$ IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."") +$ IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."") $ THEN $! $! Looks Like DECC, Set To Use DECC. @@ -882,7 +884,7 @@ $ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + - $! $! Define The Linker Options File Name. $! -$ OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT" +$ OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT" $! $! End DECC Check. $! @@ -904,9 +906,9 @@ $! $! Compile Using VAXC. $! $ CC = "CC" -$ IF ARCH.EQS."AXP" +$ IF ARCH.NES."VAX" $ THEN -$ WRITE SYS$OUTPUT "There is no VAX C on Alpha!" +$ WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!" $ EXIT $ ENDIF $ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC" @@ -919,7 +921,7 @@ $ DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB] $! $! Define The Linker Options File Name. $! -$ OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT" +$ OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT" $! $! End VAXC Check $! @@ -944,7 +946,7 @@ $ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS $! $! Define The Linker Options File Name. $! -$ OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT" +$ OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT" $! $! End The GNU C Check. $! @@ -976,7 +978,7 @@ $! Show user the result $! $ WRITE SYS$OUTPUT "Main Compiling Command: ",CC $! -$! Else The User Entered An Invalid Arguement. +$! Else The User Entered An Invalid Argument. $! $ ELSE $! diff --git a/src/lib/libcrypto/des/des_enc.c b/src/lib/libcrypto/des/des_enc.c index 22701e0669..5c47553a5a 100644 --- a/src/lib/libcrypto/des/des_enc.c +++ b/src/lib/libcrypto/des/des_enc.c @@ -57,6 +57,7 @@ */ #include "des_locl.h" +#include "spr.h" #ifndef OPENBSD_DES_ASM @@ -109,12 +110,10 @@ void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc) D_ENCRYPT(l,r,28); /* 15 */ D_ENCRYPT(r,l,30); /* 16 */ #else - for (i=0; i<32; i+=8) + for (i=0; i<32; i+=4) { D_ENCRYPT(l,r,i+0); /* 1 */ D_ENCRYPT(r,l,i+2); /* 2 */ - D_ENCRYPT(l,r,i+4); /* 3 */ - D_ENCRYPT(r,l,i+6); /* 4 */ } #endif } @@ -138,12 +137,10 @@ void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc) D_ENCRYPT(l,r, 2); /* 2 */ D_ENCRYPT(r,l, 0); /* 1 */ #else - for (i=30; i>0; i-=8) + for (i=30; i>0; i-=4) { D_ENCRYPT(l,r,i-0); /* 16 */ D_ENCRYPT(r,l,i-2); /* 15 */ - D_ENCRYPT(l,r,i-4); /* 14 */ - D_ENCRYPT(r,l,i-6); /* 13 */ } #endif } @@ -205,12 +202,10 @@ void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc) D_ENCRYPT(l,r,28); /* 15 */ D_ENCRYPT(r,l,30); /* 16 */ #else - for (i=0; i<32; i+=8) + for (i=0; i<32; i+=4) { D_ENCRYPT(l,r,i+0); /* 1 */ D_ENCRYPT(r,l,i+2); /* 2 */ - D_ENCRYPT(l,r,i+4); /* 3 */ - D_ENCRYPT(r,l,i+6); /* 4 */ } #endif } @@ -234,12 +229,10 @@ void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc) D_ENCRYPT(l,r, 2); /* 2 */ D_ENCRYPT(r,l, 0); /* 1 */ #else - for (i=30; i>0; i-=8) + for (i=30; i>0; i-=4) { D_ENCRYPT(l,r,i-0); /* 16 */ D_ENCRYPT(r,l,i-2); /* 15 */ - D_ENCRYPT(l,r,i-4); /* 14 */ - D_ENCRYPT(r,l,i-6); /* 13 */ } #endif } @@ -293,8 +286,6 @@ void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1, #ifndef DES_DEFAULT_OPTIONS -#if !defined(OPENSSL_FIPS_DES_ASM) - #undef CBC_ENC_C__DONT_UPDATE_IV #include "ncbc_enc.c" /* DES_ncbc_encrypt */ @@ -410,6 +401,4 @@ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output, tin[0]=tin[1]=0; } -#endif - #endif /* DES_DEFAULT_OPTIONS */ diff --git a/src/lib/libcrypto/des/des_lib.c b/src/lib/libcrypto/des/des_lib.c deleted file mode 100644 index d4b3047932..0000000000 --- a/src/lib/libcrypto/des/des_lib.c +++ /dev/null @@ -1,106 +0,0 @@ -/* crypto/des/ecb_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" -#include "des_ver.h" -#include -#include - -OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT; -OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT; - -const char *DES_options(void) - { - static int init=1; - static char buf[32]; - - if (init) - { - const char *ptr,*unroll,*risc,*size; - -#ifdef DES_PTR - ptr="ptr"; -#else - ptr="idx"; -#endif -#if defined(DES_RISC1) || defined(DES_RISC2) -#ifdef DES_RISC1 - risc="risc1"; -#endif -#ifdef DES_RISC2 - risc="risc2"; -#endif -#else - risc="cisc"; -#endif -#ifdef DES_UNROLL - unroll="16"; -#else - unroll="4"; -#endif - if (sizeof(DES_LONG) != sizeof(long)) - size="int"; - else - size="long"; - BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll, - size); - init=0; - } - return(buf); - } - diff --git a/src/lib/libcrypto/des/des_locl.h b/src/lib/libcrypto/des/des_locl.h index 4b9ecff233..a3b512e9b0 100644 --- a/src/lib/libcrypto/des/des_locl.h +++ b/src/lib/libcrypto/des/des_locl.h @@ -61,7 +61,7 @@ #include -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) +#if defined(OPENSSL_SYS_WIN32) #ifndef OPENSSL_SYS_MSDOS #define OPENSSL_SYS_MSDOS #endif @@ -425,4 +425,8 @@ extern const DES_LONG DES_SPtrans[8][64]; void fcrypt_body(DES_LONG *out,DES_key_schedule *ks, DES_LONG Eswap0, DES_LONG Eswap1); + +#ifdef OPENSSL_SMALL_FOOTPRINT +#undef DES_UNROLL +#endif #endif diff --git a/src/lib/libcrypto/des/ecb_enc.c b/src/lib/libcrypto/des/ecb_enc.c index 75ae6cf8bb..0684e769b3 100644 --- a/src/lib/libcrypto/des/ecb_enc.c +++ b/src/lib/libcrypto/des/ecb_enc.c @@ -57,7 +57,53 @@ */ #include "des_locl.h" -#include "spr.h" +#include "des_ver.h" +#include +#include + +OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT; +OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT; + +const char *DES_options(void) + { + static int init=1; + static char buf[32]; + + if (init) + { + const char *ptr,*unroll,*risc,*size; + +#ifdef DES_PTR + ptr="ptr"; +#else + ptr="idx"; +#endif +#if defined(DES_RISC1) || defined(DES_RISC2) +#ifdef DES_RISC1 + risc="risc1"; +#endif +#ifdef DES_RISC2 + risc="risc2"; +#endif +#else + risc="cisc"; +#endif +#ifdef DES_UNROLL + unroll="16"; +#else + unroll="2"; +#endif + if (sizeof(DES_LONG) != sizeof(long)) + size="int"; + else + size="long"; + BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll, + size); + init=0; + } + return(buf); + } + void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, DES_key_schedule *ks, int enc) diff --git a/src/lib/libcrypto/des/enc_read.c b/src/lib/libcrypto/des/enc_read.c index e7da2ec66b..edb6620d08 100644 --- a/src/lib/libcrypto/des/enc_read.c +++ b/src/lib/libcrypto/des/enc_read.c @@ -63,7 +63,7 @@ /* This has some uglies in it but it works - even over sockets. */ /*extern int errno;*/ -OPENSSL_IMPLEMENT_GLOBAL(int,DES_rw_mode)=DES_PCBC_MODE; +OPENSSL_IMPLEMENT_GLOBAL(int,DES_rw_mode,DES_PCBC_MODE) /* @@ -87,6 +87,9 @@ OPENSSL_IMPLEMENT_GLOBAL(int,DES_rw_mode)=DES_PCBC_MODE; int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, DES_cblock *iv) { +#if defined(OPENSSL_NO_POSIX_IO) + return(0); +#else /* data to be unencrypted */ int net_num=0; static unsigned char *net=NULL; @@ -147,7 +150,7 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, /* first - get the length */ while (net_num < HDRSIZE) { -#ifndef _WIN32 +#ifndef OPENSSL_SYS_WIN32 i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num); #else i=_read(fd,(void *)&(net[net_num]),HDRSIZE-net_num); @@ -173,7 +176,11 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, net_num=0; while (net_num < rnum) { +#ifndef OPENSSL_SYS_WIN32 i=read(fd,(void *)&(net[net_num]),rnum-net_num); +#else + i=_read(fd,(void *)&(net[net_num]),rnum-net_num); +#endif #ifdef EINTR if ((i == -1) && (errno == EINTR)) continue; #endif @@ -228,5 +235,6 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, } } return num; +#endif /* OPENSSL_NO_POSIX_IO */ } diff --git a/src/lib/libcrypto/des/enc_writ.c b/src/lib/libcrypto/des/enc_writ.c index c2f032c9a6..2353ac1e89 100644 --- a/src/lib/libcrypto/des/enc_writ.c +++ b/src/lib/libcrypto/des/enc_writ.c @@ -80,6 +80,9 @@ int DES_enc_write(int fd, const void *_buf, int len, DES_key_schedule *sched, DES_cblock *iv) { +#if defined(OPENSSL_NO_POSIX_IO) + return (-1); +#else #ifdef _LIBC extern unsigned long time(); extern int write(); @@ -172,4 +175,5 @@ int DES_enc_write(int fd, const void *_buf, int len, } return(len); +#endif /* OPENSSL_NO_POSIX_IO */ } diff --git a/src/lib/libcrypto/des/fcrypt_b.c b/src/lib/libcrypto/des/fcrypt_b.c index c56b461e91..87fc71eb26 100644 --- a/src/lib/libcrypto/des/fcrypt_b.c +++ b/src/lib/libcrypto/des/fcrypt_b.c @@ -102,12 +102,10 @@ void fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0, #ifndef DES_UNROLL register int i; - for (i=0; i<32; i+=8) + for (i=0; i<32; i+=4) { D_ENCRYPT(l,r,i+0); /* 1 */ D_ENCRYPT(r,l,i+2); /* 2 */ - D_ENCRYPT(l,r,i+4); /* 1 */ - D_ENCRYPT(r,l,i+6); /* 2 */ } #else D_ENCRYPT(l,r, 0); /* 1 */ diff --git a/src/lib/libcrypto/des/rpc_des.h b/src/lib/libcrypto/des/rpc_des.h index efc474f00e..8263c512ab 100644 --- a/src/lib/libcrypto/des/rpc_des.h +++ b/src/lib/libcrypto/des/rpc_des.h @@ -124,10 +124,10 @@ struct desparams { /* * Encrypt an arbitrary sized buffer */ -#define DESIOCBLOCK _IOWR(d, 6, struct desparams) +#define DESIOCBLOCK _IOWR('d', 6, struct desparams) /* * Encrypt of small amount of data, quickly */ -#define DESIOCQUICK _IOWR(d, 7, struct desparams) +#define DESIOCQUICK _IOWR('d', 7, struct desparams) diff --git a/src/lib/libcrypto/des/set_key.c b/src/lib/libcrypto/des/set_key.c index c0806d593c..3004cc3ab3 100644 --- a/src/lib/libcrypto/des/set_key.c +++ b/src/lib/libcrypto/des/set_key.c @@ -64,12 +64,8 @@ * 1.0 First working version */ #include "des_locl.h" -#ifdef OPENSSL_FIPS -#include -#endif - -OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key); /* defaults to false */ +OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key,0) /* defaults to false */ static const unsigned char odd_parity[256]={ 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14, @@ -340,7 +336,7 @@ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule) void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule) { - static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0}; + static const int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0}; register DES_LONG c,d,t,s,t2; register const unsigned char *in; register DES_LONG *k; @@ -353,10 +349,6 @@ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule) k = &schedule->ks->deslong[0]; in = &(*key)[0]; -#ifdef OPENSSL_FIPS - FIPS_selftest_check(); -#endif - c2l(in,c); c2l(in,d); @@ -413,4 +405,3 @@ void des_fixup_key_parity(des_cblock *key) des_set_odd_parity(key); } */ - diff --git a/src/lib/libcrypto/des/times/aix.cc b/src/lib/libcrypto/des/times/aix.cc index e9b2e45751..d96b74e2ce 100644 --- a/src/lib/libcrypto/des/times/aix.cc +++ b/src/lib/libcrypto/des/times/aix.cc @@ -2,10 +2,10 @@ From: Paco Garcia This machine is a Bull Estrella Minitower Model MT604-100 Processor : PPC604 -P.Speed : 100MHz +P.Speed : 100Mhz Data/Instr Cache : 16 K L2 Cache : 256 K -PCI BUS Speed : 33 MHz +PCI BUS Speed : 33 Mhz TransfRate PCI : 132 MB/s Memory : 96 MB diff --git a/src/lib/libcrypto/des/xcbc_enc.c b/src/lib/libcrypto/des/xcbc_enc.c index dc0c761b71..058cab6bce 100644 --- a/src/lib/libcrypto/des/xcbc_enc.c +++ b/src/lib/libcrypto/des/xcbc_enc.c @@ -61,7 +61,7 @@ /* RSA's DESX */ #if 0 /* broken code, preserved just in case anyone specifically looks for this */ -static unsigned char desx_white_in2out[256]={ +static const unsigned char desx_white_in2out[256]={ 0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0, 0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A, 0x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36, diff --git a/src/lib/libcrypto/dh/Makefile b/src/lib/libcrypto/dh/Makefile index d01fa960eb..f23b4f7fde 100644 --- a/src/lib/libcrypto/dh/Makefile +++ b/src/lib/libcrypto/dh/Makefile @@ -17,8 +17,10 @@ TEST= dhtest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c -LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o +LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c \ + dh_ameth.c dh_pmeth.c dh_prn.c +LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o \ + dh_ameth.o dh_pmeth.o dh_prn.o SRC= $(LIBSRC) @@ -33,7 +35,7 @@ top: all: lib lib: $(LIBOBJ) - $(ARX) $(LIB) $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -74,6 +76,21 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. +dh_ameth.o: ../../e_os.h ../../include/openssl/asn1.h +dh_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dh_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dh_ameth.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h +dh_ameth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +dh_ameth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +dh_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +dh_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +dh_ameth.o: ../../include/openssl/opensslconf.h +dh_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dh_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +dh_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dh_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +dh_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h +dh_ameth.o: dh_ameth.c dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -129,11 +146,35 @@ dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h dh_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h -dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -dh_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dh_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -dh_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -dh_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dh_lib.c +dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +dh_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +dh_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +dh_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dh_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +dh_lib.o: ../cryptlib.h dh_lib.c +dh_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h +dh_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +dh_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +dh_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h +dh_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +dh_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +dh_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h +dh_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dh_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +dh_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dh_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +dh_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dh_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +dh_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h +dh_pmeth.o: dh_pmeth.c +dh_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +dh_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dh_prn.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h +dh_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h +dh_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dh_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +dh_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dh_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dh_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_prn.c diff --git a/src/lib/libcrypto/dh/Makefile.ssl b/src/lib/libcrypto/dh/Makefile.ssl deleted file mode 100644 index e05fc01a12..0000000000 --- a/src/lib/libcrypto/dh/Makefile.ssl +++ /dev/null @@ -1,133 +0,0 @@ -# -# SSLeay/crypto/dh/Makefile -# - -DIR= dh -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= dhtest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c -LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o - -SRC= $(LIBSRC) - -EXHEADER= dh.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h -dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c -dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h -dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dh_check.o: ../../include/openssl/opensslconf.h -dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c -dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dh_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dh_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -dh_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dh_err.o: ../../include/openssl/symhacks.h dh_err.c -dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h -dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dh_gen.o: ../cryptlib.h dh_gen.c -dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h -dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c -dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h -dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dh_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -dh_lib.o: ../cryptlib.h dh_lib.c diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h index 10475ac4b3..849309a489 100644 --- a/src/lib/libcrypto/dh/dh.h +++ b/src/lib/libcrypto/dh/dh.h @@ -77,8 +77,6 @@ # define OPENSSL_DH_MAX_MODULUS_BITS 10000 #endif -#define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 - #define DH_FLAG_CACHE_MONT_P 0x01 #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH * implementation now uses constant time @@ -159,7 +157,6 @@ struct dh_st this for backward compatibility: */ #define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME -#define DHparams_dup(x) ASN1_dup_of_const(DH,i2d_DHparams,d2i_DHparams,x) #define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \ (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x)) #define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \ @@ -167,12 +164,9 @@ struct dh_st #define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x) #define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x) -const DH_METHOD *DH_OpenSSL(void); +DH *DHparams_dup(DH *); -#ifdef OPENSSL_FIPS -DH * FIPS_dh_new(void); -void FIPS_dh_free(DH *dh); -#endif +const DH_METHOD *DH_OpenSSL(void); void DH_set_default_method(const DH_METHOD *meth); const DH_METHOD *DH_get_default_method(void); @@ -212,6 +206,18 @@ int DHparams_print(BIO *bp, const DH *x); int DHparams_print(char *bp, const DH *x); #endif +#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \ + EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL) + +#define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \ + EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL) + +#define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1) +#define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2) + + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -222,22 +228,31 @@ void ERR_load_DH_strings(void); /* Function codes. */ #define DH_F_COMPUTE_KEY 102 -#define DH_F_DHPARAMS_PRINT 100 #define DH_F_DHPARAMS_PRINT_FP 101 #define DH_F_DH_BUILTIN_GENPARAMS 106 -#define DH_F_DH_COMPUTE_KEY 107 -#define DH_F_DH_GENERATE_KEY 108 -#define DH_F_DH_GENERATE_PARAMETERS 109 #define DH_F_DH_NEW_METHOD 105 +#define DH_F_DH_PARAM_DECODE 107 +#define DH_F_DH_PRIV_DECODE 110 +#define DH_F_DH_PRIV_ENCODE 111 +#define DH_F_DH_PUB_DECODE 108 +#define DH_F_DH_PUB_ENCODE 109 +#define DH_F_DO_DH_PRINT 100 #define DH_F_GENERATE_KEY 103 #define DH_F_GENERATE_PARAMETERS 104 +#define DH_F_PKEY_DH_DERIVE 112 +#define DH_F_PKEY_DH_KEYGEN 113 /* Reason codes. */ #define DH_R_BAD_GENERATOR 101 +#define DH_R_BN_DECODE_ERROR 109 +#define DH_R_BN_ERROR 106 +#define DH_R_DECODE_ERROR 104 #define DH_R_INVALID_PUBKEY 102 -#define DH_R_KEY_SIZE_TOO_SMALL 104 +#define DH_R_KEYS_NOT_SET 108 #define DH_R_MODULUS_TOO_LARGE 103 +#define DH_R_NO_PARAMETERS_SET 107 #define DH_R_NO_PRIVATE_VALUE 100 +#define DH_R_PARAMETER_ENCODING_ERROR 105 #ifdef __cplusplus } diff --git a/src/lib/libcrypto/dh/dh_asn1.c b/src/lib/libcrypto/dh/dh_asn1.c index 76740af2bd..0b4357d605 100644 --- a/src/lib/libcrypto/dh/dh_asn1.c +++ b/src/lib/libcrypto/dh/dh_asn1.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -64,7 +64,8 @@ #include /* Override the default free and new methods */ -static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { if(operation == ASN1_OP_NEW_PRE) { *pval = (ASN1_VALUE *)DH_new(); @@ -85,3 +86,8 @@ ASN1_SEQUENCE_cb(DHparams, dh_cb) = { } ASN1_SEQUENCE_END_cb(DH, DHparams) IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams) + +DH *DHparams_dup(DH *dh) + { + return ASN1_item_dup(ASN1_ITEM_rptr(DHparams), dh); + } diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c index 316cb9221d..066898174e 100644 --- a/src/lib/libcrypto/dh/dh_check.c +++ b/src/lib/libcrypto/dh/dh_check.c @@ -70,8 +70,6 @@ * should hold. */ -#ifndef OPENSSL_FIPS - int DH_check(const DH *dh, int *ret) { int ok=0; @@ -130,11 +128,11 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) q=BN_new(); if (q == NULL) goto err; BN_set_word(q,1); - if (BN_cmp(pub_key,q) <= 0) + if (BN_cmp(pub_key,q)<=0) *ret|=DH_CHECK_PUBKEY_TOO_SMALL; BN_copy(q,dh->p); BN_sub_word(q,1); - if (BN_cmp(pub_key,q) >= 0) + if (BN_cmp(pub_key,q)>=0) *ret|=DH_CHECK_PUBKEY_TOO_LARGE; ok = 1; @@ -142,5 +140,3 @@ err: if (q != NULL) BN_free(q); return(ok); } - -#endif diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c index 13263c81c1..d5cf0c22a3 100644 --- a/src/lib/libcrypto/dh/dh_err.c +++ b/src/lib/libcrypto/dh/dh_err.c @@ -1,6 +1,6 @@ /* crypto/dh/dh_err.c */ /* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -71,25 +71,34 @@ static ERR_STRING_DATA DH_str_functs[]= { {ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"}, -{ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"}, {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, -{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"}, -{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"}, -{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"}, {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, +{ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"}, +{ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"}, +{ERR_FUNC(DH_F_DH_PRIV_ENCODE), "DH_PRIV_ENCODE"}, +{ERR_FUNC(DH_F_DH_PUB_DECODE), "DH_PUB_DECODE"}, +{ERR_FUNC(DH_F_DH_PUB_ENCODE), "DH_PUB_ENCODE"}, +{ERR_FUNC(DH_F_DO_DH_PRINT), "DO_DH_PRINT"}, {ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"}, {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"}, +{ERR_FUNC(DH_F_PKEY_DH_DERIVE), "PKEY_DH_DERIVE"}, +{ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "PKEY_DH_KEYGEN"}, {0,NULL} }; static ERR_STRING_DATA DH_str_reasons[]= { {ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, +{ERR_REASON(DH_R_BN_DECODE_ERROR) ,"bn decode error"}, +{ERR_REASON(DH_R_BN_ERROR) ,"bn error"}, +{ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, -{ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, +{ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"}, {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, +{ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"}, {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, +{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, {0,NULL} }; diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c index 999e1deb40..cfd5b11868 100644 --- a/src/lib/libcrypto/dh/dh_gen.c +++ b/src/lib/libcrypto/dh/dh_gen.c @@ -66,8 +66,6 @@ #include #include -#ifndef OPENSSL_FIPS - static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) @@ -175,5 +173,3 @@ err: } return ok; } - -#endif diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c index 79dd331863..e7db440342 100644 --- a/src/lib/libcrypto/dh/dh_key.c +++ b/src/lib/libcrypto/dh/dh_key.c @@ -62,8 +62,6 @@ #include #include -#ifndef OPENSSL_FIPS - static int generate_key(DH *dh); static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, @@ -263,5 +261,3 @@ static int dh_finish(DH *dh) BN_MONT_CTX_free(dh->method_mont_p); return(1); } - -#endif diff --git a/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod b/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod index 4612e708ec..fb6efc1182 100644 --- a/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod +++ b/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod @@ -6,7 +6,7 @@ DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data - add application specifi =head1 SYNOPSIS - #include + #include int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, diff --git a/src/lib/libcrypto/doc/EVP_DigestInit.pod b/src/lib/libcrypto/doc/EVP_DigestInit.pod index 236e2fa8d1..37a751b1c5 100644 --- a/src/lib/libcrypto/doc/EVP_DigestInit.pod +++ b/src/lib/libcrypto/doc/EVP_DigestInit.pod @@ -64,9 +64,9 @@ EVP digest routines The EVP digest routines are a high level interface to message digests. -EVP_MD_CTX_init() initializes digest contet B. +EVP_MD_CTX_init() initializes digest context B. -EVP_MD_CTX_create() allocates, initializes and returns a digest contet. +EVP_MD_CTX_create() allocates, initializes and returns a digest context. EVP_DigestInit_ex() sets up digest context B to use a digest B from ENGINE B. B must be initialized before calling this @@ -102,7 +102,7 @@ the passed context B does not have to be initialized, and it always uses the default digest implementation. EVP_DigestFinal() is similar to EVP_DigestFinal_ex() except the digest -contet B is automatically cleaned up. +context B is automatically cleaned up. EVP_MD_CTX_copy() is similar to EVP_MD_CTX_copy_ex() except the destination B does not have to be initialized. @@ -132,7 +132,9 @@ return B structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 dige algorithms respectively. The associated signature algorithm is RSA in each case. EVP_dss() and EVP_dss1() return B structures for SHA and SHA1 digest -algorithms but using DSS (DSA) for the signature algorithm. +algorithms but using DSS (DSA) for the signature algorithm. Note: there is +no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are +however retained for compatibility. EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it returns is of zero length. @@ -228,12 +230,6 @@ digest name passed on the command line. printf("\n"); } -=head1 BUGS - -The link between digests and signing algorithms results in a situation where -EVP_sha1() must be used with RSA and EVP_dss1() must be used with DSS -even though they are identical digests. - =head1 SEE ALSO L, L, L, @@ -253,4 +249,11 @@ EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were changed to return truely const EVP_MD * in OpenSSL 0.9.7. +The link between digests and signing algorithms was fixed in OpenSSL 1.0 and +later, so now EVP_sha1() can be used with RSA and DSA, there is no need to +use EVP_dss1() any more. + +OpenSSL 1.0 and later does not include the MD2 digest algorithm in the +default configuration due to its security weaknesses. + =cut diff --git a/src/lib/libcrypto/doc/EVP_SignInit.pod b/src/lib/libcrypto/doc/EVP_SignInit.pod index 0bace24938..781d43e401 100644 --- a/src/lib/libcrypto/doc/EVP_SignInit.pod +++ b/src/lib/libcrypto/doc/EVP_SignInit.pod @@ -77,6 +77,15 @@ will occur. Older versions of this documentation wrongly stated that calls to EVP_SignUpdate() could not be made after calling EVP_SignFinal(). +Since the private key is passed in the call to EVP_SignFinal() any error +relating to the private key (for example an unsuitable key and digest +combination) will not be indicated until after potentially large amounts of +data have been passed through EVP_SignUpdate(). + +It is not possible to change the signing parameters using these function. + +The previous two bugs are fixed in the newer EVP_SignDigest*() function. + =head1 SEE ALSO L, diff --git a/src/lib/libcrypto/doc/EVP_VerifyInit.pod b/src/lib/libcrypto/doc/EVP_VerifyInit.pod index b6afaedee5..9097f09410 100644 --- a/src/lib/libcrypto/doc/EVP_VerifyInit.pod +++ b/src/lib/libcrypto/doc/EVP_VerifyInit.pod @@ -67,6 +67,15 @@ will occur. Older versions of this documentation wrongly stated that calls to EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal(). +Since the public key is passed in the call to EVP_SignFinal() any error +relating to the private key (for example an unsuitable key and digest +combination) will not be indicated until after potentially large amounts of +data have been passed through EVP_SignUpdate(). + +It is not possible to change the signing parameters using these function. + +The previous two bugs are fixed in the newer EVP_VerifyDigest*() function. + =head1 SEE ALSO L, diff --git a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod index 279b29c873..aa6078bcf6 100644 --- a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod +++ b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod @@ -11,21 +11,21 @@ d2i_Netscape_RSA - RSA public and private key encoding functions. #include #include - RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); + RSA * d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length); int i2d_RSAPublicKey(RSA *a, unsigned char **pp); - RSA * d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, long length); + RSA * d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length); int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp); - RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); + RSA * d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length); int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()); - RSA * d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()); + RSA * d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()); =head1 DESCRIPTION diff --git a/src/lib/libcrypto/doc/evp.pod b/src/lib/libcrypto/doc/evp.pod index b3ca14314f..9faa349243 100644 --- a/src/lib/libcrypto/doc/evp.pod +++ b/src/lib/libcrypto/doc/evp.pod @@ -22,14 +22,24 @@ digital signatures. Symmetric encryption is available with the BI<...> functions. The BI<...> functions provide message digests. +The BI<...> functions provide a high level interface to +asymmetric algorithms. + Algorithms are loaded with OpenSSL_add_all_algorithms(3). -All the symmetric algorithms (ciphers) and digests can be replaced by ENGINE -modules providing alternative implementations. If ENGINE implementations of -ciphers or digests are registered as defaults, then the various EVP functions -will automatically use those implementations automatically in preference to -built in software implementations. For more information, consult the engine(3) -man page. +All the symmetric algorithms (ciphers), digests and asymmetric algorithms +(public key algorithms) can be replaced by ENGINE modules providing alternative +implementations. If ENGINE implementations of ciphers or digests are registered +as defaults, then the various EVP functions will automatically use those +implementations automatically in preference to built in software +implementations. For more information, consult the engine(3) man page. + +Although low level algorithm specific functions exist for many algorithms +their use is discouraged. They cannot be used with an ENGINE and ENGINE +versions of new algorithms cannot be accessed using the low level functions. +Also makes code harder to adapt to new algorithms and some options are not +cleanly supported at the low level and some operations are more efficient +using the high level interface. =head1 SEE ALSO diff --git a/src/lib/libcrypto/dsa/Makefile b/src/lib/libcrypto/dsa/Makefile index 2cc45cdc62..8073c4ecfe 100644 --- a/src/lib/libcrypto/dsa/Makefile +++ b/src/lib/libcrypto/dsa/Makefile @@ -18,14 +18,14 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \ - dsa_err.c dsa_ossl.c dsa_depr.c dsa_utl.c + dsa_err.c dsa_ossl.c dsa_depr.c dsa_ameth.c dsa_pmeth.c dsa_prn.c LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \ - dsa_err.o dsa_ossl.o dsa_depr.o dsa_utl.o + dsa_err.o dsa_ossl.o dsa_depr.o dsa_ameth.o dsa_pmeth.o dsa_prn.o SRC= $(LIBSRC) EXHEADER= dsa.h -HEADER= $(EXHEADER) +HEADER= dsa_locl.h $(EXHEADER) ALL= $(GENERAL) $(SRC) $(HEADER) @@ -35,7 +35,7 @@ top: all: lib lib: $(LIBOBJ) - $(ARX) $(LIB) $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -76,12 +76,27 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. +dsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h +dsa_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dsa_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h +dsa_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +dsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +dsa_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +dsa_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h +dsa_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dsa_ameth.o: ../../include/openssl/objects.h +dsa_ameth.o: ../../include/openssl/opensslconf.h +dsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +dsa_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dsa_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +dsa_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h +dsa_ameth.o: dsa_ameth.c dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h -dsa_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dsa_asn1.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h +dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dsa_asn1.o: ../../include/openssl/opensslconf.h dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h @@ -91,9 +106,8 @@ dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h -dsa_depr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -dsa_depr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -dsa_depr.o: ../../include/openssl/opensslconf.h +dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -110,13 +124,12 @@ dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h -dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -dsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_gen.o: ../cryptlib.h dsa_gen.c +dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c dsa_locl.h dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h @@ -132,14 +145,14 @@ dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h dsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h dsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h -dsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -dsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -dsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -dsa_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -dsa_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dsa_lib.c +dsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +dsa_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dsa_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +dsa_lib.o: ../cryptlib.h dsa_lib.c dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -148,40 +161,48 @@ dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dsa_ossl.o: ../../include/openssl/opensslconf.h dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_ossl.o: ../cryptlib.h dsa_ossl.c -dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h -dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dsa_ossl.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_ossl.c +dsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h +dsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +dsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +dsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +dsa_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +dsa_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +dsa_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h +dsa_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dsa_pmeth.o: ../../include/openssl/objects.h +dsa_pmeth.o: ../../include/openssl/opensslconf.h +dsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +dsa_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dsa_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +dsa_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h +dsa_pmeth.o: dsa_locl.h dsa_pmeth.c +dsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h +dsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +dsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +dsa_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +dsa_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +dsa_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +dsa_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +dsa_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dsa_prn.o: ../cryptlib.h dsa_prn.c +dsa_sign.o: ../../e_os.h ../../include/openssl/bio.h dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/fips.h -dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dsa_sign.o: ../../include/openssl/opensslconf.h dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h dsa_sign.o: ../cryptlib.h dsa_sign.c -dsa_utl.o: ../../e_os.h ../../include/openssl/asn1.h -dsa_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dsa_utl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_utl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -dsa_utl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -dsa_utl.o: ../../include/openssl/engine.h ../../include/openssl/err.h -dsa_utl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -dsa_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -dsa_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -dsa_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -dsa_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -dsa_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -dsa_utl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dsa_utl.c -dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h -dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h -dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dsa_vrf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h +dsa_vrf.o: ../../e_os.h ../../include/openssl/bio.h +dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c +dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dsa_vrf.o: ../cryptlib.h dsa_vrf.c diff --git a/src/lib/libcrypto/dsa/Makefile.ssl b/src/lib/libcrypto/dsa/Makefile.ssl deleted file mode 100644 index e5f8a8cf51..0000000000 --- a/src/lib/libcrypto/dsa/Makefile.ssl +++ /dev/null @@ -1,171 +0,0 @@ -# -# SSLeay/crypto/dsa/Makefile -# - -DIR= dsa -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=dsatest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \ - dsa_err.c dsa_ossl.c -LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \ - dsa_err.o dsa_ossl.o - -SRC= $(LIBSRC) - -EXHEADER= dsa.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h -dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dsa_asn1.o: ../../include/openssl/opensslconf.h -dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c -dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_err.o: dsa_err.c -dsa_gen.o: ../../e_os.h ../../include/openssl/aes.h -dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -dsa_gen.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h -dsa_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -dsa_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -dsa_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -dsa_gen.o: ../../include/openssl/ui_compat.h ../cryptlib.h dsa_gen.c -dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h -dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dsa_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_key.o: ../cryptlib.h dsa_key.c -dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h -dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c -dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h -dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_ossl.o: ../cryptlib.h dsa_ossl.c -dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h -dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_sign.o: ../cryptlib.h dsa_sign.c -dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h -dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h index 702c50d6dc..ac50a5c846 100644 --- a/src/lib/libcrypto/dsa/dsa.h +++ b/src/lib/libcrypto/dsa/dsa.h @@ -88,8 +88,6 @@ # define OPENSSL_DSA_MAX_MODULUS_BITS 10000 #endif -#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024 - #define DSA_FLAG_CACHE_MONT_P 0x01 #define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA * implementation now uses constant time @@ -99,25 +97,6 @@ * be used for all exponents. */ -/* If this flag is set the DSA method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its reposibility - * to ensure the result is compliant. - */ - -#define DSA_FLAG_FIPS_METHOD 0x0400 - -/* If this flag is set the operations normally disabled in FIPS mode are - * permitted it is then the applications responsibility to ensure that the - * usage is compliant. - */ - -#define DSA_FLAG_NON_FIPS_ALLOW 0x0400 - -#ifdef OPENSSL_FIPS -#define FIPS_DSA_SIZE_T int -#endif - #ifdef __cplusplus extern "C" { #endif @@ -139,7 +118,7 @@ struct dsa_method int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); + DSA_SIG *sig, DSA *dsa); int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont); @@ -152,7 +131,7 @@ struct dsa_method char *app_data; /* If this is non-NULL, it is used to generate DSA parameters */ int (*dsa_paramgen)(DSA *dsa, int bits, - unsigned char *seed, int seed_len, + const unsigned char *seed, int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); /* If this is non-NULL, it is used to generate DSA keys */ @@ -186,7 +165,6 @@ struct dsa_st ENGINE *engine; }; -#define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x) #define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \ (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x)) #define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ @@ -195,6 +173,7 @@ struct dsa_st #define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x) +DSA *DSAparams_dup(DSA *x); DSA_SIG * DSA_SIG_new(void); void DSA_SIG_free(DSA_SIG *a); int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); @@ -210,11 +189,6 @@ void DSA_set_default_method(const DSA_METHOD *); const DSA_METHOD *DSA_get_default_method(void); int DSA_set_method(DSA *dsa, const DSA_METHOD *); -#ifdef OPENSSL_FIPS -DSA * FIPS_dsa_new(void); -void FIPS_dsa_free (DSA *r); -#endif - DSA * DSA_new(void); DSA * DSA_new_method(ENGINE *engine); void DSA_free (DSA *r); @@ -246,7 +220,7 @@ DSA * DSA_generate_parameters(int bits, /* New version */ int DSA_generate_parameters_ex(DSA *dsa, int bits, - unsigned char *seed,int seed_len, + const unsigned char *seed,int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); int DSA_generate_key(DSA *a); @@ -275,10 +249,13 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off); DH *DSA_dup_DH(const DSA *r); #endif -#ifdef OPENSSL_FIPS -int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig); -int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen); -#endif +#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \ + EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL) + +#define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1) +#define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2) +#define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3) /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -290,33 +267,39 @@ void ERR_load_DSA_strings(void); /* Function codes. */ #define DSA_F_D2I_DSA_SIG 110 +#define DSA_F_DO_DSA_PRINT 104 #define DSA_F_DSAPARAMS_PRINT 100 #define DSA_F_DSAPARAMS_PRINT_FP 101 -#define DSA_F_DSA_BUILTIN_KEYGEN 119 -#define DSA_F_DSA_BUILTIN_PARAMGEN 118 #define DSA_F_DSA_DO_SIGN 112 #define DSA_F_DSA_DO_VERIFY 113 -#define DSA_F_DSA_GENERATE_PARAMETERS 117 #define DSA_F_DSA_NEW_METHOD 103 -#define DSA_F_DSA_PRINT 104 +#define DSA_F_DSA_PARAM_DECODE 119 #define DSA_F_DSA_PRINT_FP 105 -#define DSA_F_DSA_SET_DEFAULT_METHOD 115 -#define DSA_F_DSA_SET_METHOD 116 +#define DSA_F_DSA_PRIV_DECODE 115 +#define DSA_F_DSA_PRIV_ENCODE 116 +#define DSA_F_DSA_PUB_DECODE 117 +#define DSA_F_DSA_PUB_ENCODE 118 #define DSA_F_DSA_SIGN 106 #define DSA_F_DSA_SIGN_SETUP 107 #define DSA_F_DSA_SIG_NEW 109 #define DSA_F_DSA_VERIFY 108 #define DSA_F_I2D_DSA_SIG 111 +#define DSA_F_OLD_DSA_PRIV_DECODE 122 +#define DSA_F_PKEY_DSA_CTRL 120 +#define DSA_F_PKEY_DSA_KEYGEN 121 #define DSA_F_SIG_CB 114 /* Reason codes. */ #define DSA_R_BAD_Q_VALUE 102 +#define DSA_R_BN_DECODE_ERROR 108 +#define DSA_R_BN_ERROR 109 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 -#define DSA_R_KEY_SIZE_TOO_SMALL 106 +#define DSA_R_DECODE_ERROR 104 +#define DSA_R_INVALID_DIGEST_TYPE 106 #define DSA_R_MISSING_PARAMETERS 101 #define DSA_R_MODULUS_TOO_LARGE 103 -#define DSA_R_NON_FIPS_METHOD 104 -#define DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 105 +#define DSA_R_NO_PARAMETERS_SET 107 +#define DSA_R_PARAMETER_ENCODING_ERROR 105 #ifdef __cplusplus } diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c index 0645facb4b..c37460b2d6 100644 --- a/src/lib/libcrypto/dsa/dsa_asn1.c +++ b/src/lib/libcrypto/dsa/dsa_asn1.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -61,24 +61,23 @@ #include #include #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - /* Override the default new methods */ -static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { if(operation == ASN1_OP_NEW_PRE) { DSA_SIG *sig; sig = OPENSSL_malloc(sizeof(DSA_SIG)); + if (!sig) + { + DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); + return 0; + } sig->r = NULL; sig->s = NULL; *pval = (ASN1_VALUE *)sig; - if(sig) return 2; - DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); - return 0; + return 2; } return 1; } @@ -88,10 +87,11 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG,DSA_SIG,DSA_SIG) +IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) /* Override the default free and new methods */ -static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { if(operation == ASN1_OP_NEW_PRE) { *pval = (ASN1_VALUE *)DSA_new(); @@ -144,75 +144,7 @@ ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) -int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, - unsigned int *siglen, DSA *dsa) - { - DSA_SIG *s; -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) - { - DSAerr(DSA_F_DSA_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); - return 0; - } -#endif - s=DSA_do_sign(dgst,dlen,dsa); - if (s == NULL) - { - *siglen=0; - return(0); - } - *siglen=i2d_DSA_SIG(s,&sig); - DSA_SIG_free(s); - return(1); - } - -int DSA_size(const DSA *r) - { - int ret,i; - ASN1_INTEGER bs; - unsigned char buf[4]; /* 4 bytes looks really small. - However, i2d_ASN1_INTEGER() will not look - beyond the first byte, as long as the second - parameter is NULL. */ - - i=BN_num_bits(r->q); - bs.length=(i+7)/8; - bs.data=buf; - bs.type=V_ASN1_INTEGER; - /* If the top bit is set the asn1 encoding is 1 larger. */ - buf[0]=0xff; - - i=i2d_ASN1_INTEGER(&bs,NULL); - i+=i; /* r and s */ - ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); - return(ret); - } - -/* data has already been hashed (probably with SHA or SHA-1). */ -/* returns - * 1: correct signature - * 0: incorrect signature - * -1: error - */ -int DSA_verify(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int siglen, DSA *dsa) +DSA *DSAparams_dup(DSA *dsa) { - DSA_SIG *s; - int ret=-1; -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) - { - DSAerr(DSA_F_DSA_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); - return 0; - } -#endif - - s = DSA_SIG_new(); - if (s == NULL) return(ret); - if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; - ret=DSA_do_verify(dgst,dgst_len,s,dsa); -err: - DSA_SIG_free(s); - return(ret); + return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa); } - diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c index 872839af94..bba984e92e 100644 --- a/src/lib/libcrypto/dsa/dsa_err.c +++ b/src/lib/libcrypto/dsa/dsa_err.c @@ -1,6 +1,6 @@ /* crypto/dsa/dsa_err.c */ /* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -71,23 +71,26 @@ static ERR_STRING_DATA DSA_str_functs[]= { {ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"}, +{ERR_FUNC(DSA_F_DO_DSA_PRINT), "DO_DSA_PRINT"}, {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"}, {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"}, -{ERR_FUNC(DSA_F_DSA_BUILTIN_KEYGEN), "DSA_BUILTIN_KEYGEN"}, -{ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"}, {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"}, -{ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS), "DSA_generate_parameters"}, {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"}, -{ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"}, +{ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "DSA_PARAM_DECODE"}, {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"}, -{ERR_FUNC(DSA_F_DSA_SET_DEFAULT_METHOD), "DSA_set_default_method"}, -{ERR_FUNC(DSA_F_DSA_SET_METHOD), "DSA_set_method"}, +{ERR_FUNC(DSA_F_DSA_PRIV_DECODE), "DSA_PRIV_DECODE"}, +{ERR_FUNC(DSA_F_DSA_PRIV_ENCODE), "DSA_PRIV_ENCODE"}, +{ERR_FUNC(DSA_F_DSA_PUB_DECODE), "DSA_PUB_DECODE"}, +{ERR_FUNC(DSA_F_DSA_PUB_ENCODE), "DSA_PUB_ENCODE"}, {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"}, {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"}, {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"}, {ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"}, {ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"}, +{ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "OLD_DSA_PRIV_DECODE"}, +{ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "PKEY_DSA_CTRL"}, +{ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "PKEY_DSA_KEYGEN"}, {ERR_FUNC(DSA_F_SIG_CB), "SIG_CB"}, {0,NULL} }; @@ -95,12 +98,15 @@ static ERR_STRING_DATA DSA_str_functs[]= static ERR_STRING_DATA DSA_str_reasons[]= { {ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, +{ERR_REASON(DSA_R_BN_DECODE_ERROR) ,"bn decode error"}, +{ERR_REASON(DSA_R_BN_ERROR) ,"bn error"}, {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"}, -{ERR_REASON(DSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, +{ERR_REASON(DSA_R_DECODE_ERROR) ,"decode error"}, +{ERR_REASON(DSA_R_INVALID_DIGEST_TYPE) ,"invalid digest type"}, {ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, {ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, -{ERR_REASON(DSA_R_NON_FIPS_METHOD) ,"non fips method"}, -{ERR_REASON(DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, +{ERR_REASON(DSA_R_NO_PARAMETERS_SET) ,"no parameters set"}, +{ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, {0,NULL} }; diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c index 6f1728e3cf..0fcd25f8b0 100644 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ b/src/lib/libcrypto/dsa/dsa_gen.c @@ -74,69 +74,88 @@ #ifndef OPENSSL_NO_SHA #include -#include #include "cryptlib.h" #include #include -#include #include #include - -#ifndef OPENSSL_FIPS - -static int dsa_builtin_paramgen(DSA *ret, int bits, - unsigned char *seed_in, int seed_len, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); +#include "dsa_locl.h" int DSA_generate_parameters_ex(DSA *ret, int bits, - unsigned char *seed_in, int seed_len, + const unsigned char *seed_in, int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) { if(ret->meth->dsa_paramgen) return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, counter_ret, h_ret, cb); - return dsa_builtin_paramgen(ret, bits, seed_in, seed_len, - counter_ret, h_ret, cb); + else + { + const EVP_MD *evpmd; + size_t qbits = bits >= 2048 ? 256 : 160; + + if (bits >= 2048) + { + qbits = 256; + evpmd = EVP_sha256(); + } + else + { + qbits = 160; + evpmd = EVP_sha1(); + } + + return dsa_builtin_paramgen(ret, bits, qbits, evpmd, + seed_in, seed_len, counter_ret, h_ret, cb); + } } -static int dsa_builtin_paramgen(DSA *ret, int bits, - unsigned char *seed_in, int seed_len, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) +int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, + const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) { int ok=0; - unsigned char seed[SHA_DIGEST_LENGTH]; - unsigned char md[SHA_DIGEST_LENGTH]; - unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH]; + unsigned char seed[SHA256_DIGEST_LENGTH]; + unsigned char md[SHA256_DIGEST_LENGTH]; + unsigned char buf[SHA256_DIGEST_LENGTH],buf2[SHA256_DIGEST_LENGTH]; BIGNUM *r0,*W,*X,*c,*test; BIGNUM *g=NULL,*q=NULL,*p=NULL; BN_MONT_CTX *mont=NULL; - int k,n=0,i,b,m=0; + int i, k,n=0,b,m=0, qsize = qbits >> 3; int counter=0; int r=0; BN_CTX *ctx=NULL; unsigned int h=2; - if (bits < 512) bits=512; - bits=(bits+63)/64*64; + if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH && + qsize != SHA256_DIGEST_LENGTH) + /* invalid q size */ + return 0; + + if (evpmd == NULL) + /* use SHA1 as default */ + evpmd = EVP_sha1(); + + if (bits < 512) + bits = 512; + + bits = (bits+63)/64*64; /* NB: seed_len == 0 is special case: copy generated seed to * seed_in if it is not NULL. */ - if (seed_len && (seed_len < 20)) - seed_in = NULL; /* seed buffer too small -- ignore */ - if (seed_len > 20) - seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, - * but our internal buffers are restricted to 160 bits*/ - if ((seed_in != NULL) && (seed_len == 20)) - { - memcpy(seed,seed_in,seed_len); - /* set seed_in to NULL to avoid it being copied back */ - seed_in = NULL; - } - - if ((ctx=BN_CTX_new()) == NULL) goto err; + if (seed_len && (seed_len < (size_t)qsize)) + seed_in = NULL; /* seed buffer too small -- ignore */ + if (seed_len > (size_t)qsize) + seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED, + * but our internal buffers are restricted to 160 bits*/ + if (seed_in != NULL) + memcpy(seed, seed_in, seed_len); + + if ((ctx=BN_CTX_new()) == NULL) + goto err; - if ((mont=BN_MONT_CTX_new()) == NULL) goto err; + if ((mont=BN_MONT_CTX_new()) == NULL) + goto err; BN_CTX_start(ctx); r0 = BN_CTX_get(ctx); @@ -163,7 +182,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits, if (!seed_len) { - RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH); + RAND_pseudo_bytes(seed, qsize); seed_is_random = 1; } else @@ -171,25 +190,27 @@ static int dsa_builtin_paramgen(DSA *ret, int bits, seed_is_random = 0; seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/ } - memcpy(buf,seed,SHA_DIGEST_LENGTH); - memcpy(buf2,seed,SHA_DIGEST_LENGTH); + memcpy(buf , seed, qsize); + memcpy(buf2, seed, qsize); /* precompute "SEED + 1" for step 7: */ - for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) + for (i = qsize-1; i >= 0; i--) { buf[i]++; - if (buf[i] != 0) break; + if (buf[i] != 0) + break; } /* step 2 */ - EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); - EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL); - for (i=0; i= 0; i--) + for (i = qsize-1; i >= 0; i--) { buf[i]++; - if (buf[i] != 0) break; + if (buf[i] != 0) + break; } - EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); + EVP_Digest(buf, qsize, md ,NULL, evpmd, NULL); /* step 8 */ - if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) + if (!BN_bin2bn(md, qsize, r0)) goto err; - if (!BN_lshift(r0,r0,160*k)) goto err; + if (!BN_lshift(r0,r0,(qsize << 3)*k)) goto err; if (!BN_add(W,W,r0)) goto err; } @@ -309,7 +331,6 @@ err: ok=0; goto err; } - if (seed_in != NULL) memcpy(seed_in,seed,20); if (counter_ret != NULL) *counter_ret=counter; if (h_ret != NULL) *h_ret=h; } @@ -322,4 +343,3 @@ err: return ok; } #endif -#endif diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c index 5e39124230..c4aa86bc6d 100644 --- a/src/lib/libcrypto/dsa/dsa_key.c +++ b/src/lib/libcrypto/dsa/dsa_key.c @@ -64,8 +64,6 @@ #include #include -#ifndef OPENSSL_FIPS - static int dsa_builtin_keygen(DSA *dsa); int DSA_generate_key(DSA *dsa) @@ -128,5 +126,3 @@ err: return(ok); } #endif - -#endif diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c index 7ac9dc8c89..e9b75902db 100644 --- a/src/lib/libcrypto/dsa/dsa_lib.c +++ b/src/lib/libcrypto/dsa/dsa_lib.c @@ -76,14 +76,6 @@ static const DSA_METHOD *default_DSA_method = NULL; void DSA_set_default_method(const DSA_METHOD *meth) { -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) - { - DSAerr(DSA_F_DSA_SET_DEFAULT_METHOD, DSA_R_NON_FIPS_METHOD); - return; - } -#endif - default_DSA_method = meth; } @@ -104,13 +96,6 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) /* NB: The caller is specifically setting a method, so it's not up to us * to deal with which ENGINE it comes from. */ const DSA_METHOD *mtmp; -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) - { - DSAerr(DSA_F_DSA_SET_METHOD, DSA_R_NON_FIPS_METHOD); - return 0; - } -#endif mtmp = dsa->meth; if (mtmp->finish) mtmp->finish(dsa); #ifndef OPENSSL_NO_ENGINE @@ -162,18 +147,6 @@ DSA *DSA_new_method(ENGINE *engine) } } #endif -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)) - { - DSAerr(DSA_F_DSA_NEW_METHOD, DSA_R_NON_FIPS_METHOD); -#ifndef OPENSSL_NO_ENGINE - if (ret->engine) - ENGINE_finish(ret->engine); -#endif - OPENSSL_free(ret); - return NULL; - } -#endif ret->pad=0; ret->version=0; @@ -260,6 +233,28 @@ int DSA_up_ref(DSA *r) return ((i > 1) ? 1 : 0); } +int DSA_size(const DSA *r) + { + int ret,i; + ASN1_INTEGER bs; + unsigned char buf[4]; /* 4 bytes looks really small. + However, i2d_ASN1_INTEGER() will not look + beyond the first byte, as long as the second + parameter is NULL. */ + + i=BN_num_bits(r->q); + bs.length=(i+7)/8; + bs.data=buf; + bs.type=V_ASN1_INTEGER; + /* If the top bit is set the asn1 encoding is 1 larger. */ + buf[0]=0xff; + + i=i2d_ASN1_INTEGER(&bs,NULL); + i+=i; /* r and s */ + ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); + return(ret); + } + int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) { diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c index 412cf1d88b..4fead07e80 100644 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ b/src/lib/libcrypto/dsa/dsa_ossl.c @@ -61,16 +61,15 @@ #include #include "cryptlib.h" #include +#include #include #include #include -#ifndef OPENSSL_FIPS - static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, - DSA *dsa); + DSA *dsa); static int dsa_init(DSA *dsa); static int dsa_finish(DSA *dsa); @@ -135,7 +134,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) BIGNUM m; BIGNUM xr; BN_CTX *ctx=NULL; - int i,reason=ERR_R_BN_LIB; + int reason=ERR_R_BN_LIB; DSA_SIG *ret=NULL; BN_init(&m); @@ -150,8 +149,9 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) s=BN_new(); if (s == NULL) goto err; - i=BN_num_bytes(dsa->q); /* should be 20 */ - if ((dlen > i) || (dlen > 50)) + /* reject a excessive digest length (currently at most + * dsa-with-SHA256 is supported) */ + if (dlen > SHA256_DIGEST_LENGTH) { reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; goto err; @@ -172,7 +172,14 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) dsa->r=NULL; } - if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err; + + if (dlen > BN_num_bytes(dsa->q)) + /* if the digest length is greater than the size of q use the + * BN_num_bits(dsa->q) leftmost bits of the digest, see + * fips 186-3, 4.2 */ + dlen = BN_num_bytes(dsa->q); + if (BN_bin2bn(dgst,dlen,&m) == NULL) + goto err; /* Compute s = inv(k) (m + xr) mod q */ if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ @@ -283,30 +290,31 @@ err: if (!ret) { DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB); - if (kinv != NULL) BN_clear_free(kinv); - if (r != NULL) BN_clear_free(r); + if (r != NULL) + BN_clear_free(r); } if (ctx_in == NULL) BN_CTX_free(ctx); - if (kinv != NULL) BN_clear_free(kinv); BN_clear_free(&k); BN_clear_free(&kq); return(ret); } static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, - DSA *dsa) + DSA *dsa) { BN_CTX *ctx; BIGNUM u1,u2,t1; BN_MONT_CTX *mont=NULL; - int ret = -1; + int ret = -1, i; if (!dsa->p || !dsa->q || !dsa->g) { DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS); return -1; } - if (BN_num_bits(dsa->q) != 160) + i = BN_num_bits(dsa->q); + /* fips 186-3 allows only different sizes for q */ + if (i != 160 && i != 224 && i != 256) { DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE); return -1; @@ -318,6 +326,14 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, return -1; } + /* reject a excessive digest length (currently at most + * dsa-with-SHA256 is supported) */ + if (dgst_len > SHA256_DIGEST_LENGTH) + { + DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + return -1; + } + BN_init(&u1); BN_init(&u2); BN_init(&t1); @@ -342,6 +358,11 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err; /* save M in u1 */ + if (dgst_len > (i >> 3)) + /* if the digest length is greater than the size of q use the + * BN_num_bits(dsa->q) leftmost bits of the digest, see + * fips 186-3, 4.2 */ + dgst_len = (i >> 3); if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err; /* u1 = M * w mod q */ @@ -393,4 +414,3 @@ static int dsa_finish(DSA *dsa) return(1); } -#endif diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c index 4cfbbe57a8..17555e5892 100644 --- a/src/lib/libcrypto/dsa/dsa_sign.c +++ b/src/lib/libcrypto/dsa/dsa_sign.c @@ -58,38 +58,33 @@ /* Original version from Steven Schoch */ -#include #include "cryptlib.h" -#include #include #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) { -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) - { - DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); - return NULL; - } -#endif return dsa->meth->dsa_do_sign(dgst, dlen, dsa); } -int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) +int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, + unsigned int *siglen, DSA *dsa) { -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) + DSA_SIG *s; + RAND_seed(dgst, dlen); + s=DSA_do_sign(dgst,dlen,dsa); + if (s == NULL) { - DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); - return 0; + *siglen=0; + return(0); } -#endif + *siglen=i2d_DSA_SIG(s,&sig); + DSA_SIG_free(s); + return(1); + } + +int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) + { return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); } diff --git a/src/lib/libcrypto/dsa/dsa_utl.c b/src/lib/libcrypto/dsa/dsa_utl.c deleted file mode 100644 index 24c021d120..0000000000 --- a/src/lib/libcrypto/dsa/dsa_utl.c +++ /dev/null @@ -1,95 +0,0 @@ -/* crypto/dsa/dsa_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch */ - -#include -#include "cryptlib.h" -#include -#include -#include -#ifndef OPENSSL_NO_ENGINE -#include -#endif -#ifndef OPENSSL_NO_DH -#include -#endif - -DSA_SIG *DSA_SIG_new(void) - { - DSA_SIG *sig; - sig = OPENSSL_malloc(sizeof(DSA_SIG)); - if (!sig) - return NULL; - sig->r = NULL; - sig->s = NULL; - return sig; - } - -void DSA_SIG_free(DSA_SIG *sig) - { - if (sig) - { - if (sig->r) - BN_free(sig->r); - if (sig->s) - BN_free(sig->s); - OPENSSL_free(sig); - } - } - diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c index c75e423048..226a75ff3f 100644 --- a/src/lib/libcrypto/dsa/dsa_vrf.c +++ b/src/lib/libcrypto/dsa/dsa_vrf.c @@ -58,27 +58,32 @@ /* Original version from Steven Schoch */ -#include #include "cryptlib.h" -#include #include -#include -#include -#ifdef OPENSSL_FIPS -#include -#endif - -#include int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) { -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) - { - DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); - return 0; - } -#endif return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); } + +/* data has already been hashed (probably with SHA or SHA-1). */ +/* returns + * 1: correct signature + * 0: incorrect signature + * -1: error + */ +int DSA_verify(int type, const unsigned char *dgst, int dgst_len, + const unsigned char *sigbuf, int siglen, DSA *dsa) + { + DSA_SIG *s; + int ret=-1; + + s = DSA_SIG_new(); + if (s == NULL) return(ret); + if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; + ret=DSA_do_verify(dgst,dgst_len,s,dsa); +err: + DSA_SIG_free(s); + return(ret); + } diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c index 912317bb44..edffd24e6b 100644 --- a/src/lib/libcrypto/dsa/dsatest.c +++ b/src/lib/libcrypto/dsa/dsatest.c @@ -169,7 +169,6 @@ int main(int argc, char **argv) } BIO_printf(bio_err,"\ncounter=%d h=%ld\n",counter,h); - if (dsa == NULL) goto end; DSA_print(bio_err,dsa,0); if (counter != 105) { @@ -223,7 +222,7 @@ end: ERR_print_errors(bio_err); if (dsa != NULL) DSA_free(dsa); CRYPTO_cleanup_all_ex_data(); - ERR_remove_state(0); + ERR_remove_thread_state(NULL); ERR_free_strings(); CRYPTO_mem_leaks(bio_err); if (bio_err != NULL) diff --git a/src/lib/libcrypto/dso/Makefile.ssl b/src/lib/libcrypto/dso/Makefile.ssl deleted file mode 100644 index c0449d184e..0000000000 --- a/src/lib/libcrypto/dso/Makefile.ssl +++ /dev/null @@ -1,142 +0,0 @@ -# -# SSLeay/crypto/dso/Makefile -# - -DIR= dso -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \ - dso_openssl.c dso_win32.c dso_vms.c -LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o dso_null.o \ - dso_openssl.o dso_win32.o dso_vms.o - -SRC= $(LIBSRC) - -EXHEADER= dso.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -dso_dl.o: ../../e_os.h ../../include/openssl/bio.h -dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_dl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_dl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dl.c -dso_dlfcn.o: ../../e_os.h ../../include/openssl/bio.h -dso_dlfcn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dso_dlfcn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dso_dlfcn.o: ../../include/openssl/opensslconf.h -dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -dso_dlfcn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dso_dlfcn.o: ../cryptlib.h dso_dlfcn.c -dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -dso_err.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -dso_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dso_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_err.o: ../../include/openssl/symhacks.h dso_err.c -dso_lib.o: ../../e_os.h ../../include/openssl/bio.h -dso_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dso_lib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_lib.c -dso_null.o: ../../e_os.h ../../include/openssl/bio.h -dso_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dso_null.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dso_null.o: ../../include/openssl/opensslconf.h -dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -dso_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dso_null.o: ../cryptlib.h dso_null.c -dso_openssl.o: ../../e_os.h ../../include/openssl/bio.h -dso_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dso_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dso_openssl.o: ../../include/openssl/opensslconf.h -dso_openssl.o: ../../include/openssl/opensslv.h -dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_openssl.c -dso_vms.o: ../../e_os.h ../../include/openssl/bio.h -dso_vms.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dso_vms.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_vms.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_vms.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_vms.c -dso_win32.o: ../../e_os.h ../../include/openssl/bio.h -dso_win32.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dso_win32.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -dso_win32.o: ../../include/openssl/opensslconf.h -dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -dso_win32.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dso_win32.o: ../cryptlib.h dso_win32.c diff --git a/src/lib/libcrypto/dso/dso.h b/src/lib/libcrypto/dso/dso.h index 3e51913a72..839f2e0617 100644 --- a/src/lib/libcrypto/dso/dso.h +++ b/src/lib/libcrypto/dso/dso.h @@ -170,6 +170,11 @@ typedef struct dso_meth_st /* [De]Initialisation handlers. */ int (*init)(DSO *dso); int (*finish)(DSO *dso); + + /* Return pathname of the module containing location */ + int (*pathbyaddr)(void *addr,char *path,int sz); + /* Perform global symbol lookup, i.e. among *all* modules */ + void *(*globallookup)(const char *symname); } DSO_METHOD; /**********************************************************************/ @@ -183,7 +188,7 @@ struct dso_st * for use in the dso_bind handler. All in all, let each * method control its own destiny. "Handles" and such go in * a STACK. */ - STACK *meth_data; + STACK_OF(void) *meth_data; int references; int flags; /* For use by applications etc ... use this for your bits'n'pieces, @@ -296,6 +301,30 @@ DSO_METHOD *DSO_METHOD_win32(void); /* If VMS is defined, use shared images. If not, return NULL. */ DSO_METHOD *DSO_METHOD_vms(void); +/* This function writes null-terminated pathname of DSO module + * containing 'addr' into 'sz' large caller-provided 'path' and + * returns the number of characters [including trailing zero] + * written to it. If 'sz' is 0 or negative, 'path' is ignored and + * required amount of charachers [including trailing zero] to + * accomodate pathname is returned. If 'addr' is NULL, then + * pathname of cryptolib itself is returned. Negative or zero + * return value denotes error. + */ +int DSO_pathbyaddr(void *addr,char *path,int sz); + +/* This function should be used with caution! It looks up symbols in + * *all* loaded modules and if module gets unloaded by somebody else + * attempt to dereference the pointer is doomed to have fatal + * consequences. Primary usage for this function is to probe *core* + * system functionality, e.g. check if getnameinfo(3) is available + * at run-time without bothering about OS-specific details such as + * libc.so.versioning or where does it actually reside: in libc + * itself or libsocket. */ +void *DSO_global_lookup(const char *name); + +/* If BeOS is defined, use shared images. If not, return NULL. */ +DSO_METHOD *DSO_METHOD_beos(void); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -305,6 +334,11 @@ void ERR_load_DSO_strings(void); /* Error codes for the DSO functions. */ /* Function codes. */ +#define DSO_F_BEOS_BIND_FUNC 144 +#define DSO_F_BEOS_BIND_VAR 145 +#define DSO_F_BEOS_LOAD 146 +#define DSO_F_BEOS_NAME_CONVERTER 147 +#define DSO_F_BEOS_UNLOAD 148 #define DSO_F_DLFCN_BIND_FUNC 100 #define DSO_F_DLFCN_BIND_VAR 101 #define DSO_F_DLFCN_LOAD 102 @@ -324,22 +358,29 @@ void ERR_load_DSO_strings(void); #define DSO_F_DSO_FREE 111 #define DSO_F_DSO_GET_FILENAME 127 #define DSO_F_DSO_GET_LOADED_FILENAME 128 +#define DSO_F_DSO_GLOBAL_LOOKUP 139 #define DSO_F_DSO_LOAD 112 #define DSO_F_DSO_MERGE 132 #define DSO_F_DSO_NEW_METHOD 113 +#define DSO_F_DSO_PATHBYADDR 140 #define DSO_F_DSO_SET_FILENAME 129 #define DSO_F_DSO_SET_NAME_CONVERTER 122 #define DSO_F_DSO_UP_REF 114 +#define DSO_F_GLOBAL_LOOKUP_FUNC 138 +#define DSO_F_PATHBYADDR 137 #define DSO_F_VMS_BIND_SYM 115 #define DSO_F_VMS_LOAD 116 #define DSO_F_VMS_MERGER 133 #define DSO_F_VMS_UNLOAD 117 #define DSO_F_WIN32_BIND_FUNC 118 #define DSO_F_WIN32_BIND_VAR 119 +#define DSO_F_WIN32_GLOBALLOOKUP 142 +#define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143 #define DSO_F_WIN32_JOINER 135 #define DSO_F_WIN32_LOAD 120 #define DSO_F_WIN32_MERGER 134 #define DSO_F_WIN32_NAME_CONVERTER 125 +#define DSO_F_WIN32_PATHBYADDR 141 #define DSO_F_WIN32_SPLITTER 136 #define DSO_F_WIN32_UNLOAD 121 diff --git a/src/lib/libcrypto/dso/dso_dl.c b/src/lib/libcrypto/dso/dso_dl.c index 417abb6ea9..c3b4f6cf45 100644 --- a/src/lib/libcrypto/dso/dso_dl.c +++ b/src/lib/libcrypto/dso/dso_dl.c @@ -85,6 +85,8 @@ static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg); #endif static char *dl_name_converter(DSO *dso, const char *filename); static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2); +static int dl_pathbyaddr(void *addr,char *path,int sz); +static void *dl_globallookup(const char *name); static DSO_METHOD dso_meth_dl = { "OpenSSL 'dl' shared library method", @@ -101,7 +103,9 @@ static DSO_METHOD dso_meth_dl = { dl_name_converter, dl_merger, NULL, /* init */ - NULL /* finish */ + NULL, /* finish */ + dl_pathbyaddr, + dl_globallookup }; DSO_METHOD *DSO_METHOD_dl(void) @@ -255,18 +259,20 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) same goes if the second file specification is missing. */ if (!filespec2 || filespec1[0] == '/') { - merged = OPENSSL_malloc(strlen(filespec1) + 1); + size_t len = strlen(filespec1) + 1; + merged = OPENSSL_malloc(len); if(!merged) { DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE); return(NULL); } - strcpy(merged, filespec1); + memcpy(merged, filespec1, len); } /* If the first file specification is missing, the second one rules. */ else if (!filespec1) { + size_t len = strlen(filespec2) + 1; merged = OPENSSL_malloc(strlen(filespec2) + 1); if(!merged) { @@ -274,7 +280,7 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) ERR_R_MALLOC_FAILURE); return(NULL); } - strcpy(merged, filespec2); + memcpy(merged, filespec2, len); } else /* This part isn't as trivial as it looks. It assumes that @@ -283,7 +289,7 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) the concatenation of filespec2 followed by a slash followed by filespec1. */ { - int spec2len, len; + size_t spec2len, len; spec2len = (filespec2 ? strlen(filespec2) : 0); len = spec2len + (filespec1 ? strlen(filespec1) : 0); @@ -300,9 +306,9 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) ERR_R_MALLOC_FAILURE); return(NULL); } - strcpy(merged, filespec2); + strlcpy(merged, filespec2, len + 2); merged[spec2len] = '/'; - strcpy(&merged[spec2len + 1], filespec1); + strlcpy(&merged[spec2len + 1], filespec1, 1 + len - spec2len); } return(merged); } @@ -350,4 +356,40 @@ static char *dl_name_converter(DSO *dso, const char *filename) return(translated); } +static int dl_pathbyaddr(void *addr,char *path,int sz) + { + struct shl_descriptor inf; + int i,len; + + if (addr == NULL) + { + union { int(*f)(void*,char*,int); void *p; } t = + { dl_pathbyaddr }; + addr = t.p; + } + + for (i=-1;shl_get_r(i,&inf)==0;i++) + { + if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) || + ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend)) + { + len = (int)strlen(inf.filename); + if (sz <= 0) return len+1; + if (len >= sz) len=sz-1; + memcpy(path,inf.filename,len); + path[len++] = 0; + return len; + } + } + + return -1; + } + +static void *dl_globallookup(const char *name) + { + void *ret; + shl_t h = NULL; + + return shl_findsym(&h,name,TYPE_UNDEFINED,&ret) ? NULL : ret; + } #endif /* DSO_DL */ diff --git a/src/lib/libcrypto/dso/dso_dlfcn.c b/src/lib/libcrypto/dso/dso_dlfcn.c index 656cd496f8..5dceaf7b00 100644 --- a/src/lib/libcrypto/dso/dso_dlfcn.c +++ b/src/lib/libcrypto/dso/dso_dlfcn.c @@ -56,6 +56,16 @@ * */ +/* We need to do this early, because stdio.h includes the header files + that handle _GNU_SOURCE and other similar macros. Defining it later + is simply too late, because those headers are protected from re- + inclusion. */ +#ifdef __linux +# ifndef _GNU_SOURCE +# define _GNU_SOURCE /* make sure dladdr is declared */ +# endif +#endif + #include #include "cryptlib.h" #include @@ -68,7 +78,16 @@ DSO_METHOD *DSO_METHOD_dlfcn(void) #else #ifdef HAVE_DLFCN_H -#include +# ifdef __osf__ +# define __EXTENSIONS__ +# endif +# include +# define HAVE_DLINFO 1 +# if defined(_AIX) || defined(__CYGWIN__) || \ + defined(__SCO_VERSION__) || defined(_SCO_ELF) || \ + (defined(__OpenBSD__) && !defined(RTLD_SELF)) +# undef HAVE_DLINFO +# endif #endif /* Part of the hack in "dlfcn_load" ... */ @@ -87,6 +106,8 @@ static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg); static char *dlfcn_name_converter(DSO *dso, const char *filename); static char *dlfcn_merger(DSO *dso, const char *filespec1, const char *filespec2); +static int dlfcn_pathbyaddr(void *addr,char *path,int sz); +static void *dlfcn_globallookup(const char *name); static DSO_METHOD dso_meth_dlfcn = { "OpenSSL 'dlfcn' shared library method", @@ -103,7 +124,9 @@ static DSO_METHOD dso_meth_dlfcn = { dlfcn_name_converter, dlfcn_merger, NULL, /* init */ - NULL /* finish */ + NULL, /* finish */ + dlfcn_pathbyaddr, + dlfcn_globallookup }; DSO_METHOD *DSO_METHOD_dlfcn(void) @@ -163,7 +186,7 @@ static int dlfcn_load(DSO *dso) ERR_add_error_data(4, "filename(", filename, "): ", dlerror()); goto err; } - if(!sk_push(dso->meth_data, (char *)ptr)) + if(!sk_void_push(dso->meth_data, (char *)ptr)) { DSOerr(DSO_F_DLFCN_LOAD,DSO_R_STACK_ERROR); goto err; @@ -188,15 +211,15 @@ static int dlfcn_unload(DSO *dso) DSOerr(DSO_F_DLFCN_UNLOAD,ERR_R_PASSED_NULL_PARAMETER); return(0); } - if(sk_num(dso->meth_data) < 1) + if(sk_void_num(dso->meth_data) < 1) return(1); - ptr = (void *)sk_pop(dso->meth_data); + ptr = sk_void_pop(dso->meth_data); if(ptr == NULL) { DSOerr(DSO_F_DLFCN_UNLOAD,DSO_R_NULL_HANDLE); /* Should push the value back onto the stack in * case of a retry. */ - sk_push(dso->meth_data, (char *)ptr); + sk_void_push(dso->meth_data, ptr); return(0); } /* For now I'm not aware of any errors associated with dlclose() */ @@ -213,12 +236,12 @@ static void *dlfcn_bind_var(DSO *dso, const char *symname) DSOerr(DSO_F_DLFCN_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER); return(NULL); } - if(sk_num(dso->meth_data) < 1) + if(sk_void_num(dso->meth_data) < 1) { DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_STACK_ERROR); return(NULL); } - ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1); + ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1); if(ptr == NULL) { DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_NULL_HANDLE); @@ -237,32 +260,35 @@ static void *dlfcn_bind_var(DSO *dso, const char *symname) static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) { void *ptr; - DSO_FUNC_TYPE sym, *tsym = &sym; + union { + DSO_FUNC_TYPE sym; + void *dlret; + } u; if((dso == NULL) || (symname == NULL)) { DSOerr(DSO_F_DLFCN_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER); return(NULL); } - if(sk_num(dso->meth_data) < 1) + if(sk_void_num(dso->meth_data) < 1) { DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_STACK_ERROR); return(NULL); } - ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1); + ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1); if(ptr == NULL) { DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE); return(NULL); } - *(void **)(tsym) = dlsym(ptr, symname); - if(sym == NULL) + u.dlret = dlsym(ptr, symname); + if(u.dlret == NULL) { DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE); ERR_add_error_data(4, "symname(", symname, "): ", dlerror()); return(NULL); } - return(sym); + return u.sym; } static char *dlfcn_merger(DSO *dso, const char *filespec1, @@ -279,14 +305,13 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1, } /* If the first file specification is a rooted path, it rules. same goes if the second file specification is missing. */ - if (!filespec2 || filespec1[0] == '/') + if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) { len = strlen(filespec1) + 1; merged = OPENSSL_malloc(len); if(!merged) { - DSOerr(DSO_F_DLFCN_MERGER, - ERR_R_MALLOC_FAILURE); + DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE); return(NULL); } strlcpy(merged, filespec1, len); @@ -313,7 +338,7 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1, { int spec2len, len; - spec2len = (filespec2 ? strlen(filespec2) : 0); + spec2len = strlen(filespec2); len = spec2len + (filespec1 ? strlen(filespec1) : 0); if(filespec2 && filespec2[spec2len - 1] == '/') @@ -335,6 +360,15 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1, return(merged); } +#ifdef OPENSSL_SYS_MACOSX +#define DSO_ext ".dylib" +#define DSO_extlen 6 +#else +#define DSO_ext ".so" +#define DSO_extlen 3 +#endif + + static char *dlfcn_name_converter(DSO *dso, const char *filename) { char *translated; @@ -345,8 +379,8 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename) transform = (strstr(filename, "/") == NULL); if(transform) { - /* We will convert this to "%s.so" or "lib%s.so" */ - rsize += 3; /* The length of ".so" */ + /* We will convert this to "%s.so" or "lib%s.so" etc */ + rsize += DSO_extlen; /* The length of ".so" */ if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0) rsize += 3; /* The length of "lib" */ } @@ -360,13 +394,92 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename) if(transform) { if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0) - snprintf(translated, rsize, "lib%s.so", filename); + snprintf(translated, rsize, "lib%s" DSO_ext, filename); else - snprintf(translated, rsize, "%s.so", filename); + snprintf(translated, rsize, "%s" DSO_ext, filename); } else snprintf(translated, rsize, "%s", filename); return(translated); } +#if defined(__sgi) && !defined(__OpenBSD__) +/* +This is a quote from IRIX manual for dladdr(3c): + + does not contain a prototype for dladdr or definition of + Dl_info. The #include in the SYNOPSIS line is traditional, + but contains no dladdr prototype and no IRIX library contains an + implementation. Write your own declaration based on the code below. + + The following code is dependent on internal interfaces that are not + part of the IRIX compatibility guarantee; however, there is no future + intention to change this interface, so on a practical level, the code + below is safe to use on IRIX. +*/ +#include +#ifndef _RLD_INTERFACE_DLFCN_H_DLADDR +#define _RLD_INTERFACE_DLFCN_H_DLADDR +typedef struct Dl_info { + const char * dli_fname; + void * dli_fbase; + const char * dli_sname; + void * dli_saddr; + int dli_version; + int dli_reserved1; + long dli_reserved[4]; +} Dl_info; +#else +typedef struct Dl_info Dl_info; +#endif +#define _RLD_DLADDR 14 + +static int dladdr(void *address, Dl_info *dl) +{ + void *v; + v = _rld_new_interface(_RLD_DLADDR,address,dl); + return (int)v; +} +#endif /* __sgi */ + +static int dlfcn_pathbyaddr(void *addr,char *path,int sz) + { +#ifdef HAVE_DLINFO + Dl_info dli; + int len; + + if (addr == NULL) + { + union { int(*f)(void*,char*,int); void *p; } t = + { dlfcn_pathbyaddr }; + addr = t.p; + } + + if (dladdr(addr,&dli)) + { + len = (int)strlen(dli.dli_fname); + if (sz <= 0) return len+1; + if (len >= sz) len=sz-1; + memcpy(path,dli.dli_fname,len); + path[len++]=0; + return len; + } + + ERR_add_error_data(4, "dlfcn_pathbyaddr(): ", dlerror()); +#endif + return -1; + } + +static void *dlfcn_globallookup(const char *name) + { + void *ret = NULL,*handle = dlopen(NULL,RTLD_LAZY); + + if (handle) + { + ret = dlsym(handle,name); + dlclose(handle); + } + + return ret; + } #endif /* DSO_DLFCN */ diff --git a/src/lib/libcrypto/dso/dso_err.c b/src/lib/libcrypto/dso/dso_err.c index a8b0a210de..2bb07c2514 100644 --- a/src/lib/libcrypto/dso/dso_err.c +++ b/src/lib/libcrypto/dso/dso_err.c @@ -1,6 +1,6 @@ /* crypto/dso/dso_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,6 +70,11 @@ static ERR_STRING_DATA DSO_str_functs[]= { +{ERR_FUNC(DSO_F_BEOS_BIND_FUNC), "BEOS_BIND_FUNC"}, +{ERR_FUNC(DSO_F_BEOS_BIND_VAR), "BEOS_BIND_VAR"}, +{ERR_FUNC(DSO_F_BEOS_LOAD), "BEOS_LOAD"}, +{ERR_FUNC(DSO_F_BEOS_NAME_CONVERTER), "BEOS_NAME_CONVERTER"}, +{ERR_FUNC(DSO_F_BEOS_UNLOAD), "BEOS_UNLOAD"}, {ERR_FUNC(DSO_F_DLFCN_BIND_FUNC), "DLFCN_BIND_FUNC"}, {ERR_FUNC(DSO_F_DLFCN_BIND_VAR), "DLFCN_BIND_VAR"}, {ERR_FUNC(DSO_F_DLFCN_LOAD), "DLFCN_LOAD"}, @@ -89,22 +94,29 @@ static ERR_STRING_DATA DSO_str_functs[]= {ERR_FUNC(DSO_F_DSO_FREE), "DSO_free"}, {ERR_FUNC(DSO_F_DSO_GET_FILENAME), "DSO_get_filename"}, {ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME), "DSO_get_loaded_filename"}, +{ERR_FUNC(DSO_F_DSO_GLOBAL_LOOKUP), "DSO_global_lookup"}, {ERR_FUNC(DSO_F_DSO_LOAD), "DSO_load"}, {ERR_FUNC(DSO_F_DSO_MERGE), "DSO_merge"}, {ERR_FUNC(DSO_F_DSO_NEW_METHOD), "DSO_new_method"}, +{ERR_FUNC(DSO_F_DSO_PATHBYADDR), "DSO_pathbyaddr"}, {ERR_FUNC(DSO_F_DSO_SET_FILENAME), "DSO_set_filename"}, {ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER), "DSO_set_name_converter"}, {ERR_FUNC(DSO_F_DSO_UP_REF), "DSO_up_ref"}, +{ERR_FUNC(DSO_F_GLOBAL_LOOKUP_FUNC), "GLOBAL_LOOKUP_FUNC"}, +{ERR_FUNC(DSO_F_PATHBYADDR), "PATHBYADDR"}, {ERR_FUNC(DSO_F_VMS_BIND_SYM), "VMS_BIND_SYM"}, {ERR_FUNC(DSO_F_VMS_LOAD), "VMS_LOAD"}, {ERR_FUNC(DSO_F_VMS_MERGER), "VMS_MERGER"}, {ERR_FUNC(DSO_F_VMS_UNLOAD), "VMS_UNLOAD"}, {ERR_FUNC(DSO_F_WIN32_BIND_FUNC), "WIN32_BIND_FUNC"}, {ERR_FUNC(DSO_F_WIN32_BIND_VAR), "WIN32_BIND_VAR"}, +{ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP), "WIN32_GLOBALLOOKUP"}, +{ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP_FUNC), "WIN32_GLOBALLOOKUP_FUNC"}, {ERR_FUNC(DSO_F_WIN32_JOINER), "WIN32_JOINER"}, {ERR_FUNC(DSO_F_WIN32_LOAD), "WIN32_LOAD"}, {ERR_FUNC(DSO_F_WIN32_MERGER), "WIN32_MERGER"}, {ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER), "WIN32_NAME_CONVERTER"}, +{ERR_FUNC(DSO_F_WIN32_PATHBYADDR), "WIN32_PATHBYADDR"}, {ERR_FUNC(DSO_F_WIN32_SPLITTER), "WIN32_SPLITTER"}, {ERR_FUNC(DSO_F_WIN32_UNLOAD), "WIN32_UNLOAD"}, {0,NULL} diff --git a/src/lib/libcrypto/dso/dso_lib.c b/src/lib/libcrypto/dso/dso_lib.c index 49bdd71309..8a15b794ab 100644 --- a/src/lib/libcrypto/dso/dso_lib.c +++ b/src/lib/libcrypto/dso/dso_lib.c @@ -107,7 +107,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) return(NULL); } memset(ret, 0, sizeof(DSO)); - ret->meth_data = sk_new_null(); + ret->meth_data = sk_void_new_null(); if(ret->meth_data == NULL) { /* sk_new doesn't generate any errors so we do */ @@ -163,7 +163,7 @@ int DSO_free(DSO *dso) return(0); } - sk_free(dso->meth_data); + sk_void_free(dso->meth_data); if(dso->filename != NULL) OPENSSL_free(dso->filename); if(dso->loaded_filename != NULL) @@ -399,13 +399,6 @@ char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2) DSOerr(DSO_F_DSO_MERGE,ERR_R_PASSED_NULL_PARAMETER); return(NULL); } - if(filespec1 == NULL) - filespec1 = dso->filename; - if(filespec1 == NULL) - { - DSOerr(DSO_F_DSO_MERGE,DSO_R_NO_FILE_SPECIFICATION); - return(NULL); - } if((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) { if(dso->merger != NULL) @@ -464,3 +457,27 @@ const char *DSO_get_loaded_filename(DSO *dso) } return(dso->loaded_filename); } + +int DSO_pathbyaddr(void *addr,char *path,int sz) + { + DSO_METHOD *meth = default_DSO_meth; + if (meth == NULL) meth = DSO_METHOD_openssl(); + if (meth->pathbyaddr == NULL) + { + DSOerr(DSO_F_DSO_PATHBYADDR,DSO_R_UNSUPPORTED); + return -1; + } + return (*meth->pathbyaddr)(addr,path,sz); + } + +void *DSO_global_lookup(const char *name) + { + DSO_METHOD *meth = default_DSO_meth; + if (meth == NULL) meth = DSO_METHOD_openssl(); + if (meth->globallookup == NULL) + { + DSOerr(DSO_F_DSO_GLOBAL_LOOKUP,DSO_R_UNSUPPORTED); + return NULL; + } + return (*meth->globallookup)(name); + } diff --git a/src/lib/libcrypto/dso/dso_null.c b/src/lib/libcrypto/dso/dso_null.c index 4972984651..49d842d1f5 100644 --- a/src/lib/libcrypto/dso/dso_null.c +++ b/src/lib/libcrypto/dso/dso_null.c @@ -78,7 +78,9 @@ static DSO_METHOD dso_meth_null = { NULL, /* dso_name_converter */ NULL, /* dso_merger */ NULL, /* init */ - NULL /* finish */ + NULL, /* finish */ + NULL, /* pathbyaddr */ + NULL /* globallookup */ }; DSO_METHOD *DSO_METHOD_null(void) diff --git a/src/lib/libcrypto/dso/dso_openssl.c b/src/lib/libcrypto/dso/dso_openssl.c index a4395ebffe..b17e8e8e9e 100644 --- a/src/lib/libcrypto/dso/dso_openssl.c +++ b/src/lib/libcrypto/dso/dso_openssl.c @@ -74,6 +74,8 @@ DSO_METHOD *DSO_METHOD_openssl(void) return(DSO_METHOD_win32()); #elif defined(DSO_VMS) return(DSO_METHOD_vms()); +#elif defined(DSO_BEOS) + return(DSO_METHOD_beos()); #else return(DSO_METHOD_null()); #endif diff --git a/src/lib/libcrypto/dso/dso_vms.c b/src/lib/libcrypto/dso/dso_vms.c index 2c434ee8a6..321512772a 100644 --- a/src/lib/libcrypto/dso/dso_vms.c +++ b/src/lib/libcrypto/dso/dso_vms.c @@ -215,7 +215,7 @@ static int vms_load(DSO *dso) p->imagename_dsc.dsc$b_class = DSC$K_CLASS_S; p->imagename_dsc.dsc$a_pointer = p->imagename; - if(!sk_push(dso->meth_data, (char *)p)) + if(!sk_void_push(dso->meth_data, (char *)p)) { DSOerr(DSO_F_VMS_LOAD,DSO_R_STACK_ERROR); goto err; @@ -245,9 +245,9 @@ static int vms_unload(DSO *dso) DSOerr(DSO_F_VMS_UNLOAD,ERR_R_PASSED_NULL_PARAMETER); return(0); } - if(sk_num(dso->meth_data) < 1) + if(sk_void_num(dso->meth_data) < 1) return(1); - p = (DSO_VMS_INTERNAL *)sk_pop(dso->meth_data); + p = (DSO_VMS_INTERNAL *)sk_void_pop(dso->meth_data); if(p == NULL) { DSOerr(DSO_F_VMS_UNLOAD,DSO_R_NULL_HANDLE); @@ -302,13 +302,13 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym) DSOerr(DSO_F_VMS_BIND_SYM,ERR_R_PASSED_NULL_PARAMETER); return; } - if(sk_num(dso->meth_data) < 1) + if(sk_void_num(dso->meth_data) < 1) { DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_STACK_ERROR); return; } - ptr = (DSO_VMS_INTERNAL *)sk_value(dso->meth_data, - sk_num(dso->meth_data) - 1); + ptr = (DSO_VMS_INTERNAL *)sk_void_value(dso->meth_data, + sk_void_num(dso->meth_data) - 1); if(ptr == NULL) { DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_NULL_HANDLE); diff --git a/src/lib/libcrypto/dso/dso_win32.c b/src/lib/libcrypto/dso/dso_win32.c index fd3dd6a7fe..6fb6c54181 100644 --- a/src/lib/libcrypto/dso/dso_win32.c +++ b/src/lib/libcrypto/dso/dso_win32.c @@ -96,7 +96,11 @@ static HINSTANCE LoadLibraryA(LPCSTR lpLibFileName) #else fnamw = (WCHAR *)alloca (len_0*sizeof(WCHAR)); #endif - if (fnamw == NULL) return NULL; + if (fnamw == NULL) + { + SetLastError(ERROR_NOT_ENOUGH_MEMORY); + return NULL; + } #if defined(_WIN32_WCE) && _WIN32_WCE>=101 if (!MultiByteToWideChar(CP_ACP,0,lpLibFileName,len_0,fnamw,len_0)) @@ -124,6 +128,8 @@ static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg); static char *win32_name_converter(DSO *dso, const char *filename); static char *win32_merger(DSO *dso, const char *filespec1, const char *filespec2); +static int win32_pathbyaddr(void *addr,char *path,int sz); +static void *win32_globallookup(const char *name); static const char *openssl_strnchr(const char *string, int c, size_t len); @@ -142,7 +148,9 @@ static DSO_METHOD dso_meth_win32 = { win32_name_converter, win32_merger, NULL, /* init */ - NULL /* finish */ + NULL, /* finish */ + win32_pathbyaddr, + win32_globallookup }; DSO_METHOD *DSO_METHOD_win32(void) @@ -180,7 +188,7 @@ static int win32_load(DSO *dso) goto err; } *p = h; - if(!sk_push(dso->meth_data, (char *)p)) + if(!sk_void_push(dso->meth_data, p)) { DSOerr(DSO_F_WIN32_LOAD,DSO_R_STACK_ERROR); goto err; @@ -207,9 +215,9 @@ static int win32_unload(DSO *dso) DSOerr(DSO_F_WIN32_UNLOAD,ERR_R_PASSED_NULL_PARAMETER); return(0); } - if(sk_num(dso->meth_data) < 1) + if(sk_void_num(dso->meth_data) < 1) return(1); - p = (HINSTANCE *)sk_pop(dso->meth_data); + p = sk_void_pop(dso->meth_data); if(p == NULL) { DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_NULL_HANDLE); @@ -220,7 +228,7 @@ static int win32_unload(DSO *dso) DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_UNLOAD_FAILED); /* We should push the value back onto the stack in * case of a retry. */ - sk_push(dso->meth_data, (char *)p); + sk_void_push(dso->meth_data, p); return(0); } /* Cleanup */ @@ -240,12 +248,12 @@ static void *win32_bind_var(DSO *dso, const char *symname) DSOerr(DSO_F_WIN32_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER); return(NULL); } - if(sk_num(dso->meth_data) < 1) + if(sk_void_num(dso->meth_data) < 1) { DSOerr(DSO_F_WIN32_BIND_VAR,DSO_R_STACK_ERROR); return(NULL); } - ptr = (HINSTANCE *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1); + ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1); if(ptr == NULL) { DSOerr(DSO_F_WIN32_BIND_VAR,DSO_R_NULL_HANDLE); @@ -271,12 +279,12 @@ static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname) DSOerr(DSO_F_WIN32_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER); return(NULL); } - if(sk_num(dso->meth_data) < 1) + if(sk_void_num(dso->meth_data) < 1) { DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_STACK_ERROR); return(NULL); } - ptr = (HINSTANCE *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1); + ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1); if(ptr == NULL) { DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_NULL_HANDLE); @@ -327,8 +335,8 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename, memset(result, 0, sizeof(struct file_st)); position = IN_DEVICE; - if(filename[0] == '\\' && filename[1] == '\\' - || filename[0] == '/' && filename[1] == '/') + if((filename[0] == '\\' && filename[1] == '\\') + || (filename[0] == '/' && filename[1] == '/')) { position = IN_NODE; filename += 2; @@ -347,10 +355,11 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename, DSOerr(DSO_F_WIN32_SPLITTER, DSO_R_INCORRECT_FILE_SYNTAX); /*goto err;*/ + OPENSSL_free(result); return(NULL); } result->device = start; - result->devicelen = filename - start; + result->devicelen = (int)(filename - start); position = IN_FILE; start = ++filename; result->dir = start; @@ -359,7 +368,7 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename, case '/': if(position == IN_NODE) { - result->nodelen = filename - start; + result->nodelen = (int)(filename - start); position = IN_FILE; start = ++filename; result->dir = start; @@ -369,20 +378,20 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename, position = IN_FILE; filename++; result->dir = start; - result->dirlen = filename - start; + result->dirlen = (int)(filename - start); start = filename; } else { filename++; - result->dirlen += filename - start; + result->dirlen += (int)(filename - start); start = filename; } break; case '\0': if(position == IN_NODE) { - result->nodelen = filename - start; + result->nodelen = (int)(filename - start); } else { @@ -396,13 +405,13 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename, result->dirlen = 0; } result->dirlen += - filename - start; + (int)(filename - start); } else { result->file = start; result->filelen = - filename - start; + (int)(filename - start); } } } @@ -496,7 +505,7 @@ static char *win32_joiner(DSO *dso, const struct file_st *file_split) + file_split->predirlen - (start - file_split->predir); strncpy(&result[offset], start, - end - start); offset += end - start; + end - start); offset += (int)(end - start); result[offset] = '\\'; offset++; start = end + 1; } @@ -517,7 +526,7 @@ static char *win32_joiner(DSO *dso, const struct file_st *file_split) + file_split->dirlen - (start - file_split->dir); strncpy(&result[offset], start, - end - start); offset += end - start; + end - start); offset += (int)(end - start); result[offset] = '\\'; offset++; start = end + 1; } @@ -613,6 +622,8 @@ static char *win32_merger(DSO *dso, const char *filespec1, const char *filespec2 merged = win32_joiner(dso, filespec1_split); } + OPENSSL_free(filespec1_split); + OPENSSL_free(filespec2_split); return(merged); } @@ -656,5 +667,178 @@ static const char *openssl_strnchr(const char *string, int c, size_t len) return NULL; } +#include +#ifdef _WIN32_WCE +# define DLLNAME "TOOLHELP.DLL" +#else +# ifdef MODULEENTRY32 +# undef MODULEENTRY32 /* unmask the ASCII version! */ +# endif +# define DLLNAME "KERNEL32.DLL" +#endif + +typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD); +typedef BOOL (WINAPI *CLOSETOOLHELP32SNAPSHOT)(HANDLE); +typedef BOOL (WINAPI *MODULE32)(HANDLE, MODULEENTRY32 *); -#endif /* OPENSSL_SYS_WIN32 */ +static int win32_pathbyaddr(void *addr,char *path,int sz) + { + HMODULE dll; + HANDLE hModuleSnap = INVALID_HANDLE_VALUE; + MODULEENTRY32 me32; + CREATETOOLHELP32SNAPSHOT create_snap; + CLOSETOOLHELP32SNAPSHOT close_snap; + MODULE32 module_first, module_next; + int len; + + if (addr == NULL) + { + union { int(*f)(void*,char*,int); void *p; } t = + { win32_pathbyaddr }; + addr = t.p; + } + + dll = LoadLibrary(TEXT(DLLNAME)); + if (dll == NULL) + { + DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_UNSUPPORTED); + return -1; + } + + create_snap = (CREATETOOLHELP32SNAPSHOT) + GetProcAddress(dll,"CreateToolhelp32Snapshot"); + if (create_snap == NULL) + { + FreeLibrary(dll); + DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_UNSUPPORTED); + return -1; + } + /* We take the rest for granted... */ +#ifdef _WIN32_WCE + close_snap = (CLOSETOOLHELP32SNAPSHOT) + GetProcAddress(dll,"CloseToolhelp32Snapshot"); +#else + close_snap = (CLOSETOOLHELP32SNAPSHOT)CloseHandle; +#endif + module_first = (MODULE32)GetProcAddress(dll,"Module32First"); + module_next = (MODULE32)GetProcAddress(dll,"Module32Next"); + + hModuleSnap = (*create_snap)(TH32CS_SNAPMODULE,0); + if( hModuleSnap == INVALID_HANDLE_VALUE ) + { + FreeLibrary(dll); + DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_UNSUPPORTED); + return -1; + } + + me32.dwSize = sizeof(me32); + + if(!(*module_first)(hModuleSnap,&me32)) + { + (*close_snap)(hModuleSnap); + FreeLibrary(dll); + DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_FAILURE); + return -1; + } + + do { + if ((BYTE *)addr >= me32.modBaseAddr && + (BYTE *)addr < me32.modBaseAddr+me32.modBaseSize) + { + (*close_snap)(hModuleSnap); + FreeLibrary(dll); +#ifdef _WIN32_WCE +# if _WIN32_WCE >= 101 + return WideCharToMultiByte(CP_ACP,0,me32.szExePath,-1, + path,sz,NULL,NULL); +# else + len = (int)wcslen(me32.szExePath); + if (sz <= 0) return len+1; + if (len >= sz) len=sz-1; + for(i=0;i= sz) len=sz-1; + memcpy(path,me32.szExePath,len); + path[len++] = 0; + return len; +#endif + } + } while((*module_next)(hModuleSnap, &me32)); + + (*close_snap)(hModuleSnap); + FreeLibrary(dll); + return 0; + } + +static void *win32_globallookup(const char *name) + { + HMODULE dll; + HANDLE hModuleSnap = INVALID_HANDLE_VALUE; + MODULEENTRY32 me32; + CREATETOOLHELP32SNAPSHOT create_snap; + CLOSETOOLHELP32SNAPSHOT close_snap; + MODULE32 module_first, module_next; + FARPROC ret=NULL; + + dll = LoadLibrary(TEXT(DLLNAME)); + if (dll == NULL) + { + DSOerr(DSO_F_WIN32_GLOBALLOOKUP,DSO_R_UNSUPPORTED); + return NULL; + } + + create_snap = (CREATETOOLHELP32SNAPSHOT) + GetProcAddress(dll,"CreateToolhelp32Snapshot"); + if (create_snap == NULL) + { + FreeLibrary(dll); + DSOerr(DSO_F_WIN32_GLOBALLOOKUP,DSO_R_UNSUPPORTED); + return NULL; + } + /* We take the rest for granted... */ +#ifdef _WIN32_WCE + close_snap = (CLOSETOOLHELP32SNAPSHOT) + GetProcAddress(dll,"CloseToolhelp32Snapshot"); +#else + close_snap = (CLOSETOOLHELP32SNAPSHOT)CloseHandle; +#endif + module_first = (MODULE32)GetProcAddress(dll,"Module32First"); + module_next = (MODULE32)GetProcAddress(dll,"Module32Next"); + + hModuleSnap = (*create_snap)(TH32CS_SNAPMODULE,0); + if( hModuleSnap == INVALID_HANDLE_VALUE ) + { + FreeLibrary(dll); + DSOerr(DSO_F_WIN32_GLOBALLOOKUP,DSO_R_UNSUPPORTED); + return NULL; + } + + me32.dwSize = sizeof(me32); + + if (!(*module_first)(hModuleSnap,&me32)) + { + (*close_snap)(hModuleSnap); + FreeLibrary(dll); + return NULL; + } + + do { + if ((ret = GetProcAddress(me32.hModule,name))) + { + (*close_snap)(hModuleSnap); + FreeLibrary(dll); + return ret; + } + } while((*module_next)(hModuleSnap,&me32)); + + (*close_snap)(hModuleSnap); + FreeLibrary(dll); + return NULL; + } +#endif /* DSO_WIN32 */ diff --git a/src/lib/libcrypto/dyn_lck.c b/src/lib/libcrypto/dyn_lck.c deleted file mode 100644 index 7f82c41264..0000000000 --- a/src/lib/libcrypto/dyn_lck.c +++ /dev/null @@ -1,428 +0,0 @@ -/* crypto/cryptlib.c */ -/* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#include "cryptlib.h" -#include - -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) -static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */ -#endif - -DECLARE_STACK_OF(CRYPTO_dynlock) -IMPLEMENT_STACK_OF(CRYPTO_dynlock) - -/* real #defines in crypto.h, keep these upto date */ -static const char* const lock_names[CRYPTO_NUM_LOCKS] = - { - "<>", - "err", - "ex_data", - "x509", - "x509_info", - "x509_pkey", - "x509_crl", - "x509_req", - "dsa", - "rsa", - "evp_pkey", - "x509_store", - "ssl_ctx", - "ssl_cert", - "ssl_session", - "ssl_sess_cert", - "ssl", - "ssl_method", - "rand", - "rand2", - "debug_malloc", - "BIO", - "gethostbyname", - "getservbyname", - "readdir", - "RSA_blinding", - "dh", - "debug_malloc2", - "dso", - "dynlock", - "engine", - "ui", - "ecdsa", - "ec", - "ecdh", - "bn", - "ec_pre_comp", - "store", - "comp", -#ifndef OPENSSL_FIPS -# if CRYPTO_NUM_LOCKS != 39 -# error "Inconsistency between crypto.h and cryptlib.c" -# endif -#else - "fips", - "fips2", -# if CRYPTO_NUM_LOCKS != 41 -# error "Inconsistency between crypto.h and cryptlib.c" -# endif -#endif - }; - -/* This is for applications to allocate new type names in the non-dynamic - array of lock names. These are numbered with positive numbers. */ -static STACK *app_locks=NULL; - -/* For applications that want a more dynamic way of handling threads, the - following stack is used. These are externally numbered with negative - numbers. */ -static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL; - - -static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback) - (const char *file,int line)=NULL; -static void (MS_FAR *dynlock_lock_callback)(int mode, - struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL; -static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l, - const char *file,int line)=NULL; - -int CRYPTO_get_new_lockid(char *name) - { - char *str; - int i; - -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) - /* A hack to make Visual C++ 5.0 work correctly when linking as - * a DLL using /MT. Without this, the application cannot use - * and floating point printf's. - * It also seems to be needed for Visual C 1.5 (win16) */ - SSLeay_MSVC5_hack=(double)name[0]*(double)name[1]; -#endif - - if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL)) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - if ((str=BUF_strdup(name)) == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - i=sk_push(app_locks,str); - if (!i) - OPENSSL_free(str); - else - i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */ - return(i); - } - -int CRYPTO_get_new_dynlockid(void) - { - int i = 0; - CRYPTO_dynlock *pointer = NULL; - - if (dynlock_create_callback == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK); - return(0); - } - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - if ((dyn_locks == NULL) - && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL)) - { - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock)); - if (pointer == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - pointer->references = 1; - pointer->data = dynlock_create_callback(__FILE__,__LINE__); - if (pointer->data == NULL) - { - OPENSSL_free(pointer); - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - /* First, try to find an existing empty slot */ - i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); - /* If there was none, push, thereby creating a new one */ - if (i == -1) - /* Since sk_push() returns the number of items on the - stack, not the location of the pushed item, we need - to transform the returned number into a position, - by decreasing it. */ - i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1; - else - /* If we found a place with a NULL pointer, put our pointer - in it. */ - (void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - if (i == -1) - { - dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); - OPENSSL_free(pointer); - } - else - i += 1; /* to avoid 0 */ - return -i; - } - -void CRYPTO_destroy_dynlockid(int i) - { - CRYPTO_dynlock *pointer = NULL; - if (i) - i = -i-1; - if (dynlock_destroy_callback == NULL) - return; - - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - - if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks)) - { - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - return; - } - pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); - if (pointer != NULL) - { - --pointer->references; -#ifdef REF_CHECK - if (pointer->references < 0) - { - fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n"); - abort(); - } - else -#endif - if (pointer->references <= 0) - { - (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL); - } - else - pointer = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - if (pointer) - { - dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); - OPENSSL_free(pointer); - } - } - -struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i) - { - CRYPTO_dynlock *pointer = NULL; - if (i) - i = -i-1; - - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - - if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks)) - pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); - if (pointer) - pointer->references++; - - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - if (pointer) - return pointer->data; - return NULL; - } - -struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void)) - (const char *file,int line) - { - return(dynlock_create_callback); - } - -void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, - struct CRYPTO_dynlock_value *l, const char *file,int line) - { - return(dynlock_lock_callback); - } - -void (*CRYPTO_get_dynlock_destroy_callback(void)) - (struct CRYPTO_dynlock_value *l, const char *file,int line) - { - return(dynlock_destroy_callback); - } - -void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func) - (const char *file, int line)) - { - dynlock_create_callback=func; - } - -static void do_dynlock(int mode, int type, const char *file, int line) - { - if (dynlock_lock_callback != NULL) - { - struct CRYPTO_dynlock_value *pointer - = CRYPTO_get_dynlock_value(type); - - OPENSSL_assert(pointer != NULL); - - dynlock_lock_callback(mode, pointer, file, line); - - CRYPTO_destroy_dynlockid(type); - } - } - -void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode, - struct CRYPTO_dynlock_value *l, const char *file, int line)) - { - /* Set callback so CRYPTO_lock() can now handle dynamic locks. - * This is OK because at this point and application shouldn't be using - * OpenSSL from multiple threads because it is setting up the locking - * callbacks. - */ - static int done = 0; - if (!done) - { - int_CRYPTO_set_do_dynlock_callback(do_dynlock); - done = 1; - } - - dynlock_lock_callback=func; - } - -void CRYPTO_set_dynlock_destroy_callback(void (*func) - (struct CRYPTO_dynlock_value *l, const char *file, int line)) - { - dynlock_destroy_callback=func; - } - -const char *CRYPTO_get_lock_name(int type) - { - if (type < 0) - return("dynamic"); - else if (type < CRYPTO_NUM_LOCKS) - return(lock_names[type]); - else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks)) - return("ERROR"); - else - return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); - } - diff --git a/src/lib/libcrypto/ec/Makefile.ssl b/src/lib/libcrypto/ec/Makefile.ssl deleted file mode 100644 index a2805c47a2..0000000000 --- a/src/lib/libcrypto/ec/Makefile.ssl +++ /dev/null @@ -1,128 +0,0 @@ -# -# crypto/ec/Makefile -# - -DIR= ec -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=ectest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c \ - ec_err.c - -LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o \ - ec_err.o - -SRC= $(LIBSRC) - -EXHEADER= ec.h -HEADER= ec_lcl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -ec_cvt.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h -ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h -ec_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ec_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ec_err.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ec_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ec_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ec_err.o: ec_err.c -ec_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ec_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ec_lib.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ec_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ec_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ec_lib.o: ec_lcl.h ec_lib.c -ec_mult.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ec_mult.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ec_mult.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ec_mult.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ec_mult.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ec_mult.o: ec_lcl.h ec_mult.c -ecp_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ecp_mont.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ecp_mont.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ecp_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ecp_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecp_mont.o: ec_lcl.h ecp_mont.c -ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -ecp_nist.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h -ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c -ecp_recp.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -ecp_recp.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h -ecp_recp.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_recp.c -ecp_smpl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ecp_smpl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ecp_smpl.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ecp_smpl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ecp_smpl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecp_smpl.o: ec_lcl.h ecp_smpl.c diff --git a/src/lib/libcrypto/ec/ec.h b/src/lib/libcrypto/ec/ec.h index 8bc2a235b1..ee7078130c 100644 --- a/src/lib/libcrypto/ec/ec.h +++ b/src/lib/libcrypto/ec/ec.h @@ -2,8 +2,12 @@ /* * Originally written by Bodo Moeller for the OpenSSL project. */ +/** + * \file crypto/ec/ec.h Include file for the OpenSSL EC functions + * \author Originally written by Bodo Moeller for the OpenSSL project + */ /* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -92,15 +96,21 @@ extern "C" { # endif #endif - + #ifndef OPENSSL_ECC_MAX_FIELD_BITS # define OPENSSL_ECC_MAX_FIELD_BITS 661 #endif +/** Enum for the point conversion form as defined in X9.62 (ECDSA) + * for the encoding of a elliptic curve point (x,y) */ typedef enum { - /* values as defined in X9.62 (ECDSA) and elsewhere */ + /** the point is encoded as z||x, where the octet z specifies + * which solution of the quadratic equation y is */ POINT_CONVERSION_COMPRESSED = 2, + /** the point is encoded as z||x||y, where z is the octet 0x02 */ POINT_CONVERSION_UNCOMPRESSED = 4, + /** the point is encoded as z||x||y, where the octet z specifies + * which solution of the quadratic equation y is */ POINT_CONVERSION_HYBRID = 6 } point_conversion_form_t; @@ -121,37 +131,129 @@ typedef struct ec_group_st typedef struct ec_point_st EC_POINT; -/* EC_METHODs for curves over GF(p). - * EC_GFp_simple_method provides the basis for the optimized methods. +/********************************************************************/ +/* EC_METHODs for curves over GF(p) */ +/********************************************************************/ + +/** Returns the basic GFp ec methods which provides the basis for the + * optimized methods. + * \return EC_METHOD object */ const EC_METHOD *EC_GFp_simple_method(void); + +/** Returns GFp methods using montgomery multiplication. + * \return EC_METHOD object + */ const EC_METHOD *EC_GFp_mont_method(void); + +/** Returns GFp methods using optimized methods for NIST recommended curves + * \return EC_METHOD object + */ const EC_METHOD *EC_GFp_nist_method(void); -/* EC_METHOD for curves over GF(2^m). + +/********************************************************************/ +/* EC_METHOD for curves over GF(2^m) */ +/********************************************************************/ + +/** Returns the basic GF2m ec method + * \return EC_METHOD object */ const EC_METHOD *EC_GF2m_simple_method(void); -EC_GROUP *EC_GROUP_new(const EC_METHOD *); -void EC_GROUP_free(EC_GROUP *); -void EC_GROUP_clear_free(EC_GROUP *); -int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *); -EC_GROUP *EC_GROUP_dup(const EC_GROUP *); +/********************************************************************/ +/* EC_GROUP functions */ +/********************************************************************/ -const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *); -int EC_METHOD_get_field_type(const EC_METHOD *); +/** Creates a new EC_GROUP object + * \param meth EC_METHOD to use + * \return newly created EC_GROUP object or NULL in case of an error. + */ +EC_GROUP *EC_GROUP_new(const EC_METHOD *meth); -int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); -const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *); -int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *); -int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *); +/** Frees a EC_GROUP object + * \param group EC_GROUP object to be freed. + */ +void EC_GROUP_free(EC_GROUP *group); -void EC_GROUP_set_curve_name(EC_GROUP *, int nid); -int EC_GROUP_get_curve_name(const EC_GROUP *); +/** Clears and frees a EC_GROUP object + * \param group EC_GROUP object to be cleared and freed. + */ +void EC_GROUP_clear_free(EC_GROUP *group); -void EC_GROUP_set_asn1_flag(EC_GROUP *, int flag); -int EC_GROUP_get_asn1_flag(const EC_GROUP *); +/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD. + * \param dst destination EC_GROUP object + * \param src source EC_GROUP object + * \return 1 on success and 0 if an error occurred. + */ +int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src); + +/** Creates a new EC_GROUP object and copies the copies the content + * form src to the newly created EC_KEY object + * \param src source EC_GROUP object + * \return newly created EC_GROUP object or NULL in case of an error. + */ +EC_GROUP *EC_GROUP_dup(const EC_GROUP *src); + +/** Returns the EC_METHOD of the EC_GROUP object. + * \param group EC_GROUP object + * \return EC_METHOD used in this EC_GROUP object. + */ +const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group); + +/** Returns the field type of the EC_METHOD. + * \param meth EC_METHOD object + * \return NID of the underlying field type OID. + */ +int EC_METHOD_get_field_type(const EC_METHOD *meth); + +/** Sets the generator and it's order/cofactor of a EC_GROUP object. + * \param group EC_GROUP object + * \param generator EC_POINT object with the generator. + * \param order the order of the group generated by the generator. + * \param cofactor the index of the sub-group generated by the generator + * in the group of all points on the elliptic curve. + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); + +/** Returns the generator of a EC_GROUP object. + * \param group EC_GROUP object + * \return the currently used generator (possibly NULL). + */ +const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group); + +/** Gets the order of a EC_GROUP + * \param group EC_GROUP object + * \param order BIGNUM to which the order is copied + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx); + +/** Gets the cofactor of a EC_GROUP + * \param group EC_GROUP object + * \param cofactor BIGNUM to which the cofactor is copied + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx); + +/** Sets the name of a EC_GROUP object + * \param group EC_GROUP object + * \param nid NID of the curve name OID + */ +void EC_GROUP_set_curve_name(EC_GROUP *group, int nid); + +/** Returns the curve name of a EC_GROUP object + * \param group EC_GROUP object + * \return NID of the curve name OID or 0 if not set. + */ +int EC_GROUP_get_curve_name(const EC_GROUP *group); + +void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag); +int EC_GROUP_get_asn1_flag(const EC_GROUP *group); void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t); point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *); @@ -160,36 +262,114 @@ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *); size_t EC_GROUP_get_seed_len(const EC_GROUP *); size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len); -int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); -int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); -int EC_GROUP_set_curve_GF2m(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); -int EC_GROUP_get_curve_GF2m(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); +/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b + * \param group EC_GROUP object + * \param p BIGNUM with the prime number + * \param a BIGNUM with parameter a of the equation + * \param b BIGNUM with parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); + +/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b + * \param group EC_GROUP object + * \param p BIGNUM for the prime number + * \param a BIGNUM for parameter a of the equation + * \param b BIGNUM for parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); + +/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b + * \param group EC_GROUP object + * \param p BIGNUM with the polynomial defining the underlying field + * \param a BIGNUM with parameter a of the equation + * \param b BIGNUM with parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); + +/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b + * \param group EC_GROUP object + * \param p BIGNUM for the polynomial defining the underlying field + * \param a BIGNUM for parameter a of the equation + * \param b BIGNUM for parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); -/* returns the number of bits needed to represent a field element */ -int EC_GROUP_get_degree(const EC_GROUP *); +/** Returns the number of bits needed to represent a field element + * \param group EC_GROUP object + * \return number of bits needed to represent a field element + */ +int EC_GROUP_get_degree(const EC_GROUP *group); -/* EC_GROUP_check() returns 1 if 'group' defines a valid group, 0 otherwise */ +/** Checks whether the parameter in the EC_GROUP define a valid ec group + * \param group EC_GROUP object + * \param ctx BN_CTX object (optional) + * \return 1 if group is a valid ec group and 0 otherwise + */ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx); -/* EC_GROUP_check_discriminant() returns 1 if the discriminant of the - * elliptic curve is not zero, 0 otherwise */ -int EC_GROUP_check_discriminant(const EC_GROUP *, BN_CTX *); -/* EC_GROUP_cmp() returns 0 if both groups are equal and 1 otherwise */ -int EC_GROUP_cmp(const EC_GROUP *, const EC_GROUP *, BN_CTX *); +/** Checks whether the discriminant of the elliptic curve is zero or not + * \param group EC_GROUP object + * \param ctx BN_CTX object (optional) + * \return 1 if the discriminant is not zero and 0 otherwise + */ +int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx); + +/** Compares two EC_GROUP objects + * \param a first EC_GROUP object + * \param b second EC_GROUP object + * \param ctx BN_CTX object (optional) + * \return 0 if both groups are equal and 1 otherwise + */ +int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx); /* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() * after choosing an appropriate EC_METHOD */ -EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); -EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); -/* EC_GROUP_new_by_curve_name() creates a EC_GROUP structure - * specified by a curve name (in form of a NID) */ +/** Creates a new EC_GROUP object with the specified parameters defined + * over GFp (defined by the equation y^2 = x^3 + a*x + b) + * \param p BIGNUM with the prime number + * \param a BIGNUM with the parameter a of the equation + * \param b BIGNUM with the parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return newly created EC_GROUP object with the specified parameters + */ +EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); + +/** Creates a new EC_GROUP object with the specified parameters defined + * over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b) + * \param p BIGNUM with the polynomial defining the underlying field + * \param a BIGNUM with the parameter a of the equation + * \param b BIGNUM with the parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return newly created EC_GROUP object with the specified parameters + */ +EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); + +/** Creates a EC_GROUP object with a curve specified by a NID + * \param nid NID of the OID of the curve name + * \return newly created EC_GROUP object with specified curve or NULL + * if an error occurred + */ EC_GROUP *EC_GROUP_new_by_curve_name(int nid); -/* handling of internal curves */ + + +/********************************************************************/ +/* handling of internal curves */ +/********************************************************************/ + typedef struct { int nid; const char *comment; } EC_builtin_curve; + /* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number * of all available curves or zero if a error occurred. * In case r ist not zero nitems EC_builtin_curve structures @@ -197,39 +377,168 @@ typedef struct { size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); -/* EC_POINT functions */ +/********************************************************************/ +/* EC_POINT functions */ +/********************************************************************/ + +/** Creates a new EC_POINT object for the specified EC_GROUP + * \param group EC_GROUP the underlying EC_GROUP object + * \return newly created EC_POINT object or NULL if an error occurred + */ +EC_POINT *EC_POINT_new(const EC_GROUP *group); + +/** Frees a EC_POINT object + * \param point EC_POINT object to be freed + */ +void EC_POINT_free(EC_POINT *point); + +/** Clears and frees a EC_POINT object + * \param point EC_POINT object to be cleared and freed + */ +void EC_POINT_clear_free(EC_POINT *point); + +/** Copies EC_POINT object + * \param dst destination EC_POINT object + * \param src source EC_POINT object + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src); -EC_POINT *EC_POINT_new(const EC_GROUP *); -void EC_POINT_free(EC_POINT *); -void EC_POINT_clear_free(EC_POINT *); -int EC_POINT_copy(EC_POINT *, const EC_POINT *); -EC_POINT *EC_POINT_dup(const EC_POINT *, const EC_GROUP *); +/** Creates a new EC_POINT object and copies the content of the supplied + * EC_POINT + * \param src source EC_POINT object + * \param group underlying the EC_GROUP object + * \return newly created EC_POINT object or NULL if an error occurred + */ +EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group); -const EC_METHOD *EC_POINT_method_of(const EC_POINT *); - -int EC_POINT_set_to_infinity(const EC_GROUP *, EC_POINT *); -int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *, - const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *); -int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *, const EC_POINT *, - BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *); -int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *, - const BIGNUM *x, const BIGNUM *y, BN_CTX *); -int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *, - BIGNUM *x, BIGNUM *y, BN_CTX *); -int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *, - const BIGNUM *x, int y_bit, BN_CTX *); - -int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *, EC_POINT *, - const BIGNUM *x, const BIGNUM *y, BN_CTX *); -int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *, const EC_POINT *, - BIGNUM *x, BIGNUM *y, BN_CTX *); -int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *, EC_POINT *, - const BIGNUM *x, int y_bit, BN_CTX *); - -size_t EC_POINT_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form, - unsigned char *buf, size_t len, BN_CTX *); -int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *, - const unsigned char *buf, size_t len, BN_CTX *); +/** Returns the EC_METHOD used in EC_POINT object + * \param point EC_POINT object + * \return the EC_METHOD used + */ +const EC_METHOD *EC_POINT_method_of(const EC_POINT *point); + +/** Sets a point to infinity (neutral element) + * \param group underlying EC_GROUP object + * \param point EC_POINT to set to infinity + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point); + +/** Sets the jacobian projective coordinates of a EC_POINT over GFp + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM with the x-coordinate + * \param y BIGNUM with the y-coordinate + * \param z BIGNUM with the z-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, + const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx); + +/** Gets the jacobian projective coordinates of a EC_POINT over GFp + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM for the x-coordinate + * \param y BIGNUM for the y-coordinate + * \param z BIGNUM for the z-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, + const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx); + +/** Sets the affine coordinates of a EC_POINT over GFp + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM with the x-coordinate + * \param y BIGNUM with the y-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, + const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); + +/** Gets the affine coordinates of a EC_POINT over GFp + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM for the x-coordinate + * \param y BIGNUM for the y-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, + const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); + +/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM with x-coordinate + * \param y_bit integer with the y-Bit (either 0 or 1) + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, + const BIGNUM *x, int y_bit, BN_CTX *ctx); + +/** Sets the affine coordinates of a EC_POINT over GF2m + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM with the x-coordinate + * \param y BIGNUM with the y-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, + const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); + +/** Gets the affine coordinates of a EC_POINT over GF2m + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM for the x-coordinate + * \param y BIGNUM for the y-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, + const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); + +/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM with x-coordinate + * \param y_bit integer with the y-Bit (either 0 or 1) + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, + const BIGNUM *x, int y_bit, BN_CTX *ctx); + +/** Encodes a EC_POINT object to a octet string + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param form point conversion form + * \param buf memory buffer for the result. If NULL the function returns + * required buffer size. + * \param len length of the memory buffer + * \param ctx BN_CTX object (optional) + * \return the length of the encoded octet string or 0 if an error occurred + */ +size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p, + point_conversion_form_t form, + unsigned char *buf, size_t len, BN_CTX *ctx); + +/** Decodes a EC_POINT from a octet string + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param buf memory buffer with the encoded ec point + * \param len length of the encoded ec point + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p, + const unsigned char *buf, size_t len, BN_CTX *ctx); /* other interfaces to point2oct/oct2point: */ BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *, @@ -241,29 +550,105 @@ char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *, EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *, EC_POINT *, BN_CTX *); -int EC_POINT_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *); -int EC_POINT_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *); -int EC_POINT_invert(const EC_GROUP *, EC_POINT *, BN_CTX *); -int EC_POINT_is_at_infinity(const EC_GROUP *, const EC_POINT *); -int EC_POINT_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *); -int EC_POINT_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *); +/********************************************************************/ +/* functions for doing EC_POINT arithmetic */ +/********************************************************************/ + +/** Computes the sum of two EC_POINT + * \param group underlying EC_GROUP object + * \param r EC_POINT object for the result (r = a + b) + * \param a EC_POINT object with the first summand + * \param b EC_POINT object with the second summand + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx); + +/** Computes the double of a EC_POINT + * \param group underlying EC_GROUP object + * \param r EC_POINT object for the result (r = 2 * a) + * \param a EC_POINT object + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx); + +/** Computes the inverse of a EC_POINT + * \param group underlying EC_GROUP object + * \param a EC_POINT object to be inverted (it's used for the result as well) + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx); + +/** Checks whether the point is the neutral element of the group + * \param group the underlying EC_GROUP object + * \param p EC_POINT object + * \return 1 if the point is the neutral element and 0 otherwise + */ +int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p); + +/** Checks whether the point is on the curve + * \param group underlying EC_GROUP object + * \param point EC_POINT object to check + * \param ctx BN_CTX object (optional) + * \return 1 if point if on the curve and 0 otherwise + */ +int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx); + +/** Compares two EC_POINTs + * \param group underlying EC_GROUP object + * \param a first EC_POINT object + * \param b second EC_POINT object + * \param ctx BN_CTX object (optional) + * \return 0 if both points are equal and a value != 0 otherwise + */ +int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx); int EC_POINT_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *); int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); +/** Computes r = generator * n sum_{i=0}^num p[i] * m[i] + * \param group underlying EC_GROUP object + * \param r EC_POINT object for the result + * \param n BIGNUM with the multiplier for the group generator (optional) + * \param num number futher summands + * \param p array of size num of EC_POINT objects + * \param m array of size num of BIGNUM objects + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx); + +/** Computes r = generator * n + q * m + * \param group underlying EC_GROUP object + * \param r EC_POINT object for the result + * \param n BIGNUM with the multiplier for the group generator (optional) + * \param q EC_POINT object with the first factor of the second summand + * \param m BIGNUM with the second factor of the second summand + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx); -int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num, const EC_POINT *[], const BIGNUM *[], BN_CTX *); -int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, const EC_POINT *, const BIGNUM *, BN_CTX *); - -/* EC_GROUP_precompute_mult() stores multiples of generator for faster point multiplication */ -int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *); -/* EC_GROUP_have_precompute_mult() reports whether such precomputation has been done */ -int EC_GROUP_have_precompute_mult(const EC_GROUP *); +/** Stores multiples of generator for faster point multiplication + * \param group EC_GROUP object + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx); +/** Reports whether a precomputation has been done + * \param group EC_GROUP object + * \return 1 if a pre-computation has been done and 0 otherwise + */ +int EC_GROUP_have_precompute_mult(const EC_GROUP *group); -/* ASN1 stuff */ +/********************************************************************/ +/* ASN1 stuff */ +/********************************************************************/ /* EC_GROUP_get_basis_type() returns the NID of the basis type * used to represent the field elements */ @@ -293,28 +678,96 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off); int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); #endif -/* the EC_KEY stuff */ + +/********************************************************************/ +/* EC_KEY functions */ +/********************************************************************/ + typedef struct ec_key_st EC_KEY; /* some values for the encoding_flag */ #define EC_PKEY_NO_PARAMETERS 0x001 #define EC_PKEY_NO_PUBKEY 0x002 +/** Creates a new EC_KEY object. + * \return EC_KEY object or NULL if an error occurred. + */ EC_KEY *EC_KEY_new(void); + +/** Creates a new EC_KEY object using a named curve as underlying + * EC_GROUP object. + * \param nid NID of the named curve. + * \return EC_KEY object or NULL if an error occurred. + */ EC_KEY *EC_KEY_new_by_curve_name(int nid); -void EC_KEY_free(EC_KEY *); -EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *); -EC_KEY *EC_KEY_dup(const EC_KEY *); - -int EC_KEY_up_ref(EC_KEY *); - -const EC_GROUP *EC_KEY_get0_group(const EC_KEY *); -int EC_KEY_set_group(EC_KEY *, const EC_GROUP *); -const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *); -int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *); -const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *); -int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *); -unsigned EC_KEY_get_enc_flags(const EC_KEY *); + +/** Frees a EC_KEY object. + * \param key EC_KEY object to be freed. + */ +void EC_KEY_free(EC_KEY *key); + +/** Copies a EC_KEY object. + * \param dst destination EC_KEY object + * \param src src EC_KEY object + * \return dst or NULL if an error occurred. + */ +EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src); + +/** Creates a new EC_KEY object and copies the content from src to it. + * \param src the source EC_KEY object + * \return newly created EC_KEY object or NULL if an error occurred. + */ +EC_KEY *EC_KEY_dup(const EC_KEY *src); + +/** Increases the internal reference count of a EC_KEY object. + * \param key EC_KEY object + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_up_ref(EC_KEY *key); + +/** Returns the EC_GROUP object of a EC_KEY object + * \param key EC_KEY object + * \return the EC_GROUP object (possibly NULL). + */ +const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key); + +/** Sets the EC_GROUP of a EC_KEY object. + * \param key EC_KEY object + * \param group EC_GROUP to use in the EC_KEY object (note: the EC_KEY + * object will use an own copy of the EC_GROUP). + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group); + +/** Returns the private key of a EC_KEY object. + * \param key EC_KEY object + * \return a BIGNUM with the private key (possibly NULL). + */ +const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key); + +/** Sets the private key of a EC_KEY object. + * \param key EC_KEY object + * \param prv BIGNUM with the private key (note: the EC_KEY object + * will use an own copy of the BIGNUM). + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv); + +/** Returns the public key of a EC_KEY object. + * \param key the EC_KEY object + * \return a EC_POINT object with the public key (possibly NULL) + */ +const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key); + +/** Sets the public key of a EC_KEY object. + * \param key EC_KEY object + * \param pub EC_POINT object with the public key (note: the EC_KEY object + * will use an own copy of the EC_POINT object). + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub); + +unsigned EC_KEY_get_enc_flags(const EC_KEY *key); void EC_KEY_set_enc_flags(EC_KEY *, unsigned int); point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *); void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t); @@ -325,31 +778,126 @@ void EC_KEY_insert_key_method_data(EC_KEY *, void *data, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); /* wrapper functions for the underlying EC_GROUP object */ void EC_KEY_set_asn1_flag(EC_KEY *, int); -int EC_KEY_precompute_mult(EC_KEY *, BN_CTX *ctx); - -/* EC_KEY_generate_key() creates a ec private (public) key */ -int EC_KEY_generate_key(EC_KEY *); -/* EC_KEY_check_key() */ -int EC_KEY_check_key(const EC_KEY *); - -/* de- and encoding functions for SEC1 ECPrivateKey */ -EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len); -int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out); -/* de- and encoding functions for EC parameters */ -EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len); -int i2d_ECParameters(EC_KEY *a, unsigned char **out); -/* de- and encoding functions for EC public key - * (octet string, not DER -- hence 'o2i' and 'i2o') */ -EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len); -int i2o_ECPublicKey(EC_KEY *a, unsigned char **out); + +/** Creates a table of pre-computed multiples of the generator to + * accelerate further EC_KEY operations. + * \param key EC_KEY object + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx); + +/** Creates a new ec private (and optional a new public) key. + * \param key EC_KEY object + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_generate_key(EC_KEY *key); + +/** Verifies that a private and/or public key is valid. + * \param key the EC_KEY object + * \return 1 on success and 0 otherwise. + */ +int EC_KEY_check_key(const EC_KEY *key); + + +/********************************************************************/ +/* de- and encoding functions for SEC1 ECPrivateKey */ +/********************************************************************/ + +/** Decodes a private key from a memory buffer. + * \param key a pointer to a EC_KEY object which should be used (or NULL) + * \param in pointer to memory with the DER encoded private key + * \param len length of the DER encoded private key + * \return the decoded private key or NULL if an error occurred. + */ +EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len); + +/** Encodes a private key object and stores the result in a buffer. + * \param key the EC_KEY object to encode + * \param out the buffer for the result (if NULL the function returns number + * of bytes needed). + * \return 1 on success and 0 if an error occurred. + */ +int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out); + + +/********************************************************************/ +/* de- and encoding functions for EC parameters */ +/********************************************************************/ + +/** Decodes ec parameter from a memory buffer. + * \param key a pointer to a EC_KEY object which should be used (or NULL) + * \param in pointer to memory with the DER encoded ec parameters + * \param len length of the DER encoded ec parameters + * \return a EC_KEY object with the decoded parameters or NULL if an error + * occurred. + */ +EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len); + +/** Encodes ec parameter and stores the result in a buffer. + * \param key the EC_KEY object with ec paramters to encode + * \param out the buffer for the result (if NULL the function returns number + * of bytes needed). + * \return 1 on success and 0 if an error occurred. + */ +int i2d_ECParameters(EC_KEY *key, unsigned char **out); + + +/********************************************************************/ +/* de- and encoding functions for EC public key */ +/* (octet string, not DER -- hence 'o2i' and 'i2o') */ +/********************************************************************/ + +/** Decodes a ec public key from a octet string. + * \param key a pointer to a EC_KEY object which should be used + * \param in memory buffer with the encoded public key + * \param len length of the encoded public key + * \return EC_KEY object with decoded public key or NULL if an error + * occurred. + */ +EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len); + +/** Encodes a ec public key in an octet string. + * \param key the EC_KEY object with the public key + * \param out the buffer for the result (if NULL the function returns number + * of bytes needed). + * \return 1 on success and 0 if an error occurred + */ +int i2o_ECPublicKey(EC_KEY *key, unsigned char **out); #ifndef OPENSSL_NO_BIO -int ECParameters_print(BIO *bp, const EC_KEY *x); -int EC_KEY_print(BIO *bp, const EC_KEY *x, int off); +/** Prints out the ec parameters on human readable form. + * \param bp BIO object to which the information is printed + * \param key EC_KEY object + * \return 1 on success and 0 if an error occurred + */ +int ECParameters_print(BIO *bp, const EC_KEY *key); + +/** Prints out the contents of a EC_KEY object + * \param bp BIO object to which the information is printed + * \param key EC_KEY object + * \param off line offset + * \return 1 on success and 0 if an error occurred + */ +int EC_KEY_print(BIO *bp, const EC_KEY *key, int off); + #endif #ifndef OPENSSL_NO_FP_API -int ECParameters_print_fp(FILE *fp, const EC_KEY *x); -int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off); +/** Prints out the ec parameters on human readable form. + * \param fp file descriptor to which the information is printed + * \param key EC_KEY object + * \return 1 on success and 0 if an error occurred + */ +int ECParameters_print_fp(FILE *fp, const EC_KEY *key); + +/** Prints out the contents of a EC_KEY object + * \param fp file descriptor to which the information is printed + * \param key EC_KEY object + * \param off line offset + * \return 1 on success and 0 if an error occurred + */ +int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off); + #endif #define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x) @@ -362,6 +910,13 @@ int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off); # endif #endif +#define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, \ + EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL) + + +#define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1) + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -375,6 +930,14 @@ void ERR_load_EC_strings(void); #define EC_F_D2I_ECPARAMETERS 144 #define EC_F_D2I_ECPKPARAMETERS 145 #define EC_F_D2I_ECPRIVATEKEY 146 +#define EC_F_DO_EC_KEY_PRINT 221 +#define EC_F_ECKEY_PARAM2TYPE 223 +#define EC_F_ECKEY_PARAM_DECODE 212 +#define EC_F_ECKEY_PRIV_DECODE 213 +#define EC_F_ECKEY_PRIV_ENCODE 214 +#define EC_F_ECKEY_PUB_DECODE 215 +#define EC_F_ECKEY_PUB_ENCODE 216 +#define EC_F_ECKEY_TYPE2PARAM 220 #define EC_F_ECPARAMETERS_PRINT 147 #define EC_F_ECPARAMETERS_PRINT_FP 148 #define EC_F_ECPKPARAMETERS_PRINT 149 @@ -448,7 +1011,6 @@ void ERR_load_EC_strings(void); #define EC_F_EC_KEY_PRINT 180 #define EC_F_EC_KEY_PRINT_FP 181 #define EC_F_EC_POINTS_MAKE_AFFINE 136 -#define EC_F_EC_POINTS_MUL 138 #define EC_F_EC_POINT_ADD 112 #define EC_F_EC_POINT_CMP 113 #define EC_F_EC_POINT_COPY 114 @@ -479,21 +1041,31 @@ void ERR_load_EC_strings(void); #define EC_F_I2D_ECPRIVATEKEY 192 #define EC_F_I2O_ECPUBLICKEY 151 #define EC_F_O2I_ECPUBLICKEY 152 +#define EC_F_OLD_EC_PRIV_DECODE 222 +#define EC_F_PKEY_EC_CTRL 197 +#define EC_F_PKEY_EC_CTRL_STR 198 +#define EC_F_PKEY_EC_DERIVE 217 +#define EC_F_PKEY_EC_KEYGEN 199 +#define EC_F_PKEY_EC_PARAMGEN 219 +#define EC_F_PKEY_EC_SIGN 218 /* Reason codes. */ #define EC_R_ASN1_ERROR 115 #define EC_R_ASN1_UNKNOWN_FIELD 116 #define EC_R_BUFFER_TOO_SMALL 100 #define EC_R_D2I_ECPKPARAMETERS_FAILURE 117 +#define EC_R_DECODE_ERROR 142 #define EC_R_DISCRIMINANT_IS_ZERO 118 #define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119 -#define EC_R_FIELD_TOO_LARGE 138 +#define EC_R_FIELD_TOO_LARGE 143 #define EC_R_GROUP2PKPARAMETERS_FAILURE 120 #define EC_R_I2D_ECPKPARAMETERS_FAILURE 121 #define EC_R_INCOMPATIBLE_OBJECTS 101 #define EC_R_INVALID_ARGUMENT 112 #define EC_R_INVALID_COMPRESSED_POINT 110 #define EC_R_INVALID_COMPRESSION_BIT 109 +#define EC_R_INVALID_CURVE 141 +#define EC_R_INVALID_DIGEST_TYPE 138 #define EC_R_INVALID_ENCODING 102 #define EC_R_INVALID_FIELD 103 #define EC_R_INVALID_FORM 104 @@ -501,6 +1073,7 @@ void ERR_load_EC_strings(void); #define EC_R_INVALID_PENTANOMIAL_BASIS 132 #define EC_R_INVALID_PRIVATE_KEY 123 #define EC_R_INVALID_TRINOMIAL_BASIS 137 +#define EC_R_KEYS_NOT_SET 140 #define EC_R_MISSING_PARAMETERS 124 #define EC_R_MISSING_PRIVATE_KEY 125 #define EC_R_NOT_A_NIST_PRIME 135 @@ -508,6 +1081,7 @@ void ERR_load_EC_strings(void); #define EC_R_NOT_IMPLEMENTED 126 #define EC_R_NOT_INITIALIZED 111 #define EC_R_NO_FIELD_MOD 133 +#define EC_R_NO_PARAMETERS_SET 139 #define EC_R_PASSED_NULL_PARAMETER 134 #define EC_R_PKPARAMETERS2GROUP_FAILURE 127 #define EC_R_POINT_AT_INFINITY 106 diff --git a/src/lib/libcrypto/ec/ec2_smpl.c b/src/lib/libcrypto/ec/ec2_smpl.c index 522d036ca1..cf357b462a 100644 --- a/src/lib/libcrypto/ec/ec2_smpl.c +++ b/src/lib/libcrypto/ec/ec2_smpl.c @@ -14,7 +14,7 @@ * */ /* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -157,6 +157,7 @@ void ec_GF2m_simple_group_clear_finish(EC_GROUP *group) group->poly[2] = 0; group->poly[3] = 0; group->poly[4] = 0; + group->poly[5] = -1; } @@ -174,10 +175,9 @@ int ec_GF2m_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src) dest->poly[2] = src->poly[2]; dest->poly[3] = src->poly[3]; dest->poly[4] = src->poly[4]; - if(bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) - return 0; - if(bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) - return 0; + dest->poly[5] = src->poly[5]; + if (bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) return 0; + if (bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) return 0; for (i = dest->a.top; i < dest->a.dmax; i++) dest->a.d[i] = 0; for (i = dest->b.top; i < dest->b.dmax; i++) dest->b.d[i] = 0; return 1; @@ -192,7 +192,7 @@ int ec_GF2m_simple_group_set_curve(EC_GROUP *group, /* group->field */ if (!BN_copy(&group->field, p)) goto err; - i = BN_GF2m_poly2arr(&group->field, group->poly, 5); + i = BN_GF2m_poly2arr(&group->field, group->poly, 6) - 1; if ((i != 5) && (i != 3)) { ECerr(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD); @@ -406,18 +406,94 @@ int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_ } -/* Include patented algorithms. */ -#include "ec2_smpt.c" +/* Calculates and sets the affine coordinates of an EC_POINT from the given + * compressed coordinates. Uses algorithm 2.3.4 of SEC 1. + * Note that the simple implementation only uses affine coordinates. + * + * The method is from the following publication: + * + * Harper, Menezes, Vanstone: + * "Public-Key Cryptosystems with Very Small Key Lengths", + * EUROCRYPT '92, Springer-Verlag LNCS 658, + * published February 1993 + * + * US Patents 6,141,420 and 6,618,483 (Vanstone, Mullin, Agnew) describe + * the same method, but claim no priority date earlier than July 29, 1994 + * (and additionally fail to cite the EUROCRYPT '92 publication as prior art). + */ +int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, + const BIGNUM *x_, int y_bit, BN_CTX *ctx) + { + BN_CTX *new_ctx = NULL; + BIGNUM *tmp, *x, *y, *z; + int ret = 0, z0; + + /* clear error queue */ + ERR_clear_error(); + + if (ctx == NULL) + { + ctx = new_ctx = BN_CTX_new(); + if (ctx == NULL) + return 0; + } + + y_bit = (y_bit != 0) ? 1 : 0; + + BN_CTX_start(ctx); + tmp = BN_CTX_get(ctx); + x = BN_CTX_get(ctx); + y = BN_CTX_get(ctx); + z = BN_CTX_get(ctx); + if (z == NULL) goto err; + + if (!BN_GF2m_mod_arr(x, x_, group->poly)) goto err; + if (BN_is_zero(x)) + { + if (!BN_GF2m_mod_sqrt_arr(y, &group->b, group->poly, ctx)) goto err; + } + else + { + if (!group->meth->field_sqr(group, tmp, x, ctx)) goto err; + if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx)) goto err; + if (!BN_GF2m_add(tmp, &group->a, tmp)) goto err; + if (!BN_GF2m_add(tmp, x, tmp)) goto err; + if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx)) + { + unsigned long err = ERR_peek_last_error(); + + if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NO_SOLUTION) + { + ERR_clear_error(); + ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT); + } + else + ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB); + goto err; + } + z0 = (BN_is_odd(z)) ? 1 : 0; + if (!group->meth->field_mul(group, y, x, z, ctx)) goto err; + if (z0 != y_bit) + { + if (!BN_GF2m_add(y, y, x)) goto err; + } + } + + if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err; + + ret = 1; + + err: + BN_CTX_end(ctx); + if (new_ctx != NULL) + BN_CTX_free(new_ctx); + return ret; + } /* Converts an EC_POINT to an octet string. * If buf is NULL, the encoded length will be returned. * If the length len of buf is smaller than required an error will be returned. - * - * The point compression section of this function is patented by Certicom Corp. - * under US Patent 6,141,420. Point compression is disabled by default and can - * be enabled by defining the preprocessor macro OPENSSL_EC_BIN_PT_COMP at - * Configure-time. */ size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form, unsigned char *buf, size_t len, BN_CTX *ctx) @@ -428,14 +504,6 @@ size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, po BIGNUM *x, *y, *yxi; size_t field_len, i, skip; -#ifndef OPENSSL_EC_BIN_PT_COMP - if ((form == POINT_CONVERSION_COMPRESSED) || (form == POINT_CONVERSION_HYBRID)) - { - ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_DISABLED); - goto err; - } -#endif - if ((form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED) && (form != POINT_CONVERSION_HYBRID)) @@ -490,13 +558,11 @@ size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, po if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err; buf[0] = form; -#ifdef OPENSSL_EC_BIN_PT_COMP if ((form != POINT_CONVERSION_UNCOMPRESSED) && !BN_is_zero(x)) { if (!group->meth->field_div(group, yxi, y, x, ctx)) goto err; if (BN_is_odd(yxi)) buf[0]++; } -#endif i = 1; diff --git a/src/lib/libcrypto/ec/ec2_smpt.c b/src/lib/libcrypto/ec/ec2_smpt.c deleted file mode 100644 index 59d52bf663..0000000000 --- a/src/lib/libcrypto/ec/ec2_smpt.c +++ /dev/null @@ -1,74 +0,0 @@ -/* crypto/ec/ec2_smpt.c */ -/* This code was originally written by Douglas Stebila - * for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -/* Calaculates and sets the affine coordinates of an EC_POINT from the given - * compressed coordinates. Uses algorithm 2.3.4 of SEC 1. - * Note that the simple implementation only uses affine coordinates. - * - * This algorithm is patented by Certicom Corp. under US Patent 6,141,420 - * (for licensing information, contact licensing@certicom.com). - * This function is disabled by default and can be enabled by defining the - * preprocessor macro OPENSSL_EC_BIN_PT_COMP at Configure-time. - */ -int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, - const BIGNUM *x_, int y_bit, BN_CTX *ctx) - { - ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_DISABLED); - return 0; - } diff --git a/src/lib/libcrypto/ec/ec_err.c b/src/lib/libcrypto/ec/ec_err.c index d04c895560..84b4833371 100644 --- a/src/lib/libcrypto/ec/ec_err.c +++ b/src/lib/libcrypto/ec/ec_err.c @@ -74,6 +74,14 @@ static ERR_STRING_DATA EC_str_functs[]= {ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"}, {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"}, {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"}, +{ERR_FUNC(EC_F_DO_EC_KEY_PRINT), "DO_EC_KEY_PRINT"}, +{ERR_FUNC(EC_F_ECKEY_PARAM2TYPE), "ECKEY_PARAM2TYPE"}, +{ERR_FUNC(EC_F_ECKEY_PARAM_DECODE), "ECKEY_PARAM_DECODE"}, +{ERR_FUNC(EC_F_ECKEY_PRIV_DECODE), "ECKEY_PRIV_DECODE"}, +{ERR_FUNC(EC_F_ECKEY_PRIV_ENCODE), "ECKEY_PRIV_ENCODE"}, +{ERR_FUNC(EC_F_ECKEY_PUB_DECODE), "ECKEY_PUB_DECODE"}, +{ERR_FUNC(EC_F_ECKEY_PUB_ENCODE), "ECKEY_PUB_ENCODE"}, +{ERR_FUNC(EC_F_ECKEY_TYPE2PARAM), "ECKEY_TYPE2PARAM"}, {ERR_FUNC(EC_F_ECPARAMETERS_PRINT), "ECParameters_print"}, {ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP), "ECParameters_print_fp"}, {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT), "ECPKParameters_print"}, @@ -147,7 +155,6 @@ static ERR_STRING_DATA EC_str_functs[]= {ERR_FUNC(EC_F_EC_KEY_PRINT), "EC_KEY_print"}, {ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"}, {ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"}, -{ERR_FUNC(EC_F_EC_POINTS_MUL), "EC_POINTs_mul"}, {ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"}, {ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"}, {ERR_FUNC(EC_F_EC_POINT_COPY), "EC_POINT_copy"}, @@ -178,6 +185,13 @@ static ERR_STRING_DATA EC_str_functs[]= {ERR_FUNC(EC_F_I2D_ECPRIVATEKEY), "i2d_ECPrivateKey"}, {ERR_FUNC(EC_F_I2O_ECPUBLICKEY), "i2o_ECPublicKey"}, {ERR_FUNC(EC_F_O2I_ECPUBLICKEY), "o2i_ECPublicKey"}, +{ERR_FUNC(EC_F_OLD_EC_PRIV_DECODE), "OLD_EC_PRIV_DECODE"}, +{ERR_FUNC(EC_F_PKEY_EC_CTRL), "PKEY_EC_CTRL"}, +{ERR_FUNC(EC_F_PKEY_EC_CTRL_STR), "PKEY_EC_CTRL_STR"}, +{ERR_FUNC(EC_F_PKEY_EC_DERIVE), "PKEY_EC_DERIVE"}, +{ERR_FUNC(EC_F_PKEY_EC_KEYGEN), "PKEY_EC_KEYGEN"}, +{ERR_FUNC(EC_F_PKEY_EC_PARAMGEN), "PKEY_EC_PARAMGEN"}, +{ERR_FUNC(EC_F_PKEY_EC_SIGN), "PKEY_EC_SIGN"}, {0,NULL} }; @@ -187,6 +201,7 @@ static ERR_STRING_DATA EC_str_reasons[]= {ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD) ,"asn1 unknown field"}, {ERR_REASON(EC_R_BUFFER_TOO_SMALL) ,"buffer too small"}, {ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),"d2i ecpkparameters failure"}, +{ERR_REASON(EC_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO) ,"discriminant is zero"}, {ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),"ec group new by name failure"}, {ERR_REASON(EC_R_FIELD_TOO_LARGE) ,"field too large"}, @@ -196,6 +211,8 @@ static ERR_STRING_DATA EC_str_reasons[]= {ERR_REASON(EC_R_INVALID_ARGUMENT) ,"invalid argument"}, {ERR_REASON(EC_R_INVALID_COMPRESSED_POINT),"invalid compressed point"}, {ERR_REASON(EC_R_INVALID_COMPRESSION_BIT),"invalid compression bit"}, +{ERR_REASON(EC_R_INVALID_CURVE) ,"invalid curve"}, +{ERR_REASON(EC_R_INVALID_DIGEST_TYPE) ,"invalid digest type"}, {ERR_REASON(EC_R_INVALID_ENCODING) ,"invalid encoding"}, {ERR_REASON(EC_R_INVALID_FIELD) ,"invalid field"}, {ERR_REASON(EC_R_INVALID_FORM) ,"invalid form"}, @@ -203,6 +220,7 @@ static ERR_STRING_DATA EC_str_reasons[]= {ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS),"invalid pentanomial basis"}, {ERR_REASON(EC_R_INVALID_PRIVATE_KEY) ,"invalid private key"}, {ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS),"invalid trinomial basis"}, +{ERR_REASON(EC_R_KEYS_NOT_SET) ,"keys not set"}, {ERR_REASON(EC_R_MISSING_PARAMETERS) ,"missing parameters"}, {ERR_REASON(EC_R_MISSING_PRIVATE_KEY) ,"missing private key"}, {ERR_REASON(EC_R_NOT_A_NIST_PRIME) ,"not a NIST prime"}, @@ -210,6 +228,7 @@ static ERR_STRING_DATA EC_str_reasons[]= {ERR_REASON(EC_R_NOT_IMPLEMENTED) ,"not implemented"}, {ERR_REASON(EC_R_NOT_INITIALIZED) ,"not initialized"}, {ERR_REASON(EC_R_NO_FIELD_MOD) ,"no field mod"}, +{ERR_REASON(EC_R_NO_PARAMETERS_SET) ,"no parameters set"}, {ERR_REASON(EC_R_PASSED_NULL_PARAMETER) ,"passed null parameter"}, {ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE),"pkparameters2group failure"}, {ERR_REASON(EC_R_POINT_AT_INFINITY) ,"point at infinity"}, diff --git a/src/lib/libcrypto/ec/ec_lcl.h b/src/lib/libcrypto/ec/ec_lcl.h index fdd7aa2755..3e2c34b0bc 100644 --- a/src/lib/libcrypto/ec/ec_lcl.h +++ b/src/lib/libcrypto/ec/ec_lcl.h @@ -205,11 +205,14 @@ struct ec_group_st { * irreducible polynomial defining the field. */ - unsigned int poly[5]; /* Field specification for curves over GF(2^m). - * The irreducible f(t) is then of the form: - * t^poly[0] + t^poly[1] + ... + t^poly[k] - * where m = poly[0] > poly[1] > ... > poly[k] = 0. - */ + int poly[6]; /* Field specification for curves over GF(2^m). + * The irreducible f(t) is then of the form: + * t^poly[0] + t^poly[1] + ... + t^poly[k] + * where m = poly[0] > poly[1] > ... > poly[k] = 0. + * The array is terminated with poly[k+1]=-1. + * All elliptic curve irreducibles have at most 5 + * non-zero terms. + */ BIGNUM a, b; /* Curve coefficients. * (Here the assumption is that BIGNUMs can be used diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c index 5af84376c6..dd7da0fcf9 100644 --- a/src/lib/libcrypto/ec/ec_lib.c +++ b/src/lib/libcrypto/ec/ec_lib.c @@ -79,7 +79,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) if (meth == NULL) { - ECerr(EC_F_EC_GROUP_NEW, ERR_R_PASSED_NULL_PARAMETER); + ECerr(EC_F_EC_GROUP_NEW, EC_R_SLOT_FULL); return NULL; } if (meth->group_init == 0) @@ -740,7 +740,7 @@ void EC_POINT_clear_free(EC_POINT *point) if (point->meth->point_clear_finish != 0) point->meth->point_clear_finish(point); - else if (point->meth != NULL && point->meth->point_finish != 0) + else if (point->meth->point_finish != 0) point->meth->point_finish(point); OPENSSL_cleanse(point, sizeof *point); OPENSSL_free(point); diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c index 2ba173ef36..f05df5332e 100644 --- a/src/lib/libcrypto/ec/ec_mult.c +++ b/src/lib/libcrypto/ec/ec_mult.c @@ -224,6 +224,12 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) sign = -1; } + if (scalar->d == NULL || scalar->top == 0) + { + ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); + goto err; + } + len = BN_num_bits(scalar); r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer than binary representation * (*ret_len will be set to the actual length, i.e. at most @@ -233,12 +239,6 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE); goto err; } - - if (scalar->d == NULL || scalar->top == 0) - { - ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); - goto err; - } window_val = scalar->d[0] & mask; j = 0; while ((window_val != 0) || (j + w + 1 < len)) /* if j+w+1 >= len, window_val will not increase */ @@ -419,7 +419,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (numblocks > pre_comp->numblocks) numblocks = pre_comp->numblocks; - pre_points_per_block = 1u << (pre_comp->w - 1); + pre_points_per_block = (size_t)1 << (pre_comp->w - 1); /* check that pre_comp looks sane */ if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) @@ -461,7 +461,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, bits = i < num ? BN_num_bits(scalars[i]) : BN_num_bits(scalar); wsize[i] = EC_window_bits_for_scalar_size(bits); - num_val += 1u << (wsize[i] - 1); + num_val += (size_t)1 << (wsize[i] - 1); wNAF[i + 1] = NULL; /* make sure we always have a pivot */ wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i]); if (wNAF[i] == NULL) @@ -600,7 +600,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, for (i = 0; i < num + num_scalar; i++) { val_sub[i] = v; - for (j = 0; j < (1u << (wsize[i] - 1)); j++) + for (j = 0; j < ((size_t)1 << (wsize[i] - 1)); j++) { *v = EC_POINT_new(group); if (*v == NULL) goto err; @@ -636,7 +636,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (wsize[i] > 1) { if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx)) goto err; - for (j = 1; j < (1u << (wsize[i] - 1)); j++) + for (j = 1; j < ((size_t)1 << (wsize[i] - 1)); j++) { if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx)) goto err; } @@ -820,7 +820,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) numblocks = (bits + blocksize - 1) / blocksize; /* max. number of blocks to use for wNAF splitting */ - pre_points_per_block = 1u << (w - 1); + pre_points_per_block = (size_t)1 << (w - 1); num = pre_points_per_block * numblocks; /* number of points to compute and store */ points = OPENSSL_malloc(sizeof (EC_POINT*)*(num + 1)); diff --git a/src/lib/libcrypto/ec/ecp_nist.c b/src/lib/libcrypto/ec/ecp_nist.c index 71893d5eab..2a5682ea41 100644 --- a/src/lib/libcrypto/ec/ecp_nist.c +++ b/src/lib/libcrypto/ec/ecp_nist.c @@ -112,10 +112,6 @@ const EC_METHOD *EC_GFp_nist_method(void) return &ret; } -#if BN_BITS2 == 64 -#define NO_32_BIT_TYPE -#endif - int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src) { dest->field_mod_func = src->field_mod_func; @@ -139,34 +135,12 @@ int ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p, if (BN_ucmp(BN_get0_nist_prime_192(), p) == 0) group->field_mod_func = BN_nist_mod_192; else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0) - { -#ifndef NO_32_BIT_TYPE group->field_mod_func = BN_nist_mod_224; -#else - ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); - goto err; -#endif - } else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0) - { -#ifndef NO_32_BIT_TYPE group->field_mod_func = BN_nist_mod_256; -#else - ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); - goto err; -#endif - } else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0) - { -#ifndef NO_32_BIT_TYPE group->field_mod_func = BN_nist_mod_384; -#else - ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); - goto err; -#endif - } else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0) - /* this one works in the NO_32_BIT_TYPE case */ group->field_mod_func = BN_nist_mod_521; else { diff --git a/src/lib/libcrypto/ec/ecp_recp.c b/src/lib/libcrypto/ec/ecp_recp.c deleted file mode 100644 index fec843b5c8..0000000000 --- a/src/lib/libcrypto/ec/ecp_recp.c +++ /dev/null @@ -1,133 +0,0 @@ -/* crypto/ec/ecp_recp.c */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "ec_lcl.h" - -#if 0 -const EC_METHOD *EC_GFp_recp_method(void) - { - static const EC_METHOD ret = { - ec_GFp_recp_group_init, - ec_GFp_recp_group_finish, - ec_GFp_recp_group_clear_finish, - ec_GFp_recp_group_copy, - ec_GFp_recp_group_set_curve_GFp, - ec_GFp_simple_group_get_curve_GFp, - ec_GFp_simple_group_set_generator, - ec_GFp_simple_group_get0_generator, - ec_GFp_simple_group_get_order, - ec_GFp_simple_group_get_cofactor, - ec_GFp_simple_point_init, - ec_GFp_simple_point_finish, - ec_GFp_simple_point_clear_finish, - ec_GFp_simple_point_copy, - ec_GFp_simple_point_set_to_infinity, - ec_GFp_simple_set_Jprojective_coordinates_GFp, - ec_GFp_simple_get_Jprojective_coordinates_GFp, - ec_GFp_simple_point_set_affine_coordinates_GFp, - ec_GFp_simple_point_get_affine_coordinates_GFp, - ec_GFp_simple_set_compressed_coordinates_GFp, - ec_GFp_simple_point2oct, - ec_GFp_simple_oct2point, - ec_GFp_simple_add, - ec_GFp_simple_dbl, - ec_GFp_simple_invert, - ec_GFp_simple_is_at_infinity, - ec_GFp_simple_is_on_curve, - ec_GFp_simple_cmp, - ec_GFp_simple_make_affine, - ec_GFp_simple_points_make_affine, - ec_GFp_recp_field_mul, - ec_GFp_recp_field_sqr, - 0 /* field_encode */, - 0 /* field_decode */, - 0 /* field_set_to_one */ }; - - return &ret; - } -#endif - -int ec_GFp_recp_group_init(EC_GROUP *group) - { - int ok; - - ok = ec_GFp_simple_group_init(group); - group->field_data1 = NULL; - return ok; - } - - -int ec_GFp_recp_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -/* TODO */ - - -void ec_GFp_recp_group_finish(EC_GROUP *group); -/* TODO */ - - -void ec_GFp_recp_group_clear_finish(EC_GROUP *group); -/* TODO */ - - -int ec_GFp_recp_group_copy(EC_GROUP *dest, const EC_GROUP *src); -/* TODO */ - - -int ec_GFp_recp_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -/* TODO */ - - -int ec_GFp_recp_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx); -/* TODO */ diff --git a/src/lib/libcrypto/ec/ectest.c b/src/lib/libcrypto/ec/ectest.c index 6148d553f9..7509cb9c7c 100644 --- a/src/lib/libcrypto/ec/ectest.c +++ b/src/lib/libcrypto/ec/ectest.c @@ -432,9 +432,7 @@ void prime_field_tests() if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); -#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; -#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -478,9 +476,7 @@ void prime_field_tests() if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); -#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; -#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -525,9 +521,7 @@ void prime_field_tests() if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); -#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; -#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -577,9 +571,7 @@ void prime_field_tests() if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); -#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; -#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -635,9 +627,7 @@ void prime_field_tests() if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); -#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; -#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -809,7 +799,7 @@ void prime_field_tests() if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \ fprintf(stdout, "."); \ fflush(stdout); \ - /* if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; */ \ + if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; \ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \ if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \ fprintf(stdout, " ok\n"); \ @@ -1336,7 +1326,7 @@ int main(int argc, char *argv[]) #endif CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); - ERR_remove_state(0); + ERR_remove_thread_state(NULL); CRYPTO_mem_leaks_fp(stderr); return 0; diff --git a/src/lib/libcrypto/ecdh/Makefile b/src/lib/libcrypto/ecdh/Makefile index 7a7b618eeb..65d8904ee8 100644 --- a/src/lib/libcrypto/ecdh/Makefile +++ b/src/lib/libcrypto/ecdh/Makefile @@ -34,7 +34,7 @@ top: all: lib lib: $(LIBOBJ) - $(ARX) $(LIB) $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -88,27 +88,26 @@ ech_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h ech_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h ech_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h ech_key.o: ../../include/openssl/engine.h ../../include/openssl/evp.h -ech_key.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -ech_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -ech_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ech_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -ech_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ech_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ech_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ech_key.o: ech_key.c ech_locl.h +ech_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +ech_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ech_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ech_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ech_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ech_key.o: ../../include/openssl/x509_vfy.h ech_key.c ech_locl.h ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ech_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h ech_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h ech_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h -ech_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -ech_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -ech_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -ech_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ech_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -ech_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ech_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -ech_lib.o: ../../include/openssl/x509_vfy.h ech_lib.c ech_locl.h +ech_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +ech_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +ech_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +ech_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +ech_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ech_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ech_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +ech_lib.o: ech_lib.c ech_locl.h ech_ossl.o: ../../e_os.h ../../include/openssl/asn1.h ech_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h ech_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h diff --git a/src/lib/libcrypto/ecdsa/Makefile b/src/lib/libcrypto/ecdsa/Makefile index 4865f3c8d6..e89e0c010c 100644 --- a/src/lib/libcrypto/ecdsa/Makefile +++ b/src/lib/libcrypto/ecdsa/Makefile @@ -34,7 +34,7 @@ top: all: lib lib: $(LIBOBJ) - $(ARX) $(LIB) $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -97,14 +97,13 @@ ecs_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h ecs_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h ecs_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h ecs_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ecs_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -ecs_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -ecs_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ecs_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -ecs_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ecs_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecs_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ecs_lib.o: ecs_lib.c ecs_locl.h +ecs_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +ecs_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +ecs_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ecs_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ecs_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ecs_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ecs_lib.o: ../../include/openssl/x509_vfy.h ecs_lib.c ecs_locl.h ecs_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ecs_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h ecs_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h @@ -119,24 +118,23 @@ ecs_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h ecs_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h ecs_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h ecs_sign.o: ../../include/openssl/engine.h ../../include/openssl/evp.h -ecs_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -ecs_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -ecs_sign.o: ../../include/openssl/opensslconf.h +ecs_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +ecs_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h ecs_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ecs_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -ecs_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ecs_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -ecs_sign.o: ../../include/openssl/x509_vfy.h ecs_locl.h ecs_sign.c +ecs_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h +ecs_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ecs_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ecs_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +ecs_sign.o: ecs_locl.h ecs_sign.c ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ecs_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h ecs_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h ecs_vrf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h ecs_vrf.o: ../../include/openssl/engine.h ../../include/openssl/evp.h -ecs_vrf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -ecs_vrf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -ecs_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ecs_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -ecs_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ecs_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecs_vrf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ecs_vrf.o: ecs_locl.h ecs_vrf.c +ecs_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +ecs_vrf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +ecs_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ecs_vrf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ecs_vrf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ecs_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ecs_vrf.o: ../../include/openssl/x509_vfy.h ecs_locl.h ecs_vrf.c diff --git a/src/lib/libcrypto/engine/Makefile b/src/lib/libcrypto/engine/Makefile index 0736153075..9c214824eb 100644 --- a/src/lib/libcrypto/engine/Makefile +++ b/src/lib/libcrypto/engine/Makefile @@ -20,15 +20,13 @@ LIB=$(TOP)/libcrypto.a LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \ eng_table.c eng_pkey.c eng_fat.c eng_all.c \ tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \ - tb_cipher.c tb_digest.c \ - eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c eng_padlock.c \ - eng_aesni.c + tb_cipher.c tb_digest.c tb_pkmeth.c tb_asnmth.c \ + eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \ eng_table.o eng_pkey.o eng_fat.o eng_all.o \ tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \ - tb_cipher.o tb_digest.o \ - eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o eng_padlock.o \ - eng_aesni.o + tb_cipher.o tb_digest.o tb_pkmeth.o tb_asnmth.o \ + eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o SRC= $(LIBSRC) @@ -43,7 +41,7 @@ top: all: lib lib: $(LIBOBJ) - $(ARX) $(LIB) $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -84,56 +82,40 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -eng_aesni.o: ../../e_os.h ../../include/openssl/aes.h -eng_aesni.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -eng_aesni.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_aesni.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -eng_aesni.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -eng_aesni.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -eng_aesni.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_aesni.o: ../../include/openssl/lhash.h ../../include/openssl/modes.h -eng_aesni.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -eng_aesni.o: ../../include/openssl/opensslconf.h -eng_aesni.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_aesni.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -eng_aesni.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -eng_aesni.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -eng_aesni.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_aesni.c eng_all.o: ../../e_os.h ../../include/openssl/asn1.h eng_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h eng_all.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h eng_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h eng_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_all.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -eng_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -eng_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -eng_all.o: ../cryptlib.h eng_all.c eng_int.h +eng_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +eng_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +eng_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +eng_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +eng_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +eng_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +eng_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_all.c eng_int.h eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h eng_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h eng_cnf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h eng_cnf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_cnf.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -eng_cnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_cnf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -eng_cnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -eng_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -eng_cnf.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_cnf.c eng_int.h +eng_cnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_cnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +eng_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +eng_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +eng_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +eng_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +eng_cnf.o: ../cryptlib.h eng_cnf.c eng_int.h eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h eng_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_cryptodev.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h eng_cryptodev.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -eng_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_cryptodev.o: ../../include/openssl/obj_mac.h eng_cryptodev.o: ../../include/openssl/objects.h eng_cryptodev.o: ../../include/openssl/opensslconf.h eng_cryptodev.o: ../../include/openssl/opensslv.h @@ -148,9 +130,8 @@ eng_ctrl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_ctrl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h eng_ctrl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_ctrl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -eng_ctrl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -eng_ctrl.o: ../../include/openssl/opensslconf.h +eng_ctrl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +eng_ctrl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h eng_ctrl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h eng_ctrl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -162,50 +143,49 @@ eng_dyn.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h eng_dyn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h eng_dyn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_dyn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -eng_dyn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_dyn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -eng_dyn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -eng_dyn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -eng_dyn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_dyn.c eng_int.h +eng_dyn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_dyn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +eng_dyn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +eng_dyn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +eng_dyn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +eng_dyn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h eng_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h eng_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h eng_err.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_err.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -eng_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -eng_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -eng_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -eng_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -eng_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -eng_err.o: ../../include/openssl/x509_vfy.h eng_err.c +eng_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +eng_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +eng_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +eng_err.o: eng_err.c eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h eng_fat.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h eng_fat.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h eng_fat.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_fat.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -eng_fat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_fat.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -eng_fat.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -eng_fat.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_fat.c eng_int.h +eng_fat.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_fat.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +eng_fat.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +eng_fat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +eng_fat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +eng_fat.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h eng_init.o: ../../e_os.h ../../include/openssl/asn1.h eng_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h eng_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h eng_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h eng_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_init.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -eng_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -eng_init.o: ../../include/openssl/opensslconf.h +eng_init.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +eng_init.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h eng_init.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h eng_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -217,23 +197,22 @@ eng_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h eng_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h eng_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -eng_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -eng_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -eng_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -eng_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -eng_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_lib.c +eng_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +eng_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +eng_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +eng_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h +eng_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +eng_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +eng_lib.o: ../cryptlib.h eng_int.h eng_lib.c eng_list.o: ../../e_os.h ../../include/openssl/asn1.h eng_list.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h eng_list.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_list.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h eng_list.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h eng_list.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_list.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -eng_list.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -eng_list.o: ../../include/openssl/opensslconf.h +eng_list.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +eng_list.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h eng_list.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h eng_list.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -246,9 +225,8 @@ eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h eng_openssl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -eng_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -eng_openssl.o: ../../include/openssl/objects.h +eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h eng_openssl.o: ../../include/openssl/opensslconf.h eng_openssl.o: ../../include/openssl/opensslv.h eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h @@ -258,31 +236,14 @@ eng_openssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h eng_openssl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c -eng_padlock.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -eng_padlock.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -eng_padlock.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h -eng_padlock.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -eng_padlock.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_padlock.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -eng_padlock.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -eng_padlock.o: ../../include/openssl/objects.h -eng_padlock.o: ../../include/openssl/opensslconf.h -eng_padlock.o: ../../include/openssl/opensslv.h -eng_padlock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -eng_padlock.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -eng_padlock.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -eng_padlock.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -eng_padlock.o: ../../include/openssl/x509_vfy.h eng_padlock.c eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h eng_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h eng_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_pkey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -eng_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -eng_pkey.o: ../../include/openssl/opensslconf.h +eng_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +eng_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h eng_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h eng_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -294,8 +255,8 @@ eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_table.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h eng_table.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h eng_table.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_table.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -eng_table.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +eng_table.o: ../../include/openssl/objects.h eng_table.o: ../../include/openssl/opensslconf.h eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h eng_table.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h @@ -303,14 +264,29 @@ eng_table.o: ../../include/openssl/sha.h ../../include/openssl/stack.h eng_table.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h eng_table.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_table.o: eng_table.c +tb_asnmth.o: ../../e_os.h ../../include/openssl/asn1.h +tb_asnmth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +tb_asnmth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +tb_asnmth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +tb_asnmth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h +tb_asnmth.o: ../../include/openssl/err.h ../../include/openssl/evp.h +tb_asnmth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tb_asnmth.o: ../../include/openssl/objects.h +tb_asnmth.o: ../../include/openssl/opensslconf.h +tb_asnmth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +tb_asnmth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +tb_asnmth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +tb_asnmth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +tb_asnmth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h +tb_asnmth.o: eng_int.h tb_asnmth.c tb_cipher.o: ../../e_os.h ../../include/openssl/asn1.h tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h tb_cipher.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h tb_cipher.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h -tb_cipher.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -tb_cipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tb_cipher.o: ../../include/openssl/objects.h tb_cipher.o: ../../include/openssl/opensslconf.h tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tb_cipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h @@ -323,22 +299,22 @@ tb_dh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h tb_dh.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_dh.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -tb_dh.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -tb_dh.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -tb_dh.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_dh.c +tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +tb_dh.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +tb_dh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_dh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tb_dh.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +tb_dh.o: ../cryptlib.h eng_int.h tb_dh.c tb_digest.o: ../../e_os.h ../../include/openssl/asn1.h tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h tb_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h tb_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h tb_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h -tb_digest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -tb_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tb_digest.o: ../../include/openssl/objects.h tb_digest.o: ../../include/openssl/opensslconf.h tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tb_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h @@ -351,78 +327,89 @@ tb_dsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h tb_dsa.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_dsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -tb_dsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -tb_dsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -tb_dsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_dsa.c +tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +tb_dsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +tb_dsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_dsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tb_dsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +tb_dsa.o: ../cryptlib.h eng_int.h tb_dsa.c tb_ecdh.o: ../../e_os.h ../../include/openssl/asn1.h tb_ecdh.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h tb_ecdh.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h tb_ecdh.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h tb_ecdh.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/evp.h -tb_ecdh.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -tb_ecdh.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tb_ecdh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -tb_ecdh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -tb_ecdh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_ecdh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_ecdh.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -tb_ecdh.o: ../cryptlib.h eng_int.h tb_ecdh.c +tb_ecdh.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tb_ecdh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +tb_ecdh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +tb_ecdh.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +tb_ecdh.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +tb_ecdh.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +tb_ecdh.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_ecdh.c tb_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h tb_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h tb_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h tb_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h tb_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h tb_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h -tb_ecdsa.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -tb_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tb_ecdsa.o: ../../include/openssl/opensslconf.h +tb_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tb_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h tb_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tb_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h tb_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h tb_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h tb_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_ecdsa.c +tb_pkmeth.o: ../../e_os.h ../../include/openssl/asn1.h +tb_pkmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +tb_pkmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +tb_pkmeth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +tb_pkmeth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h +tb_pkmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h +tb_pkmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tb_pkmeth.o: ../../include/openssl/objects.h +tb_pkmeth.o: ../../include/openssl/opensslconf.h +tb_pkmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +tb_pkmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +tb_pkmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +tb_pkmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +tb_pkmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h +tb_pkmeth.o: tb_pkmeth.c tb_rand.o: ../../e_os.h ../../include/openssl/asn1.h tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h tb_rand.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h tb_rand.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h tb_rand.o: ../../include/openssl/err.h ../../include/openssl/evp.h -tb_rand.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -tb_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tb_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -tb_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -tb_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_rand.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -tb_rand.o: ../cryptlib.h eng_int.h tb_rand.c +tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +tb_rand.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +tb_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +tb_rand.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +tb_rand.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_rand.c tb_rsa.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h tb_rsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h tb_rsa.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_rsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -tb_rsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -tb_rsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -tb_rsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_rsa.c +tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +tb_rsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +tb_rsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_rsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tb_rsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +tb_rsa.o: ../cryptlib.h eng_int.h tb_rsa.c tb_store.o: ../../e_os.h ../../include/openssl/asn1.h tb_store.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h tb_store.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h tb_store.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h tb_store.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h tb_store.o: ../../include/openssl/err.h ../../include/openssl/evp.h -tb_store.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -tb_store.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tb_store.o: ../../include/openssl/opensslconf.h +tb_store.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tb_store.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h tb_store.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tb_store.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h tb_store.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/src/lib/libcrypto/engine/Makefile.ssl b/src/lib/libcrypto/engine/Makefile.ssl deleted file mode 100644 index 30a4446ff9..0000000000 --- a/src/lib/libcrypto/engine/Makefile.ssl +++ /dev/null @@ -1,538 +0,0 @@ -# -# OpenSSL/crypto/engine/Makefile -# - -DIR= engine -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= enginetest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \ - eng_table.c eng_pkey.c eng_fat.c eng_all.c \ - tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \ - eng_openssl.c eng_dyn.c eng_cnf.c \ - hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \ - hw_cryptodev.c hw_aep.c hw_sureware.c hw_4758_cca.c -LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \ - eng_table.o eng_pkey.o eng_fat.o eng_all.o \ - tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \ - eng_openssl.o eng_dyn.o eng_cnf.o \ - hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \ - hw_cryptodev.o hw_aep.o hw_sureware.o hw_4758_cca.o - -SRC= $(LIBSRC) - -EXHEADER= engine.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -errors: - $(PERL) $(TOP)/util/mkerr.pl -conf hw.ec \ - -nostatic -staticloader -write hw_*.c - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -eng_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -eng_all.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -eng_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -eng_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -eng_all.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -eng_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_all.o: ../../include/openssl/ui.h eng_all.c eng_int.h -eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h -eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -eng_cnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -eng_cnf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_cnf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_cnf.o: ../cryptlib.h eng_cnf.c -eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h -eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -eng_ctrl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_ctrl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -eng_ctrl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -eng_ctrl.o: ../../include/openssl/opensslconf.h -eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_ctrl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -eng_ctrl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_ctrl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_ctrl.o: ../cryptlib.h eng_ctrl.c eng_int.h -eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h -eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -eng_dyn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_dyn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -eng_dyn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_dyn.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_dyn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h -eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -eng_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -eng_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -eng_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -eng_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_err.o: ../../include/openssl/ui.h eng_err.c -eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h -eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -eng_fat.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -eng_fat.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_fat.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h -eng_init.o: ../../e_os.h ../../include/openssl/asn1.h -eng_init.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -eng_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_init.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -eng_init.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -eng_init.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -eng_init.o: ../../include/openssl/opensslconf.h -eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_init.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -eng_init.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_init.o: ../cryptlib.h eng_init.c eng_int.h -eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h -eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -eng_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -eng_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -eng_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -eng_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_lib.o: ../../include/openssl/ui.h ../cryptlib.h eng_int.h eng_lib.c -eng_list.o: ../../e_os.h ../../include/openssl/asn1.h -eng_list.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -eng_list.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_list.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -eng_list.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -eng_list.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -eng_list.o: ../../include/openssl/opensslconf.h -eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_list.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -eng_list.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_list.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_list.o: ../cryptlib.h eng_int.h eng_list.c -eng_openssl.o: ../../e_os.h ../../include/openssl/aes.h -eng_openssl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -eng_openssl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -eng_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -eng_openssl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -eng_openssl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_openssl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -eng_openssl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -eng_openssl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -eng_openssl.o: ../../include/openssl/opensslconf.h -eng_openssl.o: ../../include/openssl/opensslv.h -eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -eng_openssl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -eng_openssl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -eng_openssl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -eng_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -eng_openssl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_openssl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -eng_openssl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -eng_openssl.o: ../cryptlib.h eng_openssl.c -eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h -eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -eng_pkey.o: ../../include/openssl/opensslconf.h -eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -eng_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_pkey.o: ../cryptlib.h eng_int.h eng_pkey.c -eng_table.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -eng_table.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -eng_table.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -eng_table.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -eng_table.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -eng_table.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_table.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -eng_table.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -eng_table.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -eng_table.o: ../../include/openssl/objects.h -eng_table.o: ../../include/openssl/opensslconf.h -eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_table.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -eng_table.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -eng_table.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -eng_table.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_table.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -eng_table.o: eng_int.h eng_table.c -hw_4758_cca.o: ../../e_os.h ../../include/openssl/aes.h -hw_4758_cca.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_4758_cca.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -hw_4758_cca.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -hw_4758_cca.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_4758_cca.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_4758_cca.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_4758_cca.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_4758_cca.o: ../../include/openssl/err.h ../../include/openssl/evp.h -hw_4758_cca.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hw_4758_cca.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hw_4758_cca.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hw_4758_cca.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hw_4758_cca.o: ../../include/openssl/opensslconf.h -hw_4758_cca.o: ../../include/openssl/opensslv.h -hw_4758_cca.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -hw_4758_cca.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -hw_4758_cca.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hw_4758_cca.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -hw_4758_cca.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -hw_4758_cca.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hw_4758_cca.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -hw_4758_cca.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -hw_4758_cca.o: ../cryptlib.h hw_4758_cca.c hw_4758_cca_err.c hw_4758_cca_err.h -hw_4758_cca.o: vendor_defns/hw_4758_cca.h -hw_aep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_aep.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -hw_aep.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -hw_aep.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_aep.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_aep.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -hw_aep.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -hw_aep.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -hw_aep.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_aep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hw_aep.o: ../../include/openssl/ui.h hw_aep.c hw_aep_err.c hw_aep_err.h -hw_aep.o: vendor_defns/aep.h -hw_atalla.o: ../../e_os.h ../../include/openssl/asn1.h -hw_atalla.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_atalla.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_atalla.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_atalla.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_atalla.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_atalla.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_atalla.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_atalla.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_atalla.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h -hw_atalla.o: vendor_defns/atalla.h -hw_cryptodev.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -hw_cryptodev.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -hw_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -hw_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_cryptodev.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_cryptodev.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -hw_cryptodev.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -hw_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -hw_cryptodev.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -hw_cryptodev.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -hw_cryptodev.o: ../../include/openssl/objects.h -hw_cryptodev.o: ../../include/openssl/opensslconf.h -hw_cryptodev.o: ../../include/openssl/opensslv.h -hw_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -hw_cryptodev.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_cryptodev.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -hw_cryptodev.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_cryptodev.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -hw_cryptodev.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_cryptodev.o: ../../include/openssl/ui_compat.h hw_cryptodev.c -hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h -hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_cswift.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_cswift.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_cswift.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_cswift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_cswift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_cswift.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_cswift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_cswift.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_cswift.o: ../cryptlib.h hw_cswift.c hw_cswift_err.c hw_cswift_err.h -hw_cswift.o: vendor_defns/cswift.h -hw_ncipher.o: ../../e_os.h ../../include/openssl/aes.h -hw_ncipher.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_ncipher.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -hw_ncipher.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -hw_ncipher.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_ncipher.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_ncipher.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_ncipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_ncipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h -hw_ncipher.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hw_ncipher.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hw_ncipher.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hw_ncipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hw_ncipher.o: ../../include/openssl/opensslconf.h -hw_ncipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_ncipher.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -hw_ncipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -hw_ncipher.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_ncipher.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -hw_ncipher.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_ncipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -hw_ncipher.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_ncipher.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -hw_ncipher.o: ../../include/openssl/x509_vfy.h ../cryptlib.h hw_ncipher.c -hw_ncipher.o: hw_ncipher_err.c hw_ncipher_err.h vendor_defns/hwcryptohook.h -hw_nuron.o: ../../e_os.h ../../include/openssl/asn1.h -hw_nuron.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_nuron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_nuron.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_nuron.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_nuron.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_nuron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_nuron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_nuron.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h -hw_sureware.o: ../../e_os.h ../../include/openssl/aes.h -hw_sureware.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_sureware.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -hw_sureware.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -hw_sureware.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_sureware.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_sureware.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_sureware.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_sureware.o: ../../include/openssl/err.h ../../include/openssl/evp.h -hw_sureware.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hw_sureware.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hw_sureware.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hw_sureware.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hw_sureware.o: ../../include/openssl/opensslconf.h -hw_sureware.o: ../../include/openssl/opensslv.h -hw_sureware.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -hw_sureware.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -hw_sureware.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -hw_sureware.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hw_sureware.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -hw_sureware.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -hw_sureware.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hw_sureware.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -hw_sureware.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -hw_sureware.o: ../cryptlib.h eng_int.h engine.h hw_sureware.c hw_sureware_err.c -hw_sureware.o: hw_sureware_err.h vendor_defns/sureware.h -hw_ubsec.o: ../../e_os.h ../../include/openssl/asn1.h -hw_ubsec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_ubsec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_ubsec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_ubsec.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_ubsec.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_ubsec.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_ubsec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_ubsec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_ubsec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_ubsec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_ubsec.o: ../cryptlib.h hw_ubsec.c hw_ubsec_err.c hw_ubsec_err.h -hw_ubsec.o: vendor_defns/hw_ubsec.h -tb_cipher.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_cipher.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_cipher.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_cipher.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_cipher.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_cipher.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_cipher.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_cipher.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_cipher.o: ../../include/openssl/objects.h -tb_cipher.o: ../../include/openssl/opensslconf.h -tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_cipher.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_cipher.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_cipher.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_cipher.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_cipher.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_cipher.o: eng_int.h tb_cipher.c -tb_dh.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_dh.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_dh.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_dh.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_dh.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_dh.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_dh.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_dh.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_dh.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_dh.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_dh.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_dh.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h eng_int.h -tb_dh.o: tb_dh.c -tb_digest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_digest.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_digest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_digest.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_digest.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_digest.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_digest.o: ../../include/openssl/objects.h -tb_digest.o: ../../include/openssl/opensslconf.h -tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_digest.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_digest.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_digest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_digest.o: eng_int.h tb_digest.c -tb_dsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_dsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_dsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_dsa.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_dsa.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_dsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_dsa.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_dsa.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_dsa.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_dsa.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_dsa.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_dsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_dsa.o: eng_int.h tb_dsa.c -tb_rand.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_rand.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_rand.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_rand.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_rand.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_rand.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_rand.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_rand.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_rand.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_rand.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_rand.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_rand.o: eng_int.h tb_rand.c -tb_rsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_rsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_rsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_rsa.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_rsa.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_rsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_rsa.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_rsa.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_rsa.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_rsa.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_rsa.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_rsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_rsa.o: eng_int.h tb_rsa.c diff --git a/src/lib/libcrypto/engine/eng_all.c b/src/lib/libcrypto/engine/eng_all.c index 69e54f461e..79d1f2beff 100644 --- a/src/lib/libcrypto/engine/eng_all.c +++ b/src/lib/libcrypto/engine/eng_all.c @@ -61,15 +61,15 @@ void ENGINE_load_builtin_engines(void) { +#if 0 /* There's no longer any need for an "openssl" ENGINE unless, one day, * it is the *only* way for standard builtin implementations to be be * accessed (ie. it would be possible to statically link binaries with * *no* builtin implementations). */ -#if 0 ENGINE_load_openssl(); #endif -#if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) - ENGINE_load_padlock(); +#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)) + ENGINE_load_cryptodev(); #endif #if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AESNI) @@ -103,14 +103,15 @@ void ENGINE_load_builtin_engines(void) #ifndef OPENSSL_NO_HW_UBSEC ENGINE_load_ubsec(); #endif +#ifndef OPENSSL_NO_HW_PADLOCK + ENGINE_load_padlock(); #endif -#if !defined(OPENSSL_NO_GMP) && !defined(OPENSSL_NO_HW_GMP) - ENGINE_load_gmp(); #endif +#ifndef OPENSSL_NO_GOST + ENGINE_load_gost(); #endif -#ifndef OPENSSL_NO_HW -#if defined(__OpenBSD__) || defined(__FreeBSD__) - ENGINE_load_cryptodev(); +#ifndef OPENSSL_NO_GMP + ENGINE_load_gmp(); #endif #if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) ENGINE_load_capi(); @@ -118,7 +119,7 @@ void ENGINE_load_builtin_engines(void) #endif } -#if defined(__OpenBSD__) || defined(__FreeBSD__) +#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) void ENGINE_setup_bsd_cryptodev(void) { static int bsd_cryptodev_default_loaded = 0; if (!bsd_cryptodev_default_loaded) { diff --git a/src/lib/libcrypto/engine/eng_cnf.c b/src/lib/libcrypto/engine/eng_cnf.c index 08066cea59..95c4070015 100644 --- a/src/lib/libcrypto/engine/eng_cnf.c +++ b/src/lib/libcrypto/engine/eng_cnf.c @@ -95,7 +95,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) int ret = 0; long do_init = -1; STACK_OF(CONF_VALUE) *ecmds; - CONF_VALUE *ecmd; + CONF_VALUE *ecmd = NULL; char *ctrlname, *ctrlvalue; ENGINE *e = NULL; int soft = 0; @@ -157,7 +157,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) return 1; } if (!e) - return 0; + goto err; } /* Allow "EMPTY" to mean no value: this allows a valid * "value" to be passed to ctrls of type NO_INPUT @@ -186,16 +186,27 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) } else if (!ENGINE_ctrl_cmd_string(e, ctrlname, ctrlvalue, 0)) - return 0; + goto err; } } if (e && (do_init == -1) && !int_engine_init(e)) + { + ecmd = NULL; goto err; + } ret = 1; err: + if (ret != 1) + { + ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_CONFIGURATION_ERROR); + if (ecmd) + ERR_add_error_data(6, "section=", ecmd->section, + ", name=", ecmd->name, + ", value=", ecmd->value); + } if (e) ENGINE_free(e); return ret; diff --git a/src/lib/libcrypto/engine/eng_cryptodev.c b/src/lib/libcrypto/engine/eng_cryptodev.c index 52f4ca3901..f04c79151b 100644 --- a/src/lib/libcrypto/engine/eng_cryptodev.c +++ b/src/lib/libcrypto/engine/eng_cryptodev.c @@ -32,7 +32,7 @@ #include #if (defined(__unix__) || defined(unix)) && !defined(USG) && \ - (defined(OpenBSD) || defined(__FreeBSD__)) + (defined(__OpenBSD__) || defined(__FreeBSD__)) #include # if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041) # define HAVE_CRYPTODEV diff --git a/src/lib/libcrypto/engine/eng_ctrl.c b/src/lib/libcrypto/engine/eng_ctrl.c index 95b6b455aa..5ce25d92ec 100644 --- a/src/lib/libcrypto/engine/eng_ctrl.c +++ b/src/lib/libcrypto/engine/eng_ctrl.c @@ -280,7 +280,7 @@ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, } /* Force the result of the control command to 0 or 1, for the reasons * mentioned before. */ - if (ENGINE_ctrl(e, num, i, p, f)) + if (ENGINE_ctrl(e, num, i, p, f) > 0) return 1; return 0; } @@ -345,7 +345,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, * usage of these commands is consistent across applications and * that certain applications don't understand it one way, and * others another. */ - if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL)) + if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) return 1; return 0; } @@ -360,7 +360,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, if(flags & ENGINE_CMD_FLAG_STRING) { /* Same explanation as above */ - if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL)) + if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) return 1; return 0; } @@ -383,7 +383,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, } /* Force the result of the control command to 0 or 1, for the reasons * mentioned before. */ - if(ENGINE_ctrl(e, num, l, NULL, NULL)) + if(ENGINE_ctrl(e, num, l, NULL, NULL) > 0) return 1; return 0; } diff --git a/src/lib/libcrypto/engine/eng_dyn.c b/src/lib/libcrypto/engine/eng_dyn.c index acb30c34d8..807da7a5eb 100644 --- a/src/lib/libcrypto/engine/eng_dyn.c +++ b/src/lib/libcrypto/engine/eng_dyn.c @@ -146,14 +146,14 @@ struct st_dynamic_data_ctx * 'dirs' for loading. Default is to use 'dirs' as a fallback. */ int dir_load; /* A stack of directories from which ENGINEs could be loaded */ - STACK *dirs; + STACK_OF(OPENSSL_STRING) *dirs; }; /* This is the "ex_data" index we obtain and reserve for use with our context * structure. */ static int dynamic_ex_data_idx = -1; -static void int_free_str(void *s) { OPENSSL_free(s); } +static void int_free_str(char *s) { OPENSSL_free(s); } /* Because our ex_data element may or may not get allocated depending on whether * a "first-use" occurs before the ENGINE is freed, we have a memory leak * problem to solve. We can't declare a "new" handler for the ex_data as we @@ -174,7 +174,7 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr, if(ctx->engine_id) OPENSSL_free((void*)ctx->engine_id); if(ctx->dirs) - sk_pop_free(ctx->dirs, int_free_str); + sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str); OPENSSL_free(ctx); } } @@ -203,7 +203,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) c->DYNAMIC_F1 = "v_check"; c->DYNAMIC_F2 = "bind_engine"; c->dir_load = 1; - c->dirs = sk_new_null(); + c->dirs = sk_OPENSSL_STRING_new_null(); if(!c->dirs) { ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); @@ -393,7 +393,7 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) ERR_R_MALLOC_FAILURE); return 0; } - sk_insert(ctx->dirs, tmp_str, -1); + sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1); } return 1; default: @@ -411,11 +411,11 @@ static int int_load(dynamic_data_ctx *ctx) ctx->DYNAMIC_LIBNAME, NULL, 0)) != NULL) return 1; /* If we're not allowed to use 'dirs' or we have none, fail */ - if(!ctx->dir_load || ((num = sk_num(ctx->dirs)) < 1)) + if(!ctx->dir_load || (num = sk_OPENSSL_STRING_num(ctx->dirs)) < 1) return 0; for(loop = 0; loop < num; loop++) { - const char *s = sk_value(ctx->dirs, loop); + const char *s = sk_OPENSSL_STRING_value(ctx->dirs, loop); char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s); if(!merge) return 0; diff --git a/src/lib/libcrypto/engine/eng_err.c b/src/lib/libcrypto/engine/eng_err.c index 574ffbb5c0..81c70acfa8 100644 --- a/src/lib/libcrypto/engine/eng_err.c +++ b/src/lib/libcrypto/engine/eng_err.c @@ -1,6 +1,6 @@ /* crypto/engine/eng_err.c */ /* ==================================================================== - * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -86,6 +86,8 @@ static ERR_STRING_DATA ENGINE_str_functs[]= {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"}, {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"}, {ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"}, +{ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH), "ENGINE_get_pkey_asn1_meth"}, +{ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH), "ENGINE_get_pkey_meth"}, {ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"}, {ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"}, {ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"}, @@ -124,6 +126,7 @@ static ERR_STRING_DATA ENGINE_str_reasons[]= {ERR_REASON(ENGINE_R_DSO_FAILURE) ,"DSO failure"}, {ERR_REASON(ENGINE_R_DSO_NOT_FOUND) ,"dso not found"}, {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR),"engines section error"}, +{ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR),"engine configuration error"}, {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST),"engine is not in the list"}, {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR),"engine section error"}, {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"}, @@ -150,6 +153,7 @@ static ERR_STRING_DATA ENGINE_str_reasons[]= {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED),"rsa not implemented"}, {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER),"unimplemented cipher"}, {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST),"unimplemented digest"}, +{ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),"unimplemented public key method"}, {ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY),"version incompatibility"}, {0,NULL} }; diff --git a/src/lib/libcrypto/engine/eng_fat.c b/src/lib/libcrypto/engine/eng_fat.c index 27c1662f62..db66e62350 100644 --- a/src/lib/libcrypto/engine/eng_fat.c +++ b/src/lib/libcrypto/engine/eng_fat.c @@ -89,6 +89,12 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) #endif if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) return 0; + if((flags & ENGINE_METHOD_PKEY_METHS) + && !ENGINE_set_default_pkey_meths(e)) + return 0; + if((flags & ENGINE_METHOD_PKEY_ASN1_METHS) + && !ENGINE_set_default_pkey_asn1_meths(e)) + return 0; return 1; } @@ -115,6 +121,13 @@ static int int_def_cb(const char *alg, int len, void *arg) *pflags |= ENGINE_METHOD_CIPHERS; else if (!strncmp(alg, "DIGESTS", len)) *pflags |= ENGINE_METHOD_DIGESTS; + else if (!strncmp(alg, "PKEY", len)) + *pflags |= + ENGINE_METHOD_PKEY_METHS|ENGINE_METHOD_PKEY_ASN1_METHS; + else if (!strncmp(alg, "PKEY_CRYPTO", len)) + *pflags |= ENGINE_METHOD_PKEY_METHS; + else if (!strncmp(alg, "PKEY_ASN1", len)) + *pflags |= ENGINE_METHOD_PKEY_ASN1_METHS; else return 0; return 1; @@ -154,6 +167,7 @@ int ENGINE_register_complete(ENGINE *e) ENGINE_register_ECDSA(e); #endif ENGINE_register_RAND(e); + ENGINE_register_pkey_meths(e); return 1; } diff --git a/src/lib/libcrypto/engine/eng_int.h b/src/lib/libcrypto/engine/eng_int.h index a66f107a44..451ef8feb8 100644 --- a/src/lib/libcrypto/engine/eng_int.h +++ b/src/lib/libcrypto/engine/eng_int.h @@ -127,6 +127,8 @@ ENGINE *engine_table_select(ENGINE_TABLE **table, int nid); ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l); #define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__) #endif +typedef void (engine_table_doall_cb)(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg); +void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, void *arg); /* Internal versions of API functions that have control over locking. These are * used between C files when functionality needs to be shared but the caller may @@ -143,6 +145,11 @@ void engine_set_all_null(ENGINE *e); /* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed * in engine.h. */ +/* Free up dynamically allocated public key methods associated with ENGINE */ + +void engine_pkey_meths_free(ENGINE *e); +void engine_pkey_asn1_meths_free(ENGINE *e); + /* This is a structure for storing implementations of various crypto * algorithms and functions. */ struct engine_st @@ -160,7 +167,10 @@ struct engine_st ENGINE_CIPHERS_PTR ciphers; /* Digest handling is via this callback */ ENGINE_DIGESTS_PTR digests; - + /* Public key handling via this callback */ + ENGINE_PKEY_METHS_PTR pkey_meths; + /* ASN1 public key handling via this callback */ + ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths; ENGINE_GEN_INT_FUNC_PTR destroy; diff --git a/src/lib/libcrypto/engine/eng_lib.c b/src/lib/libcrypto/engine/eng_lib.c index 5815b867f4..18a6664645 100644 --- a/src/lib/libcrypto/engine/eng_lib.c +++ b/src/lib/libcrypto/engine/eng_lib.c @@ -125,6 +125,9 @@ int engine_free_util(ENGINE *e, int locked) abort(); } #endif + /* Free up any dynamically allocated public key methods */ + engine_pkey_meths_free(e); + engine_pkey_asn1_meths_free(e); /* Give the ENGINE a chance to do any structural cleanup corresponding * to allocation it did in its constructor (eg. unload error strings) */ if(e->destroy) diff --git a/src/lib/libcrypto/engine/eng_list.c b/src/lib/libcrypto/engine/eng_list.c index bd511944ba..27846edb1e 100644 --- a/src/lib/libcrypto/engine/eng_list.c +++ b/src/lib/libcrypto/engine/eng_list.c @@ -336,6 +336,7 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) dest->store_meth = src->store_meth; dest->ciphers = src->ciphers; dest->digests = src->digests; + dest->pkey_meths = src->pkey_meths; dest->destroy = src->destroy; dest->init = src->init; dest->finish = src->finish; @@ -412,6 +413,7 @@ ENGINE *ENGINE_by_id(const char *id) return iterator; } notfound: + ENGINE_free(iterator); ENGINEerr(ENGINE_F_ENGINE_BY_ID,ENGINE_R_NO_SUCH_ENGINE); ERR_add_error_data(2, "id=", id); return NULL; diff --git a/src/lib/libcrypto/engine/eng_openssl.c b/src/lib/libcrypto/engine/eng_openssl.c index 7c139ae2ef..9abb95cc22 100644 --- a/src/lib/libcrypto/engine/eng_openssl.c +++ b/src/lib/libcrypto/engine/eng_openssl.c @@ -238,7 +238,7 @@ static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, return 1; } static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { #ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n"); diff --git a/src/lib/libcrypto/engine/eng_table.c b/src/lib/libcrypto/engine/eng_table.c index 8879a267d1..4fde948185 100644 --- a/src/lib/libcrypto/engine/eng_table.c +++ b/src/lib/libcrypto/engine/eng_table.c @@ -70,12 +70,22 @@ typedef struct st_engine_pile int uptodate; } ENGINE_PILE; +DECLARE_LHASH_OF(ENGINE_PILE); + /* The type exposed in eng_int.h */ struct st_engine_table { - LHASH piles; + LHASH_OF(ENGINE_PILE) piles; }; /* ENGINE_TABLE */ + +typedef struct st_engine_pile_doall + { + engine_table_doall_cb *cb; + void *arg; + } ENGINE_PILE_DOALL; + + /* Global flags (ENGINE_TABLE_FLAG_***). */ static unsigned int table_flags = 0; @@ -84,6 +94,7 @@ unsigned int ENGINE_get_table_flags(void) { return table_flags; } + void ENGINE_set_table_flags(unsigned int flags) { table_flags = flags; @@ -94,19 +105,21 @@ static unsigned long engine_pile_hash(const ENGINE_PILE *c) { return c->nid; } + static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b) { return a->nid - b->nid; } -static IMPLEMENT_LHASH_HASH_FN(engine_pile_hash, const ENGINE_PILE *) -static IMPLEMENT_LHASH_COMP_FN(engine_pile_cmp, const ENGINE_PILE *) +static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE) +static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE) + static int int_table_check(ENGINE_TABLE **t, int create) { - LHASH *lh; + LHASH_OF(ENGINE_PILE) *lh; + if(*t) return 1; if(!create) return 0; - if((lh = lh_new(LHASH_HASH_FN(engine_pile_hash), - LHASH_COMP_FN(engine_pile_cmp))) == NULL) + if((lh = lh_ENGINE_PILE_new()) == NULL) return 0; *t = (ENGINE_TABLE *)lh; return 1; @@ -130,7 +143,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, while(num_nids--) { tmplate.nid = *nids; - fnd = lh_retrieve(&(*table)->piles, &tmplate); + fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); if(!fnd) { fnd = OPENSSL_malloc(sizeof(ENGINE_PILE)); @@ -144,7 +157,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, goto end; } fnd->funct = NULL; - lh_insert(&(*table)->piles, fnd); + (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd); } /* A registration shouldn't add duplciate entries */ (void)sk_ENGINE_delete_ptr(fnd->sk, e); @@ -173,7 +186,7 @@ end: CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); return ret; } -static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e) +static void int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e) { int n; /* Iterate the 'c->sk' stack removing any occurance of 'e' */ @@ -188,31 +201,35 @@ static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e) pile->funct = NULL; } } -static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb,ENGINE_PILE *,ENGINE *) +static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE) + void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e) { CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); if(int_table_check(table, 0)) - lh_doall_arg(&(*table)->piles, - LHASH_DOALL_ARG_FN(int_unregister_cb), e); + lh_ENGINE_PILE_doall_arg(&(*table)->piles, + LHASH_DOALL_ARG_FN(int_unregister_cb), + ENGINE, e); CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); } -static void int_cleanup_cb(ENGINE_PILE *p) +static void int_cleanup_cb_doall(ENGINE_PILE *p) { sk_ENGINE_free(p->sk); if(p->funct) engine_unlocked_finish(p->funct, 0); OPENSSL_free(p); } -static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb,ENGINE_PILE *) +static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE) + void engine_table_cleanup(ENGINE_TABLE **table) { CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); if(*table) { - lh_doall(&(*table)->piles, LHASH_DOALL_FN(int_cleanup_cb)); - lh_free(&(*table)->piles); + lh_ENGINE_PILE_doall(&(*table)->piles, + LHASH_DOALL_FN(int_cleanup_cb)); + lh_ENGINE_PILE_free(&(*table)->piles); *table = NULL; } CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); @@ -237,12 +254,13 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, in #endif return NULL; } + ERR_set_mark(); CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); /* Check again inside the lock otherwise we could race against cleanup * operations. But don't worry about a fprintf(stderr). */ if(!int_table_check(table, 0)) goto end; tmplate.nid = nid; - fnd = lh_retrieve(&(*table)->piles, &tmplate); + fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); if(!fnd) goto end; if(fnd->funct && engine_unlocked_init(fnd->funct)) { @@ -310,6 +328,24 @@ end: CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); /* Whatever happened, any failed init()s are not failures in this * context, so clear our error state. */ - ERR_clear_error(); + ERR_pop_to_mark(); return ret; } + +/* Table enumeration */ + +static void int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall) + { + dall->cb(pile->nid, pile->sk, pile->funct, dall->arg); + } +static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE,ENGINE_PILE_DOALL) + +void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, + void *arg) + { + ENGINE_PILE_DOALL dall; + dall.cb = cb; + dall.arg = arg; + lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb), + ENGINE_PILE_DOALL, &dall); + } diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h index ecab9453ba..8ad11b15d7 100644 --- a/src/lib/libcrypto/engine/engine.h +++ b/src/lib/libcrypto/engine/engine.h @@ -88,16 +88,15 @@ #include #endif #include -#include #include #include #endif -#include - #include #include +#include + #ifdef __cplusplus extern "C" { #endif @@ -113,6 +112,8 @@ extern "C" { #define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 #define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 #define ENGINE_METHOD_STORE (unsigned int)0x0100 +#define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200 +#define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400 /* Obvious all-or-nothing cases. */ #define ENGINE_METHOD_ALL (unsigned int)0xFFFF #define ENGINE_METHOD_NONE (unsigned int)0x0000 @@ -297,7 +298,8 @@ typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl, * parameter is non-NULL it is set to the size of the returned array. */ typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int); typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int); - +typedef int (*ENGINE_PKEY_METHS_PTR)(ENGINE *, EVP_PKEY_METHOD **, const int **, int); +typedef int (*ENGINE_PKEY_ASN1_METHS_PTR)(ENGINE *, EVP_PKEY_ASN1_METHOD **, const int **, int); /* STRUCTURE functions ... all of these functions deal with pointers to ENGINE * structures where the pointers have a "structural reference". This means that * their reference is to allowed access to the structure but it does not imply @@ -329,20 +331,21 @@ void ENGINE_load_aep(void); void ENGINE_load_atalla(void); void ENGINE_load_chil(void); void ENGINE_load_cswift(void); -#ifndef OPENSSL_NO_GMP -void ENGINE_load_gmp(void); -#endif void ENGINE_load_nuron(void); void ENGINE_load_sureware(void); void ENGINE_load_ubsec(void); +void ENGINE_load_padlock(void); +void ENGINE_load_capi(void); +#ifndef OPENSSL_NO_GMP +void ENGINE_load_gmp(void); +#endif +#ifndef OPENSSL_NO_GOST +void ENGINE_load_gost(void); +#endif #endif void ENGINE_load_cryptodev(void); void ENGINE_load_aesni(void); -void ENGINE_load_padlock(void); void ENGINE_load_builtin_engines(void); -#ifndef OPENSSL_NO_CAPIENG -void ENGINE_load_capi(void); -#endif /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation * "registry" handling. */ @@ -393,6 +396,14 @@ int ENGINE_register_digests(ENGINE *e); void ENGINE_unregister_digests(ENGINE *e); void ENGINE_register_all_digests(void); +int ENGINE_register_pkey_meths(ENGINE *e); +void ENGINE_unregister_pkey_meths(ENGINE *e); +void ENGINE_register_all_pkey_meths(void); + +int ENGINE_register_pkey_asn1_meths(ENGINE *e); +void ENGINE_unregister_pkey_asn1_meths(ENGINE *e); +void ENGINE_register_all_pkey_asn1_meths(void); + /* These functions register all support from the above categories. Note, use of * these functions can result in static linkage of code your application may not * need. If you only need a subset of functionality, consider using more @@ -472,6 +483,8 @@ int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, ENGINE_SSL_CLIENT_CERT_PTR loadssl_f); int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); +int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f); +int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f); int ENGINE_set_flags(ENGINE *e, int flags); int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); /* These functions allow control over any per-structure ENGINE data. */ @@ -508,8 +521,16 @@ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e); ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); +ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e); +ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e); const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); +const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid); +const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid); +const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e, + const char *str, int len); +const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe, + const char *str, int len); const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); int ENGINE_get_flags(const ENGINE *e); @@ -561,6 +582,8 @@ ENGINE *ENGINE_get_default_RAND(void); * ciphering or digesting corresponding to "nid". */ ENGINE *ENGINE_get_cipher_engine(int nid); ENGINE *ENGINE_get_digest_engine(int nid); +ENGINE *ENGINE_get_pkey_meth_engine(int nid); +ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid); /* This sets a new default ENGINE structure for performing RSA * operations. If the result is non-zero (success) then the ENGINE @@ -576,6 +599,8 @@ int ENGINE_set_default_DH(ENGINE *e); int ENGINE_set_default_RAND(ENGINE *e); int ENGINE_set_default_ciphers(ENGINE *e); int ENGINE_set_default_digests(ENGINE *e); +int ENGINE_set_default_pkey_meths(ENGINE *e); +int ENGINE_set_default_pkey_asn1_meths(ENGINE *e); /* The combination "set" - the flags are bitwise "OR"d from the * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()" @@ -704,7 +729,7 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, * values. */ void *ENGINE_get_static_state(void); -#if defined(__OpenBSD__) || defined(__FreeBSD__) +#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) void ENGINE_setup_bsd_cryptodev(void); #endif @@ -733,13 +758,15 @@ void ERR_load_ENGINE_strings(void); #define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 #define ENGINE_F_ENGINE_GET_DIGEST 186 #define ENGINE_F_ENGINE_GET_NEXT 115 +#define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193 +#define ENGINE_F_ENGINE_GET_PKEY_METH 192 #define ENGINE_F_ENGINE_GET_PREV 116 #define ENGINE_F_ENGINE_INIT 119 #define ENGINE_F_ENGINE_LIST_ADD 120 #define ENGINE_F_ENGINE_LIST_REMOVE 121 #define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 #define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 -#define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 192 +#define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194 #define ENGINE_F_ENGINE_NEW 122 #define ENGINE_F_ENGINE_REMOVE 123 #define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 @@ -768,6 +795,7 @@ void ERR_load_ENGINE_strings(void); #define ENGINE_R_DSO_FAILURE 104 #define ENGINE_R_DSO_NOT_FOUND 132 #define ENGINE_R_ENGINES_SECTION_ERROR 148 +#define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102 #define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105 #define ENGINE_R_ENGINE_SECTION_ERROR 149 #define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128 @@ -794,6 +822,7 @@ void ERR_load_ENGINE_strings(void); #define ENGINE_R_RSA_NOT_IMPLEMENTED 141 #define ENGINE_R_UNIMPLEMENTED_CIPHER 146 #define ENGINE_R_UNIMPLEMENTED_DIGEST 147 +#define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101 #define ENGINE_R_VERSION_INCOMPATIBILITY 145 #ifdef __cplusplus diff --git a/src/lib/libcrypto/engine/enginetest.c b/src/lib/libcrypto/engine/enginetest.c index e3834611db..f4d70e7e0a 100644 --- a/src/lib/libcrypto/engine/enginetest.c +++ b/src/lib/libcrypto/engine/enginetest.c @@ -276,7 +276,7 @@ end: ENGINE_cleanup(); CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); - ERR_remove_state(0); + ERR_remove_thread_state(NULL); CRYPTO_mem_leaks_fp(stderr); return to_return; } diff --git a/src/lib/libcrypto/engine/hw.ec b/src/lib/libcrypto/engine/hw.ec deleted file mode 100644 index 5481a43918..0000000000 --- a/src/lib/libcrypto/engine/hw.ec +++ /dev/null @@ -1,8 +0,0 @@ -L AEPHK hw_aep_err.h hw_aep_err.c -L ATALLA hw_atalla_err.h hw_atalla_err.c -L CSWIFT hw_cswift_err.h hw_cswift_err.c -L HWCRHK hw_ncipher_err.h hw_ncipher_err.c -L NURON hw_nuron_err.h hw_nuron_err.c -L SUREWARE hw_sureware_err.h hw_sureware_err.c -L UBSEC hw_ubsec_err.h hw_ubsec_err.c -L CCA4758 hw_4758_cca_err.h hw_4758_cca_err.c diff --git a/src/lib/libcrypto/engine/hw_4758_cca.c b/src/lib/libcrypto/engine/hw_4758_cca.c deleted file mode 100644 index 4f5ae8a46d..0000000000 --- a/src/lib/libcrypto/engine/hw_4758_cca.c +++ /dev/null @@ -1,969 +0,0 @@ -/* Author: Maurice Gittens */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -/* #include */ -#include "cryptlib.h" -#include -#include -#include -#include - -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_4758_CCA - -#ifdef FLAT_INC -#include "hw_4758_cca.h" -#else -#include "vendor_defns/hw_4758_cca.h" -#endif - -#include "hw_4758_cca_err.c" - -static int ibm_4758_cca_destroy(ENGINE *e); -static int ibm_4758_cca_init(ENGINE *e); -static int ibm_4758_cca_finish(ENGINE *e); -static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); - -/* rsa functions */ -/*---------------*/ -#ifndef OPENSSL_NO_RSA -static int cca_rsa_pub_enc(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int cca_rsa_priv_dec(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, const RSA *rsa); -static int cca_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, const RSA *rsa); - -/* utility functions */ -/*-----------------------*/ -static EVP_PKEY *ibm_4758_load_privkey(ENGINE*, const char*, - UI_METHOD *ui_method, void *callback_data); -static EVP_PKEY *ibm_4758_load_pubkey(ENGINE*, const char*, - UI_METHOD *ui_method, void *callback_data); - -static int getModulusAndExponent(const unsigned char *token, long *exponentLength, - unsigned char *exponent, long *modulusLength, - long *modulusFieldLength, unsigned char *modulus); -#endif - -/* RAND number functions */ -/*-----------------------*/ -static int cca_get_random_bytes(unsigned char*, int ); -static int cca_random_status(void); - -static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx,long argl, void *argp); - -/* Function pointers for CCA verbs */ -/*---------------------------------*/ -#ifndef OPENSSL_NO_RSA -static F_KEYRECORDREAD keyRecordRead; -static F_DIGITALSIGNATUREGENERATE digitalSignatureGenerate; -static F_DIGITALSIGNATUREVERIFY digitalSignatureVerify; -static F_PUBLICKEYEXTRACT publicKeyExtract; -static F_PKAENCRYPT pkaEncrypt; -static F_PKADECRYPT pkaDecrypt; -#endif -static F_RANDOMNUMBERGENERATE randomNumberGenerate; - -/* static variables */ -/*------------------*/ -static const char *CCA4758_LIB_NAME = NULL; -static const char *get_CCA4758_LIB_NAME(void) - { - if(CCA4758_LIB_NAME) - return CCA4758_LIB_NAME; - return CCA_LIB_NAME; - } -static void free_CCA4758_LIB_NAME(void) - { - if(CCA4758_LIB_NAME) - OPENSSL_free((void*)CCA4758_LIB_NAME); - CCA4758_LIB_NAME = NULL; - } -static long set_CCA4758_LIB_NAME(const char *name) - { - free_CCA4758_LIB_NAME(); - return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0); - } -#ifndef OPENSSL_NO_RSA -static const char* n_keyRecordRead = CSNDKRR; -static const char* n_digitalSignatureGenerate = CSNDDSG; -static const char* n_digitalSignatureVerify = CSNDDSV; -static const char* n_publicKeyExtract = CSNDPKX; -static const char* n_pkaEncrypt = CSNDPKE; -static const char* n_pkaDecrypt = CSNDPKD; -#endif -static const char* n_randomNumberGenerate = CSNBRNG; - -static int hndidx = -1; -static DSO *dso = NULL; - -/* openssl engine initialization structures */ -/*------------------------------------------*/ - -#define CCA4758_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN cca4758_cmd_defns[] = { - {CCA4758_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the '4758cca' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} - }; - -#ifndef OPENSSL_NO_RSA -static RSA_METHOD ibm_4758_cca_rsa = - { - "IBM 4758 CCA RSA method", - cca_rsa_pub_enc, - NULL, - NULL, - cca_rsa_priv_dec, - NULL, /*rsa_mod_exp,*/ - NULL, /*mod_exp_mont,*/ - NULL, /* init */ - NULL, /* finish */ - RSA_FLAG_SIGN_VER, /* flags */ - NULL, /* app_data */ - cca_rsa_sign, /* rsa_sign */ - cca_rsa_verify /* rsa_verify */ - }; -#endif - -static RAND_METHOD ibm_4758_cca_rand = - { - /* "IBM 4758 RAND method", */ - NULL, /* seed */ - cca_get_random_bytes, /* get random bytes from the card */ - NULL, /* cleanup */ - NULL, /* add */ - cca_get_random_bytes, /* pseudo rand */ - cca_random_status, /* status */ - }; - -static const char *engine_4758_cca_id = "4758cca"; -static const char *engine_4758_cca_name = "IBM 4758 CCA hardware engine support"; - -/* engine implementation */ -/*-----------------------*/ -static int bind_helper(ENGINE *e) - { - if(!ENGINE_set_id(e, engine_4758_cca_id) || - !ENGINE_set_name(e, engine_4758_cca_name) || -#ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &ibm_4758_cca_rsa) || -#endif - !ENGINE_set_RAND(e, &ibm_4758_cca_rand) || - !ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) || - !ENGINE_set_init_function(e, ibm_4758_cca_init) || - !ENGINE_set_finish_function(e, ibm_4758_cca_finish) || - !ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) || - !ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) || - !ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) || - !ENGINE_set_cmd_defns(e, cca4758_cmd_defns)) - return 0; - /* Ensure the error handling is set up */ - ERR_load_CCA4758_strings(); - return 1; - } - -#ifndef ENGINE_DYNAMIC_SUPPORT -static ENGINE *engine_4758_cca(void) - { - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_helper(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; - } - -void ENGINE_load_4758cca(void) - { - ENGINE *e_4758 = engine_4758_cca(); - if (!e_4758) return; - ENGINE_add(e_4758); - ENGINE_free(e_4758); - ERR_clear_error(); - } -#endif - -static int ibm_4758_cca_destroy(ENGINE *e) - { - ERR_unload_CCA4758_strings(); - free_CCA4758_LIB_NAME(); - return 1; - } - -static int ibm_4758_cca_init(ENGINE *e) - { - if(dso) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_ALREADY_LOADED); - goto err; - } - - dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0); - if(!dso) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE); - goto err; - } - -#ifndef OPENSSL_NO_RSA - if(!(keyRecordRead = (F_KEYRECORDREAD) - DSO_bind_func(dso, n_keyRecordRead)) || - !(randomNumberGenerate = (F_RANDOMNUMBERGENERATE) - DSO_bind_func(dso, n_randomNumberGenerate)) || - !(digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) - DSO_bind_func(dso, n_digitalSignatureGenerate)) || - !(digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY) - DSO_bind_func(dso, n_digitalSignatureVerify)) || - !(publicKeyExtract = (F_PUBLICKEYEXTRACT) - DSO_bind_func(dso, n_publicKeyExtract)) || - !(pkaEncrypt = (F_PKAENCRYPT) - DSO_bind_func(dso, n_pkaEncrypt)) || - !(pkaDecrypt = (F_PKADECRYPT) - DSO_bind_func(dso, n_pkaDecrypt))) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE); - goto err; - } -#else - if(!(randomNumberGenerate = (F_RANDOMNUMBERGENERATE) - DSO_bind_func(dso, n_randomNumberGenerate))) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE); - goto err; - } -#endif - - hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle", - NULL, NULL, cca_ex_free); - - return 1; -err: - if(dso) - DSO_free(dso); - dso = NULL; - - keyRecordRead = (F_KEYRECORDREAD)0; - randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0; - digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0; - digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0; - publicKeyExtract = (F_PUBLICKEYEXTRACT)0; - pkaEncrypt = (F_PKAENCRYPT)0; - pkaDecrypt = (F_PKADECRYPT)0; - return 0; - } - -static int ibm_4758_cca_finish(ENGINE *e) - { - free_CCA4758_LIB_NAME(); - if(!dso) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, - CCA4758_R_NOT_LOADED); - return 0; - } - if(!DSO_free(dso)) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, - CCA4758_R_UNIT_FAILURE); - return 0; - } - dso = NULL; - keyRecordRead = (F_KEYRECORDREAD)0; - randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0; - digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0; - digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0; - publicKeyExtract = (F_PUBLICKEYEXTRACT)0; - pkaEncrypt = (F_PKAENCRYPT)0; - pkaDecrypt = (F_PKADECRYPT)0; - return 1; - } - -static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) - { - int initialised = ((dso == NULL) ? 0 : 1); - switch(cmd) - { - case CCA4758_CMD_SO_PATH: - if(p == NULL) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if(initialised) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, - CCA4758_R_ALREADY_LOADED); - return 0; - } - return set_CCA4758_LIB_NAME((const char *)p); - default: - break; - } - CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, - CCA4758_R_COMMAND_NOT_IMPLEMENTED); - return 0; - } - -#ifndef OPENSSL_NO_RSA - -#define MAX_CCA_PKA_TOKEN_SIZE 2500 - -static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id, - UI_METHOD *ui_method, void *callback_data) - { - RSA *rtmp = NULL; - EVP_PKEY *res = NULL; - unsigned char* keyToken = NULL; - unsigned char pubKeyToken[MAX_CCA_PKA_TOKEN_SIZE]; - long pubKeyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; - long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; - long returnCode; - long reasonCode; - long exitDataLength = 0; - long ruleArrayLength = 0; - unsigned char exitData[8]; - unsigned char ruleArray[8]; - unsigned char keyLabel[64]; - long keyLabelLength = strlen(key_id); - unsigned char modulus[256]; - long modulusFieldLength = sizeof(modulus); - long modulusLength = 0; - unsigned char exponent[256]; - long exponentLength = sizeof(exponent); - - if (keyLabelLength > sizeof(keyLabel)) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return NULL; - } - - memset(keyLabel,' ', sizeof(keyLabel)); - memcpy(keyLabel, key_id, keyLabelLength); - - keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long)); - if (!keyToken) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - keyRecordRead(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, keyLabel, - &keyTokenLength, keyToken+sizeof(long)); - - if (returnCode) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY, - CCA4758_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - - publicKeyExtract(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, &keyTokenLength, - keyToken+sizeof(long), &pubKeyTokenLength, pubKeyToken); - - if (returnCode) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY, - CCA4758_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - - if (!getModulusAndExponent(pubKeyToken, &exponentLength, - exponent, &modulusLength, &modulusFieldLength, - modulus)) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY, - CCA4758_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - - (*(long*)keyToken) = keyTokenLength; - rtmp = RSA_new_method(e); - RSA_set_ex_data(rtmp, hndidx, (char *)keyToken); - - rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); - rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); - rtmp->flags |= RSA_FLAG_EXT_PKEY; - - res = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(res, rtmp); - - return res; -err: - if (keyToken) - OPENSSL_free(keyToken); - if (res) - EVP_PKEY_free(res); - if (rtmp) - RSA_free(rtmp); - return NULL; - } - -static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id, - UI_METHOD *ui_method, void *callback_data) - { - RSA *rtmp = NULL; - EVP_PKEY *res = NULL; - unsigned char* keyToken = NULL; - long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; - long returnCode; - long reasonCode; - long exitDataLength = 0; - long ruleArrayLength = 0; - unsigned char exitData[8]; - unsigned char ruleArray[8]; - unsigned char keyLabel[64]; - long keyLabelLength = strlen(key_id); - unsigned char modulus[512]; - long modulusFieldLength = sizeof(modulus); - long modulusLength = 0; - unsigned char exponent[512]; - long exponentLength = sizeof(exponent); - - if (keyLabelLength > sizeof(keyLabel)) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return NULL; - } - - memset(keyLabel,' ', sizeof(keyLabel)); - memcpy(keyLabel, key_id, keyLabelLength); - - keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long)); - if (!keyToken) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData, - &ruleArrayLength, ruleArray, keyLabel, &keyTokenLength, - keyToken+sizeof(long)); - - if (returnCode) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!getModulusAndExponent(keyToken+sizeof(long), &exponentLength, - exponent, &modulusLength, &modulusFieldLength, modulus)) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY, - CCA4758_R_FAILED_LOADING_PUBLIC_KEY); - goto err; - } - - (*(long*)keyToken) = keyTokenLength; - rtmp = RSA_new_method(e); - RSA_set_ex_data(rtmp, hndidx, (char *)keyToken); - rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); - rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); - rtmp->flags |= RSA_FLAG_EXT_PKEY; - res = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(res, rtmp); - - return res; -err: - if (keyToken) - OPENSSL_free(keyToken); - if (res) - EVP_PKEY_free(res); - if (rtmp) - RSA_free(rtmp); - return NULL; - } - -static int cca_rsa_pub_enc(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding) - { - long returnCode; - long reasonCode; - long lflen = flen; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.2"; - long dataStructureLength = 0; - unsigned char dataStructure[8]; - long outputLength = RSA_size(rsa); - long keyTokenLength; - unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx); - - keyTokenLength = *(long*)keyToken; - keyToken+=sizeof(long); - - pkaEncrypt(&returnCode, &reasonCode, &exitDataLength, exitData, - &ruleArrayLength, ruleArray, &lflen, (unsigned char*)from, - &dataStructureLength, dataStructure, &keyTokenLength, - keyToken, &outputLength, to); - - if (returnCode || reasonCode) - return -(returnCode << 16 | reasonCode); - return outputLength; - } - -static int cca_rsa_priv_dec(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding) - { - long returnCode; - long reasonCode; - long lflen = flen; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.2"; - long dataStructureLength = 0; - unsigned char dataStructure[8]; - long outputLength = RSA_size(rsa); - long keyTokenLength; - unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx); - - keyTokenLength = *(long*)keyToken; - keyToken+=sizeof(long); - - pkaDecrypt(&returnCode, &reasonCode, &exitDataLength, exitData, - &ruleArrayLength, ruleArray, &lflen, (unsigned char*)from, - &dataStructureLength, dataStructure, &keyTokenLength, - keyToken, &outputLength, to); - - return (returnCode | reasonCode) ? 0 : 1; - } - -#define SSL_SIG_LEN 36 - -static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, const RSA *rsa) - { - long returnCode; - long reasonCode; - long lsiglen = siglen; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.1"; - long keyTokenLength; - unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx); - long length = SSL_SIG_LEN; - long keyLength ; - unsigned char *hashBuffer = NULL; - X509_SIG sig; - ASN1_TYPE parameter; - X509_ALGOR algorithm; - ASN1_OCTET_STRING digest; - - keyTokenLength = *(long*)keyToken; - keyToken+=sizeof(long); - - if (type == NID_md5 || type == NID_sha1) - { - sig.algor = &algorithm; - algorithm.algorithm = OBJ_nid2obj(type); - - if (!algorithm.algorithm) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY, - CCA4758_R_UNKNOWN_ALGORITHM_TYPE); - return 0; - } - - if (!algorithm.algorithm->length) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY, - CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD); - return 0; - } - - parameter.type = V_ASN1_NULL; - parameter.value.ptr = NULL; - algorithm.parameter = ¶meter; - - sig.digest = &digest; - sig.digest->data = (unsigned char*)m; - sig.digest->length = m_len; - - length = i2d_X509_SIG(&sig, NULL); - } - - keyLength = RSA_size(rsa); - - if (length - RSA_PKCS1_PADDING > keyLength) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - - switch (type) - { - case NID_md5_sha1 : - if (m_len != SSL_SIG_LEN) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - - hashBuffer = (unsigned char *)m; - length = m_len; - break; - case NID_md5 : - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc( - (unsigned int)keyLength+1); - if (!hashBuffer) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY, - ERR_R_MALLOC_FAILURE); - return 0; - } - - i2d_X509_SIG(&sig, &ptr); - } - break; - case NID_sha1 : - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc( - (unsigned int)keyLength+1); - if (!hashBuffer) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY, - ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_X509_SIG(&sig, &ptr); - } - break; - default: - return 0; - } - - digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, &keyTokenLength, - keyToken, &length, hashBuffer, &lsiglen, sigbuf); - - if (type == NID_sha1 || type == NID_md5) - { - OPENSSL_cleanse(hashBuffer, keyLength+1); - OPENSSL_free(hashBuffer); - } - - return ((returnCode || reasonCode) ? 0 : 1); - } - -#define SSL_SIG_LEN 36 - -static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, const RSA *rsa) - { - long returnCode; - long reasonCode; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.1"; - long outputLength=256; - long outputBitLength; - long keyTokenLength; - unsigned char *hashBuffer = NULL; - unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx); - long length = SSL_SIG_LEN; - long keyLength ; - X509_SIG sig; - ASN1_TYPE parameter; - X509_ALGOR algorithm; - ASN1_OCTET_STRING digest; - - keyTokenLength = *(long*)keyToken; - keyToken+=sizeof(long); - - if (type == NID_md5 || type == NID_sha1) - { - sig.algor = &algorithm; - algorithm.algorithm = OBJ_nid2obj(type); - - if (!algorithm.algorithm) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN, - CCA4758_R_UNKNOWN_ALGORITHM_TYPE); - return 0; - } - - if (!algorithm.algorithm->length) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN, - CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD); - return 0; - } - - parameter.type = V_ASN1_NULL; - parameter.value.ptr = NULL; - algorithm.parameter = ¶meter; - - sig.digest = &digest; - sig.digest->data = (unsigned char*)m; - sig.digest->length = m_len; - - length = i2d_X509_SIG(&sig, NULL); - } - - keyLength = RSA_size(rsa); - - if (length - RSA_PKCS1_PADDING > keyLength) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - - switch (type) - { - case NID_md5_sha1 : - if (m_len != SSL_SIG_LEN) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - hashBuffer = (unsigned char*)m; - length = m_len; - break; - case NID_md5 : - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc( - (unsigned int)keyLength+1); - if (!hashBuffer) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY, - ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_X509_SIG(&sig, &ptr); - } - break; - case NID_sha1 : - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc( - (unsigned int)keyLength+1); - if (!hashBuffer) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY, - ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_X509_SIG(&sig, &ptr); - } - break; - default: - return 0; - } - - digitalSignatureGenerate(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, &keyTokenLength, - keyToken, &length, hashBuffer, &outputLength, &outputBitLength, - sigret); - - if (type == NID_sha1 || type == NID_md5) - { - OPENSSL_cleanse(hashBuffer, keyLength+1); - OPENSSL_free(hashBuffer); - } - - *siglen = outputLength; - - return ((returnCode || reasonCode) ? 0 : 1); - } - -static int getModulusAndExponent(const unsigned char*token, long *exponentLength, - unsigned char *exponent, long *modulusLength, long *modulusFieldLength, - unsigned char *modulus) - { - unsigned long len; - - if (*token++ != (char)0x1E) /* internal PKA token? */ - return 0; - - if (*token++) /* token version must be zero */ - return 0; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - token += 4; /* skip reserved bytes */ - - if (*token++ == (char)0x04) - { - if (*token++) /* token version must be zero */ - return 0; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - token+=2; /* skip reserved section */ - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - *exponentLength = len; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - *modulusLength = len; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - *modulusFieldLength = len; - - memcpy(exponent, token, *exponentLength); - token+= *exponentLength; - - memcpy(modulus, token, *modulusFieldLength); - return 1; - } - return 0; - } - -#endif /* OPENSSL_NO_RSA */ - -static int cca_random_status(void) - { - return 1; - } - -static int cca_get_random_bytes(unsigned char* buf, int num) - { - long ret_code; - long reason_code; - long exit_data_length; - unsigned char exit_data[4]; - unsigned char form[] = "RANDOM "; - unsigned char rand_buf[8]; - - while(num >= sizeof(rand_buf)) - { - randomNumberGenerate(&ret_code, &reason_code, &exit_data_length, - exit_data, form, rand_buf); - if (ret_code) - return 0; - num -= sizeof(rand_buf); - memcpy(buf, rand_buf, sizeof(rand_buf)); - buf += sizeof(rand_buf); - } - - if (num) - { - randomNumberGenerate(&ret_code, &reason_code, NULL, NULL, - form, rand_buf); - if (ret_code) - return 0; - memcpy(buf, rand_buf, num); - } - - return 1; - } - -static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx, - long argl, void *argp) - { - if (item) - OPENSSL_free(item); - } - -/* Goo to handle building as a dynamic engine */ -#ifdef ENGINE_DYNAMIC_SUPPORT -static int bind_fn(ENGINE *e, const char *id) - { - if(id && (strcmp(id, engine_4758_cca_id) != 0)) - return 0; - if(!bind_helper(e)) - return 0; - return 1; - } -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -#endif /* ENGINE_DYNAMIC_SUPPORT */ - -#endif /* !OPENSSL_NO_HW_4758_CCA */ -#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_4758_cca_err.c b/src/lib/libcrypto/engine/hw_4758_cca_err.c deleted file mode 100644 index 7ea5c63707..0000000000 --- a/src/lib/libcrypto/engine/hw_4758_cca_err.c +++ /dev/null @@ -1,149 +0,0 @@ -/* hw_4758_cca_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "hw_4758_cca_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA CCA4758_str_functs[]= - { -{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_CTRL,0), "IBM_4758_CCA_CTRL"}, -{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_FINISH,0), "IBM_4758_CCA_FINISH"}, -{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_INIT,0), "IBM_4758_CCA_INIT"}, -{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,0), "IBM_4758_CCA_LOAD_PRIVKEY"}, -{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY,0), "IBM_4758_CCA_LOAD_PUBKEY"}, -{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_SIGN,0), "IBM_4758_CCA_SIGN"}, -{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_VERIFY,0), "IBM_4758_CCA_VERIFY"}, -{0,NULL} - }; - -static ERR_STRING_DATA CCA4758_str_reasons[]= - { -{CCA4758_R_ALREADY_LOADED ,"already loaded"}, -{CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD ,"asn1 oid unknown for md"}, -{CCA4758_R_COMMAND_NOT_IMPLEMENTED ,"command not implemented"}, -{CCA4758_R_DSO_FAILURE ,"dso failure"}, -{CCA4758_R_FAILED_LOADING_PRIVATE_KEY ,"failed loading private key"}, -{CCA4758_R_FAILED_LOADING_PUBLIC_KEY ,"failed loading public key"}, -{CCA4758_R_NOT_LOADED ,"not loaded"}, -{CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL ,"size too large or too small"}, -{CCA4758_R_UNIT_FAILURE ,"unit failure"}, -{CCA4758_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"}, -{0,NULL} - }; - -#endif - -#ifdef CCA4758_LIB_NAME -static ERR_STRING_DATA CCA4758_lib_name[]= - { -{0 ,CCA4758_LIB_NAME}, -{0,NULL} - }; -#endif - - -static int CCA4758_lib_error_code=0; -static int CCA4758_error_init=1; - -static void ERR_load_CCA4758_strings(void) - { - if (CCA4758_lib_error_code == 0) - CCA4758_lib_error_code=ERR_get_next_error_library(); - - if (CCA4758_error_init) - { - CCA4758_error_init=0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(CCA4758_lib_error_code,CCA4758_str_functs); - ERR_load_strings(CCA4758_lib_error_code,CCA4758_str_reasons); -#endif - -#ifdef CCA4758_LIB_NAME - CCA4758_lib_name->error = ERR_PACK(CCA4758_lib_error_code,0,0); - ERR_load_strings(0,CCA4758_lib_name); -#endif - } - } - -static void ERR_unload_CCA4758_strings(void) - { - if (CCA4758_error_init == 0) - { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(CCA4758_lib_error_code,CCA4758_str_functs); - ERR_unload_strings(CCA4758_lib_error_code,CCA4758_str_reasons); -#endif - -#ifdef CCA4758_LIB_NAME - ERR_unload_strings(0,CCA4758_lib_name); -#endif - CCA4758_error_init=1; - } - } - -static void ERR_CCA4758_error(int function, int reason, char *file, int line) - { - if (CCA4758_lib_error_code == 0) - CCA4758_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(CCA4758_lib_error_code,function,reason,file,line); - } diff --git a/src/lib/libcrypto/engine/hw_4758_cca_err.h b/src/lib/libcrypto/engine/hw_4758_cca_err.h deleted file mode 100644 index 2fc563ab11..0000000000 --- a/src/lib/libcrypto/engine/hw_4758_cca_err.h +++ /dev/null @@ -1,93 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_CCA4758_ERR_H -#define HEADER_CCA4758_ERR_H - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_CCA4758_strings(void); -static void ERR_unload_CCA4758_strings(void); -static void ERR_CCA4758_error(int function, int reason, char *file, int line); -#define CCA4758err(f,r) ERR_CCA4758_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the CCA4758 functions. */ - -/* Function codes. */ -#define CCA4758_F_IBM_4758_CCA_CTRL 100 -#define CCA4758_F_IBM_4758_CCA_FINISH 101 -#define CCA4758_F_IBM_4758_CCA_INIT 102 -#define CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY 103 -#define CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY 104 -#define CCA4758_F_IBM_4758_CCA_SIGN 105 -#define CCA4758_F_IBM_4758_CCA_VERIFY 106 - -/* Reason codes. */ -#define CCA4758_R_ALREADY_LOADED 100 -#define CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD 101 -#define CCA4758_R_COMMAND_NOT_IMPLEMENTED 102 -#define CCA4758_R_DSO_FAILURE 103 -#define CCA4758_R_FAILED_LOADING_PRIVATE_KEY 104 -#define CCA4758_R_FAILED_LOADING_PUBLIC_KEY 105 -#define CCA4758_R_NOT_LOADED 106 -#define CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL 107 -#define CCA4758_R_UNIT_FAILURE 108 -#define CCA4758_R_UNKNOWN_ALGORITHM_TYPE 109 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/engine/hw_aep.c b/src/lib/libcrypto/engine/hw_aep.c deleted file mode 100644 index 5f1772ea99..0000000000 --- a/src/lib/libcrypto/engine/hw_aep.c +++ /dev/null @@ -1,1120 +0,0 @@ -/* crypto/engine/hw_aep.c */ -/* - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__) -#include -#include -#else -#include -typedef int pid_t; -#endif - -#include -#include -#include -#include - -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_AEP -#ifdef FLAT_INC -#include "aep.h" -#else -#include "vendor_defns/aep.h" -#endif - -#define AEP_LIB_NAME "aep engine" -#define FAIL_TO_SW 0x10101010 - -#include "hw_aep_err.c" - -static int aep_init(ENGINE *e); -static int aep_finish(ENGINE *e); -static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); -static int aep_destroy(ENGINE *e); - -static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR hConnection); -static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection); -static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection); -static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use); - -/* BIGNUM stuff */ -static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -static AEP_RV aep_mod_exp_crt(BIGNUM *r,const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1,const BIGNUM *dmq1, - const BIGNUM *iqmp, BN_CTX *ctx); - -/* RSA stuff */ -#ifndef OPENSSL_NO_RSA -static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); -#endif - -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); - -/* DSA stuff */ -#ifndef OPENSSL_NO_DSA -static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); - -static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -#endif - -/* DH stuff */ -/* This function is aliased to mod_exp (with the DH and mont dropped). */ -#ifndef OPENSSL_NO_DH -static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -#endif - -/* rand stuff */ -#ifdef AEPRAND -static int aep_rand(unsigned char *buf, int num); -static int aep_rand_status(void); -#endif - -/* Bignum conversion stuff */ -static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32* BigNumSize); -static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize, - unsigned char* AEP_BigNum); -static AEP_RV ConvertAEPBigNum(void* ArbBigNum, AEP_U32 BigNumSize, - unsigned char* AEP_BigNum); - -/* The definitions for control commands specific to this engine */ -#define AEP_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN aep_cmd_defns[] = - { - { AEP_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'aep' shared library", - ENGINE_CMD_FLAG_STRING - }, - {0, NULL, NULL, 0} - }; - -#ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD aep_rsa = - { - "Aep RSA method", - NULL, /*rsa_pub_encrypt*/ - NULL, /*rsa_pub_decrypt*/ - NULL, /*rsa_priv_encrypt*/ - NULL, /*rsa_priv_encrypt*/ - aep_rsa_mod_exp, /*rsa_mod_exp*/ - aep_mod_exp_mont, /*bn_mod_exp*/ - NULL, /*init*/ - NULL, /*finish*/ - 0, /*flags*/ - NULL, /*app_data*/ - NULL, /*rsa_sign*/ - NULL /*rsa_verify*/ - }; -#endif - -#ifndef OPENSSL_NO_DSA -/* Our internal DSA_METHOD that we provide pointers to */ -static DSA_METHOD aep_dsa = - { - "Aep DSA method", - NULL, /* dsa_do_sign */ - NULL, /* dsa_sign_setup */ - NULL, /* dsa_do_verify */ - aep_dsa_mod_exp, /* dsa_mod_exp */ - aep_mod_exp_dsa, /* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL /* app_data */ - }; -#endif - -#ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD aep_dh = - { - "Aep DH method", - NULL, - NULL, - aep_mod_exp_dh, - NULL, - NULL, - 0, - NULL - }; -#endif - -#ifdef AEPRAND -/* our internal RAND_method that we provide pointers to */ -static RAND_METHOD aep_random = - { - /*"AEP RAND method", */ - NULL, - aep_rand, - NULL, - NULL, - aep_rand, - aep_rand_status, - }; -#endif - -/*Define an array of structures to hold connections*/ -static AEP_CONNECTION_ENTRY aep_app_conn_table[MAX_PROCESS_CONNECTIONS]; - -/*Used to determine if this is a new process*/ -static pid_t recorded_pid = 0; - -#ifdef AEPRAND -static AEP_U8 rand_block[RAND_BLK_SIZE]; -static AEP_U32 rand_block_bytes = 0; -#endif - -/* Constants used when creating the ENGINE */ -static const char *engine_aep_id = "aep"; -static const char *engine_aep_name = "Aep hardware engine support"; - -static int max_key_len = 2176; - - -/* This internal function is used by ENGINE_aep() and possibly by the - * "dynamic" ENGINE support too */ -static int bind_aep(ENGINE *e) - { -#ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -#endif -#ifndef OPENSSL_NO_DSA - const DSA_METHOD *meth2; -#endif -#ifndef OPENSSL_NO_DH - const DH_METHOD *meth3; -#endif - - if(!ENGINE_set_id(e, engine_aep_id) || - !ENGINE_set_name(e, engine_aep_name) || -#ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &aep_rsa) || -#endif -#ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &aep_dsa) || -#endif -#ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &aep_dh) || -#endif -#ifdef AEPRAND - !ENGINE_set_RAND(e, &aep_random) || -#endif - !ENGINE_set_init_function(e, aep_init) || - !ENGINE_set_destroy_function(e, aep_destroy) || - !ENGINE_set_finish_function(e, aep_finish) || - !ENGINE_set_ctrl_function(e, aep_ctrl) || - !ENGINE_set_cmd_defns(e, aep_cmd_defns)) - return 0; - -#ifndef OPENSSL_NO_RSA - /* We know that the "PKCS1_SSLeay()" functions hook properly - * to the aep-specific mod_exp and mod_exp_crt so we use - * those functions. NB: We don't use ENGINE_openssl() or - * anything "more generic" because something like the RSAref - * code may not hook properly, and if you own one of these - * cards then you have the right to do RSA operations on it - * anyway! */ - meth1 = RSA_PKCS1_SSLeay(); - aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -#endif - - -#ifndef OPENSSL_NO_DSA - /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish - * bits. */ - meth2 = DSA_OpenSSL(); - aep_dsa.dsa_do_sign = meth2->dsa_do_sign; - aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup; - aep_dsa.dsa_do_verify = meth2->dsa_do_verify; - - aep_dsa = *DSA_get_default_method(); - aep_dsa.dsa_mod_exp = aep_dsa_mod_exp; - aep_dsa.bn_mod_exp = aep_mod_exp_dsa; -#endif - -#ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth3 = DH_OpenSSL(); - aep_dh.generate_key = meth3->generate_key; - aep_dh.compute_key = meth3->compute_key; - aep_dh.bn_mod_exp = meth3->bn_mod_exp; -#endif - - /* Ensure the aep error handling is set up */ - ERR_load_AEPHK_strings(); - - return 1; -} - -#ifdef ENGINE_DYNAMIC_SUPPORT -static int bind_helper(ENGINE *e, const char *id) - { - if(id && (strcmp(id, engine_aep_id) != 0)) - return 0; - if(!bind_aep(e)) - return 0; - return 1; - } -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) -#else -static ENGINE *engine_aep(void) - { - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_aep(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; - } - -void ENGINE_load_aep(void) - { - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_aep(); - if(!toadd) return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); - } -#endif - -/* This is a process-global DSO handle used for loading and unloading - * the Aep library. NB: This is only set (or unset) during an - * init() or finish() call (reference counts permitting) and they're - * operating with global locks, so this should be thread-safe - * implicitly. */ -static DSO *aep_dso = NULL; - -/* These are the static string constants for the DSO file name and the function - * symbol names to bind to. -*/ -static const char *AEP_LIBNAME = NULL; -static const char *get_AEP_LIBNAME(void) - { - if(AEP_LIBNAME) - return AEP_LIBNAME; - return "aep"; - } -static void free_AEP_LIBNAME(void) - { - if(AEP_LIBNAME) - OPENSSL_free((void*)AEP_LIBNAME); - AEP_LIBNAME = NULL; - } -static long set_AEP_LIBNAME(const char *name) - { - free_AEP_LIBNAME(); - return ((AEP_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0); - } - -static const char *AEP_F1 = "AEP_ModExp"; -static const char *AEP_F2 = "AEP_ModExpCrt"; -#ifdef AEPRAND -static const char *AEP_F3 = "AEP_GenRandom"; -#endif -static const char *AEP_F4 = "AEP_Finalize"; -static const char *AEP_F5 = "AEP_Initialize"; -static const char *AEP_F6 = "AEP_OpenConnection"; -static const char *AEP_F7 = "AEP_SetBNCallBacks"; -static const char *AEP_F8 = "AEP_CloseConnection"; - -/* These are the function pointers that are (un)set when the library has - * successfully (un)loaded. */ -static t_AEP_OpenConnection *p_AEP_OpenConnection = NULL; -static t_AEP_CloseConnection *p_AEP_CloseConnection = NULL; -static t_AEP_ModExp *p_AEP_ModExp = NULL; -static t_AEP_ModExpCrt *p_AEP_ModExpCrt = NULL; -#ifdef AEPRAND -static t_AEP_GenRandom *p_AEP_GenRandom = NULL; -#endif -static t_AEP_Initialize *p_AEP_Initialize = NULL; -static t_AEP_Finalize *p_AEP_Finalize = NULL; -static t_AEP_SetBNCallBacks *p_AEP_SetBNCallBacks = NULL; - -/* (de)initialisation functions. */ -static int aep_init(ENGINE *e) - { - t_AEP_ModExp *p1; - t_AEP_ModExpCrt *p2; -#ifdef AEPRAND - t_AEP_GenRandom *p3; -#endif - t_AEP_Finalize *p4; - t_AEP_Initialize *p5; - t_AEP_OpenConnection *p6; - t_AEP_SetBNCallBacks *p7; - t_AEP_CloseConnection *p8; - - int to_return = 0; - - if(aep_dso != NULL) - { - AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_ALREADY_LOADED); - goto err; - } - /* Attempt to load libaep.so. */ - - aep_dso = DSO_load(NULL, get_AEP_LIBNAME(), NULL, 0); - - if(aep_dso == NULL) - { - AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_NOT_LOADED); - goto err; - } - - if( !(p1 = (t_AEP_ModExp *) DSO_bind_func( aep_dso,AEP_F1)) || - !(p2 = (t_AEP_ModExpCrt*) DSO_bind_func( aep_dso,AEP_F2)) || -#ifdef AEPRAND - !(p3 = (t_AEP_GenRandom*) DSO_bind_func( aep_dso,AEP_F3)) || -#endif - !(p4 = (t_AEP_Finalize*) DSO_bind_func( aep_dso,AEP_F4)) || - !(p5 = (t_AEP_Initialize*) DSO_bind_func( aep_dso,AEP_F5)) || - !(p6 = (t_AEP_OpenConnection*) DSO_bind_func( aep_dso,AEP_F6)) || - !(p7 = (t_AEP_SetBNCallBacks*) DSO_bind_func( aep_dso,AEP_F7)) || - !(p8 = (t_AEP_CloseConnection*) DSO_bind_func( aep_dso,AEP_F8))) - { - AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_NOT_LOADED); - goto err; - } - - /* Copy the pointers */ - - p_AEP_ModExp = p1; - p_AEP_ModExpCrt = p2; -#ifdef AEPRAND - p_AEP_GenRandom = p3; -#endif - p_AEP_Finalize = p4; - p_AEP_Initialize = p5; - p_AEP_OpenConnection = p6; - p_AEP_SetBNCallBacks = p7; - p_AEP_CloseConnection = p8; - - to_return = 1; - - return to_return; - - err: - - if(aep_dso) - DSO_free(aep_dso); - aep_dso = NULL; - - p_AEP_OpenConnection = NULL; - p_AEP_ModExp = NULL; - p_AEP_ModExpCrt = NULL; -#ifdef AEPRAND - p_AEP_GenRandom = NULL; -#endif - p_AEP_Initialize = NULL; - p_AEP_Finalize = NULL; - p_AEP_SetBNCallBacks = NULL; - p_AEP_CloseConnection = NULL; - - return to_return; - } - -/* Destructor (complements the "ENGINE_aep()" constructor) */ -static int aep_destroy(ENGINE *e) - { - free_AEP_LIBNAME(); - ERR_unload_AEPHK_strings(); - return 1; - } - -static int aep_finish(ENGINE *e) - { - int to_return = 0, in_use; - AEP_RV rv; - - if(aep_dso == NULL) - { - AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_NOT_LOADED); - goto err; - } - - rv = aep_close_all_connections(0, &in_use); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_CLOSE_HANDLES_FAILED); - goto err; - } - if (in_use) - { - AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_CONNECTIONS_IN_USE); - goto err; - } - - rv = p_AEP_Finalize(); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_FINALIZE_FAILED); - goto err; - } - - if(!DSO_free(aep_dso)) - { - AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_UNIT_FAILURE); - goto err; - } - - aep_dso = NULL; - p_AEP_CloseConnection = NULL; - p_AEP_OpenConnection = NULL; - p_AEP_ModExp = NULL; - p_AEP_ModExpCrt = NULL; -#ifdef AEPRAND - p_AEP_GenRandom = NULL; -#endif - p_AEP_Initialize = NULL; - p_AEP_Finalize = NULL; - p_AEP_SetBNCallBacks = NULL; - - to_return = 1; - err: - return to_return; - } - -static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) - { - int initialised = ((aep_dso == NULL) ? 0 : 1); - switch(cmd) - { - case AEP_CMD_SO_PATH: - if(p == NULL) - { - AEPHKerr(AEPHK_F_AEP_CTRL, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if(initialised) - { - AEPHKerr(AEPHK_F_AEP_CTRL, - AEPHK_R_ALREADY_LOADED); - return 0; - } - return set_AEP_LIBNAME((const char*)p); - default: - break; - } - AEPHKerr(AEPHK_F_AEP_CTRL,AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; - } - -static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) - { - int to_return = 0; - int r_len = 0; - AEP_CONNECTION_HNDL hConnection; - AEP_RV rv; - - r_len = BN_num_bits(m); - - /* Perform in software if modulus is too large for hardware. */ - - if (r_len > max_key_len){ - AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return BN_mod_exp(r, a, p, m, ctx); - } - - /*Grab a connection from the pool*/ - rv = aep_get_connection(&hConnection); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_MOD_EXP,AEPHK_R_GET_HANDLE_FAILED); - return BN_mod_exp(r, a, p, m, ctx); - } - - /*To the card with the mod exp*/ - rv = p_AEP_ModExp(hConnection,(void*)a, (void*)p,(void*)m, (void*)r,NULL); - - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_MOD_EXP,AEPHK_R_MOD_EXP_FAILED); - rv = aep_close_connection(hConnection); - return BN_mod_exp(r, a, p, m, ctx); - } - - /*Return the connection to the pool*/ - rv = aep_return_connection(hConnection); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); - goto err; - } - - to_return = 1; - err: - return to_return; - } - -static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1, - const BIGNUM *dmq1,const BIGNUM *iqmp, BN_CTX *ctx) - { - AEP_RV rv = AEP_R_OK; - AEP_CONNECTION_HNDL hConnection; - - /*Grab a connection from the pool*/ - rv = aep_get_connection(&hConnection); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT,AEPHK_R_GET_HANDLE_FAILED); - return FAIL_TO_SW; - } - - /*To the card with the mod exp*/ - rv = p_AEP_ModExpCrt(hConnection,(void*)a, (void*)p, (void*)q, (void*)dmp1,(void*)dmq1, - (void*)iqmp,(void*)r,NULL); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT,AEPHK_R_MOD_EXP_CRT_FAILED); - rv = aep_close_connection(hConnection); - return FAIL_TO_SW; - } - - /*Return the connection to the pool*/ - rv = aep_return_connection(hConnection); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); - goto err; - } - - err: - return rv; - } - - -#ifdef AEPRAND -static int aep_rand(unsigned char *buf,int len ) - { - AEP_RV rv = AEP_R_OK; - AEP_CONNECTION_HNDL hConnection; - - CRYPTO_w_lock(CRYPTO_LOCK_RAND); - - /*Can the request be serviced with what's already in the buffer?*/ - if (len <= rand_block_bytes) - { - memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len); - rand_block_bytes -= len; - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - } - else - /*If not the get another block of random bytes*/ - { - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - - rv = aep_get_connection(&hConnection); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_HANDLE_FAILED); - goto err_nounlock; - } - - if (len > RAND_BLK_SIZE) - { - rv = p_AEP_GenRandom(hConnection, len, 2, buf, NULL); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_RANDOM_FAILED); - goto err_nounlock; - } - } - else - { - CRYPTO_w_lock(CRYPTO_LOCK_RAND); - - rv = p_AEP_GenRandom(hConnection, RAND_BLK_SIZE, 2, &rand_block[0], NULL); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_RANDOM_FAILED); - - goto err; - } - - rand_block_bytes = RAND_BLK_SIZE; - - memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len); - rand_block_bytes -= len; - - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - } - - rv = aep_return_connection(hConnection); - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); - - goto err_nounlock; - } - } - - return 1; - err: - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - err_nounlock: - return 0; - } - -static int aep_rand_status(void) -{ - return 1; -} -#endif - -#ifndef OPENSSL_NO_RSA -static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) - { - BN_CTX *ctx = NULL; - int to_return = 0; - AEP_RV rv = AEP_R_OK; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - if (!aep_dso) - { - AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_NOT_LOADED); - goto err; - } - - /*See if we have all the necessary bits for a crt*/ - if (rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) - { - rv = aep_mod_exp_crt(r0,I,rsa->p,rsa->q, rsa->dmp1,rsa->dmq1,rsa->iqmp,ctx); - - if (rv == FAIL_TO_SW){ - const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); - to_return = (*meth->rsa_mod_exp)(r0, I, rsa); - goto err; - } - else if (rv != AEP_R_OK) - goto err; - } - else - { - if (!rsa->d || !rsa->n) - { - AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_MISSING_KEY_COMPONENTS); - goto err; - } - - rv = aep_mod_exp(r0,I,rsa->d,rsa->n,ctx); - if (rv != AEP_R_OK) - goto err; - - } - - to_return = 1; - - err: - if(ctx) - BN_CTX_free(ctx); - return to_return; -} -#endif - -#ifndef OPENSSL_NO_DSA -static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) - { - BIGNUM t; - int to_return = 0; - BN_init(&t); - - /* let rr = a1 ^ p1 mod m */ - if (!aep_mod_exp(rr,a1,p1,m,ctx)) goto end; - /* let t = a2 ^ p2 mod m */ - if (!aep_mod_exp(&t,a2,p2,m,ctx)) goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end; - to_return = 1; - end: - BN_free(&t); - return to_return; - } - -static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) - { - return aep_mod_exp(r, a, p, m, ctx); - } -#endif - -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - return aep_mod_exp(r, a, p, m, ctx); - } - -#ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) - { - return aep_mod_exp(r, a, p, m, ctx); - } -#endif - -static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR phConnection) - { - int count; - AEP_RV rv = AEP_R_OK; - - /*Get the current process id*/ - pid_t curr_pid; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - - curr_pid = getpid(); - - /*Check if this is the first time this is being called from the current - process*/ - if (recorded_pid != curr_pid) - { - /*Remember our pid so we can check if we're in a new process*/ - recorded_pid = curr_pid; - - /*Call Finalize to make sure we have not inherited some data - from a parent process*/ - p_AEP_Finalize(); - - /*Initialise the AEP API*/ - rv = p_AEP_Initialize(NULL); - - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_INIT_FAILURE); - recorded_pid = 0; - goto end; - } - - /*Set the AEP big num call back functions*/ - rv = p_AEP_SetBNCallBacks(&GetBigNumSize, &MakeAEPBigNum, - &ConvertAEPBigNum); - - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_SETBNCALLBACK_FAILURE); - recorded_pid = 0; - goto end; - } - -#ifdef AEPRAND - /*Reset the rand byte count*/ - rand_block_bytes = 0; -#endif - - /*Init the structures*/ - for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++) - { - aep_app_conn_table[count].conn_state = NotConnected; - aep_app_conn_table[count].conn_hndl = 0; - } - - /*Open a connection*/ - rv = p_AEP_OpenConnection(phConnection); - - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_UNIT_FAILURE); - recorded_pid = 0; - goto end; - } - - aep_app_conn_table[0].conn_state = InUse; - aep_app_conn_table[0].conn_hndl = *phConnection; - goto end; - } - /*Check the existing connections to see if we can find a free one*/ - for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++) - { - if (aep_app_conn_table[count].conn_state == Connected) - { - aep_app_conn_table[count].conn_state = InUse; - *phConnection = aep_app_conn_table[count].conn_hndl; - goto end; - } - } - /*If no connections available, we're going to have to try - to open a new one*/ - for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++) - { - if (aep_app_conn_table[count].conn_state == NotConnected) - { - /*Open a connection*/ - rv = p_AEP_OpenConnection(phConnection); - - if (rv != AEP_R_OK) - { - AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_UNIT_FAILURE); - goto end; - } - - aep_app_conn_table[count].conn_state = InUse; - aep_app_conn_table[count].conn_hndl = *phConnection; - goto end; - } - } - rv = AEP_R_GENERAL_ERROR; - end: - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return rv; - } - - -static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection) - { - int count; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - - /*Find the connection item that matches this connection handle*/ - for(count = 0;count < MAX_PROCESS_CONNECTIONS;count ++) - { - if (aep_app_conn_table[count].conn_hndl == hConnection) - { - aep_app_conn_table[count].conn_state = Connected; - break; - } - } - - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - - return AEP_R_OK; - } - -static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection) - { - int count; - AEP_RV rv = AEP_R_OK; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - - /*Find the connection item that matches this connection handle*/ - for(count = 0;count < MAX_PROCESS_CONNECTIONS;count ++) - { - if (aep_app_conn_table[count].conn_hndl == hConnection) - { - rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl); - if (rv != AEP_R_OK) - goto end; - aep_app_conn_table[count].conn_state = NotConnected; - aep_app_conn_table[count].conn_hndl = 0; - break; - } - } - - end: - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return rv; - } - -static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use) - { - int count; - AEP_RV rv = AEP_R_OK; - - *in_use = 0; - if (use_engine_lock) CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++) - { - switch (aep_app_conn_table[count].conn_state) - { - case Connected: - rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl); - if (rv != AEP_R_OK) - goto end; - aep_app_conn_table[count].conn_state = NotConnected; - aep_app_conn_table[count].conn_hndl = 0; - break; - case InUse: - (*in_use)++; - break; - case NotConnected: - break; - } - } - end: - if (use_engine_lock) CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return rv; - } - -/*BigNum call back functions, used to convert OpenSSL bignums into AEP bignums. - Note only 32bit Openssl build support*/ - -static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32* BigNumSize) - { - BIGNUM* bn; - - /*Cast the ArbBigNum pointer to our BIGNUM struct*/ - bn = (BIGNUM*) ArbBigNum; - -#ifdef SIXTY_FOUR_BIT_LONG - *BigNumSize = bn->top << 3; -#else - /*Size of the bignum in bytes is equal to the bn->top (no of 32 bit - words) multiplies by 4*/ - *BigNumSize = bn->top << 2; -#endif - - return AEP_R_OK; - } - -static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize, - unsigned char* AEP_BigNum) - { - BIGNUM* bn; - -#ifndef SIXTY_FOUR_BIT_LONG - unsigned char* buf; - int i; -#endif - - /*Cast the ArbBigNum pointer to our BIGNUM struct*/ - bn = (BIGNUM*) ArbBigNum; - -#ifdef SIXTY_FOUR_BIT_LONG - memcpy(AEP_BigNum, bn->d, BigNumSize); -#else - /*Must copy data into a (monotone) least significant byte first format - performing endian conversion if necessary*/ - for(i=0;itop;i++) - { - buf = (unsigned char*)&bn->d[i]; - - *((AEP_U32*)AEP_BigNum) = (AEP_U32) - ((unsigned) buf[1] << 8 | buf[0]) | - ((unsigned) buf[3] << 8 | buf[2]) << 16; - - AEP_BigNum += 4; - } -#endif - - return AEP_R_OK; - } - -/*Turn an AEP Big Num back to a user big num*/ -static AEP_RV ConvertAEPBigNum(void* ArbBigNum, AEP_U32 BigNumSize, - unsigned char* AEP_BigNum) - { - BIGNUM* bn; -#ifndef SIXTY_FOUR_BIT_LONG - int i; -#endif - - bn = (BIGNUM*)ArbBigNum; - - /*Expand the result bn so that it can hold our big num. - Size is in bits*/ - bn_expand(bn, (int)(BigNumSize << 3)); - -#ifdef SIXTY_FOUR_BIT_LONG - bn->top = BigNumSize >> 3; - - if((BigNumSize & 7) != 0) - bn->top++; - - memset(bn->d, 0, bn->top << 3); - - memcpy(bn->d, AEP_BigNum, BigNumSize); -#else - bn->top = BigNumSize >> 2; - - for(i=0;itop;i++) - { - bn->d[i] = (AEP_U32) - ((unsigned) AEP_BigNum[3] << 8 | AEP_BigNum[2]) << 16 | - ((unsigned) AEP_BigNum[1] << 8 | AEP_BigNum[0]); - AEP_BigNum += 4; - } -#endif - - return AEP_R_OK; -} - -#endif /* !OPENSSL_NO_HW_AEP */ -#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_aep_err.c b/src/lib/libcrypto/engine/hw_aep_err.c deleted file mode 100644 index 092f532946..0000000000 --- a/src/lib/libcrypto/engine/hw_aep_err.c +++ /dev/null @@ -1,157 +0,0 @@ -/* hw_aep_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "hw_aep_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA AEPHK_str_functs[]= - { -{ERR_PACK(0,AEPHK_F_AEP_CTRL,0), "AEP_CTRL"}, -{ERR_PACK(0,AEPHK_F_AEP_FINISH,0), "AEP_FINISH"}, -{ERR_PACK(0,AEPHK_F_AEP_GET_CONNECTION,0), "AEP_GET_CONNECTION"}, -{ERR_PACK(0,AEPHK_F_AEP_INIT,0), "AEP_INIT"}, -{ERR_PACK(0,AEPHK_F_AEP_MOD_EXP,0), "AEP_MOD_EXP"}, -{ERR_PACK(0,AEPHK_F_AEP_MOD_EXP_CRT,0), "AEP_MOD_EXP_CRT"}, -{ERR_PACK(0,AEPHK_F_AEP_RAND,0), "AEP_RAND"}, -{ERR_PACK(0,AEPHK_F_AEP_RSA_MOD_EXP,0), "AEP_RSA_MOD_EXP"}, -{0,NULL} - }; - -static ERR_STRING_DATA AEPHK_str_reasons[]= - { -{AEPHK_R_ALREADY_LOADED ,"already loaded"}, -{AEPHK_R_CLOSE_HANDLES_FAILED ,"close handles failed"}, -{AEPHK_R_CONNECTIONS_IN_USE ,"connections in use"}, -{AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, -{AEPHK_R_FINALIZE_FAILED ,"finalize failed"}, -{AEPHK_R_GET_HANDLE_FAILED ,"get handle failed"}, -{AEPHK_R_GET_RANDOM_FAILED ,"get random failed"}, -{AEPHK_R_INIT_FAILURE ,"init failure"}, -{AEPHK_R_MISSING_KEY_COMPONENTS ,"missing key components"}, -{AEPHK_R_MOD_EXP_CRT_FAILED ,"mod exp crt failed"}, -{AEPHK_R_MOD_EXP_FAILED ,"mod exp failed"}, -{AEPHK_R_NOT_LOADED ,"not loaded"}, -{AEPHK_R_OK ,"ok"}, -{AEPHK_R_RETURN_CONNECTION_FAILED ,"return connection failed"}, -{AEPHK_R_SETBNCALLBACK_FAILURE ,"setbncallback failure"}, -{AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL ,"size too large or too small"}, -{AEPHK_R_UNIT_FAILURE ,"unit failure"}, -{0,NULL} - }; - -#endif - -#ifdef AEPHK_LIB_NAME -static ERR_STRING_DATA AEPHK_lib_name[]= - { -{0 ,AEPHK_LIB_NAME}, -{0,NULL} - }; -#endif - - -static int AEPHK_lib_error_code=0; -static int AEPHK_error_init=1; - -static void ERR_load_AEPHK_strings(void) - { - if (AEPHK_lib_error_code == 0) - AEPHK_lib_error_code=ERR_get_next_error_library(); - - if (AEPHK_error_init) - { - AEPHK_error_init=0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(AEPHK_lib_error_code,AEPHK_str_functs); - ERR_load_strings(AEPHK_lib_error_code,AEPHK_str_reasons); -#endif - -#ifdef AEPHK_LIB_NAME - AEPHK_lib_name->error = ERR_PACK(AEPHK_lib_error_code,0,0); - ERR_load_strings(0,AEPHK_lib_name); -#endif - } - } - -static void ERR_unload_AEPHK_strings(void) - { - if (AEPHK_error_init == 0) - { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(AEPHK_lib_error_code,AEPHK_str_functs); - ERR_unload_strings(AEPHK_lib_error_code,AEPHK_str_reasons); -#endif - -#ifdef AEPHK_LIB_NAME - ERR_unload_strings(0,AEPHK_lib_name); -#endif - AEPHK_error_init=1; - } - } - -static void ERR_AEPHK_error(int function, int reason, char *file, int line) - { - if (AEPHK_lib_error_code == 0) - AEPHK_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(AEPHK_lib_error_code,function,reason,file,line); - } diff --git a/src/lib/libcrypto/engine/hw_aep_err.h b/src/lib/libcrypto/engine/hw_aep_err.h deleted file mode 100644 index 8fe4cf921f..0000000000 --- a/src/lib/libcrypto/engine/hw_aep_err.h +++ /dev/null @@ -1,101 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_AEPHK_ERR_H -#define HEADER_AEPHK_ERR_H - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_AEPHK_strings(void); -static void ERR_unload_AEPHK_strings(void); -static void ERR_AEPHK_error(int function, int reason, char *file, int line); -#define AEPHKerr(f,r) ERR_AEPHK_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the AEPHK functions. */ - -/* Function codes. */ -#define AEPHK_F_AEP_CTRL 100 -#define AEPHK_F_AEP_FINISH 101 -#define AEPHK_F_AEP_GET_CONNECTION 102 -#define AEPHK_F_AEP_INIT 103 -#define AEPHK_F_AEP_MOD_EXP 104 -#define AEPHK_F_AEP_MOD_EXP_CRT 105 -#define AEPHK_F_AEP_RAND 106 -#define AEPHK_F_AEP_RSA_MOD_EXP 107 - -/* Reason codes. */ -#define AEPHK_R_ALREADY_LOADED 100 -#define AEPHK_R_CLOSE_HANDLES_FAILED 101 -#define AEPHK_R_CONNECTIONS_IN_USE 102 -#define AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 -#define AEPHK_R_FINALIZE_FAILED 104 -#define AEPHK_R_GET_HANDLE_FAILED 105 -#define AEPHK_R_GET_RANDOM_FAILED 106 -#define AEPHK_R_INIT_FAILURE 107 -#define AEPHK_R_MISSING_KEY_COMPONENTS 108 -#define AEPHK_R_MOD_EXP_CRT_FAILED 109 -#define AEPHK_R_MOD_EXP_FAILED 110 -#define AEPHK_R_NOT_LOADED 111 -#define AEPHK_R_OK 112 -#define AEPHK_R_RETURN_CONNECTION_FAILED 113 -#define AEPHK_R_SETBNCALLBACK_FAILURE 114 -#define AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL 116 -#define AEPHK_R_UNIT_FAILURE 115 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/engine/hw_atalla.c b/src/lib/libcrypto/engine/hw_atalla.c deleted file mode 100644 index 2b8342bbdd..0000000000 --- a/src/lib/libcrypto/engine/hw_atalla.c +++ /dev/null @@ -1,595 +0,0 @@ -/* crypto/engine/hw_atalla.c */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_ATALLA - -#ifdef FLAT_INC -#include "atalla.h" -#else -#include "vendor_defns/atalla.h" -#endif - -#define ATALLA_LIB_NAME "atalla engine" -#include "hw_atalla_err.c" - -static int atalla_destroy(ENGINE *e); -static int atalla_init(ENGINE *e); -static int atalla_finish(ENGINE *e); -static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); - -/* BIGNUM stuff */ -static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -#ifndef OPENSSL_NO_RSA -/* RSA stuff */ -static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); -#endif -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); - -#ifndef OPENSSL_NO_DSA -/* DSA stuff */ -static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); -static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -#endif - -#ifndef OPENSSL_NO_DH -/* DH stuff */ -/* This function is alised to mod_exp (with the DH and mont dropped). */ -static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -#endif - -/* The definitions for control commands specific to this engine */ -#define ATALLA_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN atalla_cmd_defns[] = { - {ATALLA_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'atasi' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} - }; - -#ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD atalla_rsa = - { - "Atalla RSA method", - NULL, - NULL, - NULL, - NULL, - atalla_rsa_mod_exp, - atalla_mod_exp_mont, - NULL, - NULL, - 0, - NULL, - NULL, - NULL - }; -#endif - -#ifndef OPENSSL_NO_DSA -/* Our internal DSA_METHOD that we provide pointers to */ -static DSA_METHOD atalla_dsa = - { - "Atalla DSA method", - NULL, /* dsa_do_sign */ - NULL, /* dsa_sign_setup */ - NULL, /* dsa_do_verify */ - atalla_dsa_mod_exp, /* dsa_mod_exp */ - atalla_mod_exp_dsa, /* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL /* app_data */ - }; -#endif - -#ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD atalla_dh = - { - "Atalla DH method", - NULL, - NULL, - atalla_mod_exp_dh, - NULL, - NULL, - 0, - NULL - }; -#endif - -/* Constants used when creating the ENGINE */ -static const char *engine_atalla_id = "atalla"; -static const char *engine_atalla_name = "Atalla hardware engine support"; - -/* This internal function is used by ENGINE_atalla() and possibly by the - * "dynamic" ENGINE support too */ -static int bind_helper(ENGINE *e) - { -#ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -#endif -#ifndef OPENSSL_NO_DSA - const DSA_METHOD *meth2; -#endif -#ifndef OPENSSL_NO_DH - const DH_METHOD *meth3; -#endif - if(!ENGINE_set_id(e, engine_atalla_id) || - !ENGINE_set_name(e, engine_atalla_name) || -#ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &atalla_rsa) || -#endif -#ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &atalla_dsa) || -#endif -#ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &atalla_dh) || -#endif - !ENGINE_set_destroy_function(e, atalla_destroy) || - !ENGINE_set_init_function(e, atalla_init) || - !ENGINE_set_finish_function(e, atalla_finish) || - !ENGINE_set_ctrl_function(e, atalla_ctrl) || - !ENGINE_set_cmd_defns(e, atalla_cmd_defns)) - return 0; - -#ifndef OPENSSL_NO_RSA - /* We know that the "PKCS1_SSLeay()" functions hook properly - * to the atalla-specific mod_exp and mod_exp_crt so we use - * those functions. NB: We don't use ENGINE_openssl() or - * anything "more generic" because something like the RSAref - * code may not hook properly, and if you own one of these - * cards then you have the right to do RSA operations on it - * anyway! */ - meth1 = RSA_PKCS1_SSLeay(); - atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -#endif - -#ifndef OPENSSL_NO_DSA - /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish - * bits. */ - meth2 = DSA_OpenSSL(); - atalla_dsa.dsa_do_sign = meth2->dsa_do_sign; - atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup; - atalla_dsa.dsa_do_verify = meth2->dsa_do_verify; -#endif - -#ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth3 = DH_OpenSSL(); - atalla_dh.generate_key = meth3->generate_key; - atalla_dh.compute_key = meth3->compute_key; -#endif - - /* Ensure the atalla error handling is set up */ - ERR_load_ATALLA_strings(); - return 1; - } - -#ifndef ENGINE_DYNAMIC_SUPPORT -static ENGINE *engine_atalla(void) - { - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_helper(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; - } - -void ENGINE_load_atalla(void) - { - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_atalla(); - if(!toadd) return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); - } -#endif - -/* This is a process-global DSO handle used for loading and unloading - * the Atalla library. NB: This is only set (or unset) during an - * init() or finish() call (reference counts permitting) and they're - * operating with global locks, so this should be thread-safe - * implicitly. */ -static DSO *atalla_dso = NULL; - -/* These are the function pointers that are (un)set when the library has - * successfully (un)loaded. */ -static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL; -static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL; -static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = NULL; - -/* These are the static string constants for the DSO file name and the function - * symbol names to bind to. Regrettably, the DSO name on *nix appears to be - * "atasi.so" rather than something more consistent like "libatasi.so". At the - * time of writing, I'm not sure what the file name on win32 is but clearly - * native name translation is not possible (eg libatasi.so on *nix, and - * atasi.dll on win32). For the purposes of testing, I have created a symbollic - * link called "libatasi.so" so that we can use native name-translation - a - * better solution will be needed. */ -static const char *ATALLA_LIBNAME = NULL; -static const char *get_ATALLA_LIBNAME(void) - { - if(ATALLA_LIBNAME) - return ATALLA_LIBNAME; - return "atasi"; - } -static void free_ATALLA_LIBNAME(void) - { - if(ATALLA_LIBNAME) - OPENSSL_free((void*)ATALLA_LIBNAME); - ATALLA_LIBNAME = NULL; - } -static long set_ATALLA_LIBNAME(const char *name) - { - free_ATALLA_LIBNAME(); - return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); - } -static const char *ATALLA_F1 = "ASI_GetHardwareConfig"; -static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn"; -static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics"; - -/* Destructor (complements the "ENGINE_atalla()" constructor) */ -static int atalla_destroy(ENGINE *e) - { - free_ATALLA_LIBNAME(); - /* Unload the atalla error strings so any error state including our - * functs or reasons won't lead to a segfault (they simply get displayed - * without corresponding string data because none will be found). */ - ERR_unload_ATALLA_strings(); - return 1; - } - -/* (de)initialisation functions. */ -static int atalla_init(ENGINE *e) - { - tfnASI_GetHardwareConfig *p1; - tfnASI_RSAPrivateKeyOpFn *p2; - tfnASI_GetPerformanceStatistics *p3; - /* Not sure of the origin of this magic value, but Ben's code had it - * and it seemed to have been working for a few people. :-) */ - unsigned int config_buf[1024]; - - if(atalla_dso != NULL) - { - ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_ALREADY_LOADED); - goto err; - } - /* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be - * changed unfortunately because the Atalla drivers don't have - * standard library names that can be platform-translated well. */ - /* TODO: Work out how to actually map to the names the Atalla - * drivers really use - for now a symbollic link needs to be - * created on the host system from libatasi.so to atasi.so on - * unix variants. */ - atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0); - if(atalla_dso == NULL) - { - ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED); - goto err; - } - if(!(p1 = (tfnASI_GetHardwareConfig *)DSO_bind_func( - atalla_dso, ATALLA_F1)) || - !(p2 = (tfnASI_RSAPrivateKeyOpFn *)DSO_bind_func( - atalla_dso, ATALLA_F2)) || - !(p3 = (tfnASI_GetPerformanceStatistics *)DSO_bind_func( - atalla_dso, ATALLA_F3))) - { - ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED); - goto err; - } - /* Copy the pointers */ - p_Atalla_GetHardwareConfig = p1; - p_Atalla_RSAPrivateKeyOpFn = p2; - p_Atalla_GetPerformanceStatistics = p3; - /* Perform a basic test to see if there's actually any unit - * running. */ - if(p1(0L, config_buf) != 0) - { - ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_UNIT_FAILURE); - goto err; - } - /* Everything's fine. */ - return 1; -err: - if(atalla_dso) - DSO_free(atalla_dso); - atalla_dso = NULL; - p_Atalla_GetHardwareConfig = NULL; - p_Atalla_RSAPrivateKeyOpFn = NULL; - p_Atalla_GetPerformanceStatistics = NULL; - return 0; - } - -static int atalla_finish(ENGINE *e) - { - free_ATALLA_LIBNAME(); - if(atalla_dso == NULL) - { - ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED); - return 0; - } - if(!DSO_free(atalla_dso)) - { - ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_UNIT_FAILURE); - return 0; - } - atalla_dso = NULL; - p_Atalla_GetHardwareConfig = NULL; - p_Atalla_RSAPrivateKeyOpFn = NULL; - p_Atalla_GetPerformanceStatistics = NULL; - return 1; - } - -static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) - { - int initialised = ((atalla_dso == NULL) ? 0 : 1); - switch(cmd) - { - case ATALLA_CMD_SO_PATH: - if(p == NULL) - { - ATALLAerr(ATALLA_F_ATALLA_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if(initialised) - { - ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED); - return 0; - } - return set_ATALLA_LIBNAME((const char *)p); - default: - break; - } - ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; - } - -static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) - { - /* I need somewhere to store temporary serialised values for - * use with the Atalla API calls. A neat cheat - I'll use - * BIGNUMs from the BN_CTX but access their arrays directly as - * byte arrays . This way I don't have to clean anything - * up. */ - BIGNUM *modulus; - BIGNUM *exponent; - BIGNUM *argument; - BIGNUM *result; - RSAPrivateKey keydata; - int to_return, numbytes; - - modulus = exponent = argument = result = NULL; - to_return = 0; /* expect failure */ - - if(!atalla_dso) - { - ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_NOT_LOADED); - goto err; - } - /* Prepare the params */ - BN_CTX_start(ctx); - modulus = BN_CTX_get(ctx); - exponent = BN_CTX_get(ctx); - argument = BN_CTX_get(ctx); - result = BN_CTX_get(ctx); - if (!result) - { - ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_CTX_FULL); - goto err; - } - if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) || - !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top)) - { - ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_EXPAND_FAIL); - goto err; - } - /* Prepare the key-data */ - memset(&keydata, 0,sizeof keydata); - numbytes = BN_num_bytes(m); - memset(exponent->d, 0, numbytes); - memset(modulus->d, 0, numbytes); - BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p)); - BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m)); - keydata.privateExponent.data = (unsigned char *)exponent->d; - keydata.privateExponent.len = numbytes; - keydata.modulus.data = (unsigned char *)modulus->d; - keydata.modulus.len = numbytes; - /* Prepare the argument */ - memset(argument->d, 0, numbytes); - memset(result->d, 0, numbytes); - BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a)); - /* Perform the operation */ - if(p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d, - (unsigned char *)argument->d, - keydata.modulus.len) != 0) - { - ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_REQUEST_FAILED); - goto err; - } - /* Convert the response */ - BN_bin2bn((unsigned char *)result->d, numbytes, r); - to_return = 1; -err: - BN_CTX_end(ctx); - return to_return; - } - -#ifndef OPENSSL_NO_RSA -static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) - { - BN_CTX *ctx = NULL; - int to_return = 0; - - if(!atalla_dso) - { - ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_NOT_LOADED); - goto err; - } - if((ctx = BN_CTX_new()) == NULL) - goto err; - if(!rsa->d || !rsa->n) - { - ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_MISSING_KEY_COMPONENTS); - goto err; - } - to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx); -err: - if(ctx) - BN_CTX_free(ctx); - return to_return; - } -#endif - -#ifndef OPENSSL_NO_DSA -/* This code was liberated and adapted from the commented-out code in - * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration - * (it doesn't have a CRT form for RSA), this function means that an - * Atalla system running with a DSA server certificate can handshake - * around 5 or 6 times faster/more than an equivalent system running with - * RSA. Just check out the "signs" statistics from the RSA and DSA parts - * of "openssl speed -engine atalla dsa1024 rsa1024". */ -static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) - { - BIGNUM t; - int to_return = 0; - - BN_init(&t); - /* let rr = a1 ^ p1 mod m */ - if (!atalla_mod_exp(rr,a1,p1,m,ctx)) goto end; - /* let t = a2 ^ p2 mod m */ - if (!atalla_mod_exp(&t,a2,p2,m,ctx)) goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end; - to_return = 1; -end: - BN_free(&t); - return to_return; - } - -static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) - { - return atalla_mod_exp(r, a, p, m, ctx); - } -#endif - -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - return atalla_mod_exp(r, a, p, m, ctx); - } - -#ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - return atalla_mod_exp(r, a, p, m, ctx); - } -#endif - -/* This stuff is needed if this ENGINE is being compiled into a self-contained - * shared-library. */ -#ifdef ENGINE_DYNAMIC_SUPPORT -static int bind_fn(ENGINE *e, const char *id) - { - if(id && (strcmp(id, engine_atalla_id) != 0)) - return 0; - if(!bind_helper(e)) - return 0; - return 1; - } -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -#endif /* ENGINE_DYNAMIC_SUPPORT */ - -#endif /* !OPENSSL_NO_HW_ATALLA */ -#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_atalla_err.c b/src/lib/libcrypto/engine/hw_atalla_err.c deleted file mode 100644 index 1df9c4570c..0000000000 --- a/src/lib/libcrypto/engine/hw_atalla_err.c +++ /dev/null @@ -1,145 +0,0 @@ -/* hw_atalla_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "hw_atalla_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA ATALLA_str_functs[]= - { -{ERR_PACK(0,ATALLA_F_ATALLA_CTRL,0), "ATALLA_CTRL"}, -{ERR_PACK(0,ATALLA_F_ATALLA_FINISH,0), "ATALLA_FINISH"}, -{ERR_PACK(0,ATALLA_F_ATALLA_INIT,0), "ATALLA_INIT"}, -{ERR_PACK(0,ATALLA_F_ATALLA_MOD_EXP,0), "ATALLA_MOD_EXP"}, -{ERR_PACK(0,ATALLA_F_ATALLA_RSA_MOD_EXP,0), "ATALLA_RSA_MOD_EXP"}, -{0,NULL} - }; - -static ERR_STRING_DATA ATALLA_str_reasons[]= - { -{ATALLA_R_ALREADY_LOADED ,"already loaded"}, -{ATALLA_R_BN_CTX_FULL ,"bn ctx full"}, -{ATALLA_R_BN_EXPAND_FAIL ,"bn expand fail"}, -{ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, -{ATALLA_R_MISSING_KEY_COMPONENTS ,"missing key components"}, -{ATALLA_R_NOT_LOADED ,"not loaded"}, -{ATALLA_R_REQUEST_FAILED ,"request failed"}, -{ATALLA_R_UNIT_FAILURE ,"unit failure"}, -{0,NULL} - }; - -#endif - -#ifdef ATALLA_LIB_NAME -static ERR_STRING_DATA ATALLA_lib_name[]= - { -{0 ,ATALLA_LIB_NAME}, -{0,NULL} - }; -#endif - - -static int ATALLA_lib_error_code=0; -static int ATALLA_error_init=1; - -static void ERR_load_ATALLA_strings(void) - { - if (ATALLA_lib_error_code == 0) - ATALLA_lib_error_code=ERR_get_next_error_library(); - - if (ATALLA_error_init) - { - ATALLA_error_init=0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(ATALLA_lib_error_code,ATALLA_str_functs); - ERR_load_strings(ATALLA_lib_error_code,ATALLA_str_reasons); -#endif - -#ifdef ATALLA_LIB_NAME - ATALLA_lib_name->error = ERR_PACK(ATALLA_lib_error_code,0,0); - ERR_load_strings(0,ATALLA_lib_name); -#endif - } - } - -static void ERR_unload_ATALLA_strings(void) - { - if (ATALLA_error_init == 0) - { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(ATALLA_lib_error_code,ATALLA_str_functs); - ERR_unload_strings(ATALLA_lib_error_code,ATALLA_str_reasons); -#endif - -#ifdef ATALLA_LIB_NAME - ERR_unload_strings(0,ATALLA_lib_name); -#endif - ATALLA_error_init=1; - } - } - -static void ERR_ATALLA_error(int function, int reason, char *file, int line) - { - if (ATALLA_lib_error_code == 0) - ATALLA_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(ATALLA_lib_error_code,function,reason,file,line); - } diff --git a/src/lib/libcrypto/engine/hw_atalla_err.h b/src/lib/libcrypto/engine/hw_atalla_err.h deleted file mode 100644 index cdac052d8c..0000000000 --- a/src/lib/libcrypto/engine/hw_atalla_err.h +++ /dev/null @@ -1,89 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_ATALLA_ERR_H -#define HEADER_ATALLA_ERR_H - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_ATALLA_strings(void); -static void ERR_unload_ATALLA_strings(void); -static void ERR_ATALLA_error(int function, int reason, char *file, int line); -#define ATALLAerr(f,r) ERR_ATALLA_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the ATALLA functions. */ - -/* Function codes. */ -#define ATALLA_F_ATALLA_CTRL 100 -#define ATALLA_F_ATALLA_FINISH 101 -#define ATALLA_F_ATALLA_INIT 102 -#define ATALLA_F_ATALLA_MOD_EXP 103 -#define ATALLA_F_ATALLA_RSA_MOD_EXP 104 - -/* Reason codes. */ -#define ATALLA_R_ALREADY_LOADED 100 -#define ATALLA_R_BN_CTX_FULL 101 -#define ATALLA_R_BN_EXPAND_FAIL 102 -#define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 -#define ATALLA_R_MISSING_KEY_COMPONENTS 104 -#define ATALLA_R_NOT_LOADED 105 -#define ATALLA_R_REQUEST_FAILED 106 -#define ATALLA_R_UNIT_FAILURE 107 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/engine/hw_cswift.c b/src/lib/libcrypto/engine/hw_cswift.c deleted file mode 100644 index 1411fd8333..0000000000 --- a/src/lib/libcrypto/engine/hw_cswift.c +++ /dev/null @@ -1,1109 +0,0 @@ -/* crypto/engine/hw_cswift.c */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_CSWIFT - -/* Attribution notice: Rainbow have generously allowed me to reproduce - * the necessary definitions here from their API. This means the support - * can build independently of whether application builders have the - * API or hardware. This will allow developers to easily produce software - * that has latent hardware support for any users that have accelerators - * installed, without the developers themselves needing anything extra. - * - * I have only clipped the parts from the CryptoSwift header files that - * are (or seem) relevant to the CryptoSwift support code. This is - * simply to keep the file sizes reasonable. - * [Geoff] - */ -#ifdef FLAT_INC -#include "cswift.h" -#else -#include "vendor_defns/cswift.h" -#endif - -#define CSWIFT_LIB_NAME "cswift engine" -#include "hw_cswift_err.c" - -static int cswift_destroy(ENGINE *e); -static int cswift_init(ENGINE *e); -static int cswift_finish(ENGINE *e); -static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); -static int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in); - -/* BIGNUM stuff */ -static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, - const BIGNUM *iqmp, BN_CTX *ctx); - -#ifndef OPENSSL_NO_RSA -/* RSA stuff */ -static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); -#endif -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); - -#ifndef OPENSSL_NO_DSA -/* DSA stuff */ -static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa); -static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); -#endif - -#ifndef OPENSSL_NO_DH -/* DH stuff */ -/* This function is alised to mod_exp (with the DH and mont dropped). */ -static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -#endif - -/* RAND stuff */ -static int cswift_rand_bytes(unsigned char *buf, int num); -static int cswift_rand_status(void); - -/* The definitions for control commands specific to this engine */ -#define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN cswift_cmd_defns[] = { - {CSWIFT_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'cswift' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} - }; - -#ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD cswift_rsa = - { - "CryptoSwift RSA method", - NULL, - NULL, - NULL, - NULL, - cswift_rsa_mod_exp, - cswift_mod_exp_mont, - NULL, - NULL, - 0, - NULL, - NULL, - NULL - }; -#endif - -#ifndef OPENSSL_NO_DSA -/* Our internal DSA_METHOD that we provide pointers to */ -static DSA_METHOD cswift_dsa = - { - "CryptoSwift DSA method", - cswift_dsa_sign, - NULL, /* dsa_sign_setup */ - cswift_dsa_verify, - NULL, /* dsa_mod_exp */ - NULL, /* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL /* app_data */ - }; -#endif - -#ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD cswift_dh = - { - "CryptoSwift DH method", - NULL, - NULL, - cswift_mod_exp_dh, - NULL, - NULL, - 0, - NULL - }; -#endif - -static RAND_METHOD cswift_random = - { - /* "CryptoSwift RAND method", */ - NULL, - cswift_rand_bytes, - NULL, - NULL, - cswift_rand_bytes, - cswift_rand_status, - }; - - -/* Constants used when creating the ENGINE */ -static const char *engine_cswift_id = "cswift"; -static const char *engine_cswift_name = "CryptoSwift hardware engine support"; - -/* This internal function is used by ENGINE_cswift() and possibly by the - * "dynamic" ENGINE support too */ -static int bind_helper(ENGINE *e) - { -#ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -#endif -#ifndef OPENSSL_NO_DH - const DH_METHOD *meth2; -#endif - if(!ENGINE_set_id(e, engine_cswift_id) || - !ENGINE_set_name(e, engine_cswift_name) || -#ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &cswift_rsa) || -#endif -#ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &cswift_dsa) || -#endif -#ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &cswift_dh) || -#endif - !ENGINE_set_RAND(e, &cswift_random) || - !ENGINE_set_destroy_function(e, cswift_destroy) || - !ENGINE_set_init_function(e, cswift_init) || - !ENGINE_set_finish_function(e, cswift_finish) || - !ENGINE_set_ctrl_function(e, cswift_ctrl) || - !ENGINE_set_cmd_defns(e, cswift_cmd_defns)) - return 0; - -#ifndef OPENSSL_NO_RSA - /* We know that the "PKCS1_SSLeay()" functions hook properly - * to the cswift-specific mod_exp and mod_exp_crt so we use - * those functions. NB: We don't use ENGINE_openssl() or - * anything "more generic" because something like the RSAref - * code may not hook properly, and if you own one of these - * cards then you have the right to do RSA operations on it - * anyway! */ - meth1 = RSA_PKCS1_SSLeay(); - cswift_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -#endif - -#ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth2 = DH_OpenSSL(); - cswift_dh.generate_key = meth2->generate_key; - cswift_dh.compute_key = meth2->compute_key; -#endif - - /* Ensure the cswift error handling is set up */ - ERR_load_CSWIFT_strings(); - return 1; - } - -#ifndef ENGINE_DYNAMIC_SUPPORT -static ENGINE *engine_cswift(void) - { - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_helper(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; - } - -void ENGINE_load_cswift(void) - { - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_cswift(); - if(!toadd) return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); - } -#endif - -/* This is a process-global DSO handle used for loading and unloading - * the CryptoSwift library. NB: This is only set (or unset) during an - * init() or finish() call (reference counts permitting) and they're - * operating with global locks, so this should be thread-safe - * implicitly. */ -static DSO *cswift_dso = NULL; - -/* These are the function pointers that are (un)set when the library has - * successfully (un)loaded. */ -t_swAcquireAccContext *p_CSwift_AcquireAccContext = NULL; -t_swAttachKeyParam *p_CSwift_AttachKeyParam = NULL; -t_swSimpleRequest *p_CSwift_SimpleRequest = NULL; -t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL; - -/* Used in the DSO operations. */ -static const char *CSWIFT_LIBNAME = NULL; -static const char *get_CSWIFT_LIBNAME(void) - { - if(CSWIFT_LIBNAME) - return CSWIFT_LIBNAME; - return "swift"; - } -static void free_CSWIFT_LIBNAME(void) - { - if(CSWIFT_LIBNAME) - OPENSSL_free((void*)CSWIFT_LIBNAME); - CSWIFT_LIBNAME = NULL; - } -static long set_CSWIFT_LIBNAME(const char *name) - { - free_CSWIFT_LIBNAME(); - return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); - } -static const char *CSWIFT_F1 = "swAcquireAccContext"; -static const char *CSWIFT_F2 = "swAttachKeyParam"; -static const char *CSWIFT_F3 = "swSimpleRequest"; -static const char *CSWIFT_F4 = "swReleaseAccContext"; - - -/* CryptoSwift library functions and mechanics - these are used by the - * higher-level functions further down. NB: As and where there's no - * error checking, take a look lower down where these functions are - * called, the checking and error handling is probably down there. */ - -/* utility function to obtain a context */ -static int get_context(SW_CONTEXT_HANDLE *hac) - { - SW_STATUS status; - - status = p_CSwift_AcquireAccContext(hac); - if(status != SW_OK) - return 0; - return 1; - } - -/* similarly to release one. */ -static void release_context(SW_CONTEXT_HANDLE hac) - { - p_CSwift_ReleaseAccContext(hac); - } - -/* Destructor (complements the "ENGINE_cswift()" constructor) */ -static int cswift_destroy(ENGINE *e) - { - free_CSWIFT_LIBNAME(); - ERR_unload_CSWIFT_strings(); - return 1; - } - -/* (de)initialisation functions. */ -static int cswift_init(ENGINE *e) - { - SW_CONTEXT_HANDLE hac; - t_swAcquireAccContext *p1; - t_swAttachKeyParam *p2; - t_swSimpleRequest *p3; - t_swReleaseAccContext *p4; - - if(cswift_dso != NULL) - { - CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_ALREADY_LOADED); - goto err; - } - /* Attempt to load libswift.so/swift.dll/whatever. */ - cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0); - if(cswift_dso == NULL) - { - CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED); - goto err; - } - if(!(p1 = (t_swAcquireAccContext *) - DSO_bind_func(cswift_dso, CSWIFT_F1)) || - !(p2 = (t_swAttachKeyParam *) - DSO_bind_func(cswift_dso, CSWIFT_F2)) || - !(p3 = (t_swSimpleRequest *) - DSO_bind_func(cswift_dso, CSWIFT_F3)) || - !(p4 = (t_swReleaseAccContext *) - DSO_bind_func(cswift_dso, CSWIFT_F4))) - { - CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED); - goto err; - } - /* Copy the pointers */ - p_CSwift_AcquireAccContext = p1; - p_CSwift_AttachKeyParam = p2; - p_CSwift_SimpleRequest = p3; - p_CSwift_ReleaseAccContext = p4; - /* Try and get a context - if not, we may have a DSO but no - * accelerator! */ - if(!get_context(&hac)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_UNIT_FAILURE); - goto err; - } - release_context(hac); - /* Everything's fine. */ - return 1; -err: - if(cswift_dso) - { - DSO_free(cswift_dso); - cswift_dso = NULL; - } - p_CSwift_AcquireAccContext = NULL; - p_CSwift_AttachKeyParam = NULL; - p_CSwift_SimpleRequest = NULL; - p_CSwift_ReleaseAccContext = NULL; - return 0; - } - -static int cswift_finish(ENGINE *e) - { - free_CSWIFT_LIBNAME(); - if(cswift_dso == NULL) - { - CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED); - return 0; - } - if(!DSO_free(cswift_dso)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_UNIT_FAILURE); - return 0; - } - cswift_dso = NULL; - p_CSwift_AcquireAccContext = NULL; - p_CSwift_AttachKeyParam = NULL; - p_CSwift_SimpleRequest = NULL; - p_CSwift_ReleaseAccContext = NULL; - return 1; - } - -static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) - { - int initialised = ((cswift_dso == NULL) ? 0 : 1); - switch(cmd) - { - case CSWIFT_CMD_SO_PATH: - if(p == NULL) - { - CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if(initialised) - { - CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED); - return 0; - } - return set_CSWIFT_LIBNAME((const char *)p); - default: - break; - } - CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; - } - -/* Un petit mod_exp */ -static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) - { - /* I need somewhere to store temporary serialised values for - * use with the CryptoSwift API calls. A neat cheat - I'll use - * BIGNUMs from the BN_CTX but access their arrays directly as - * byte arrays . This way I don't have to clean anything - * up. */ - BIGNUM *modulus; - BIGNUM *exponent; - BIGNUM *argument; - BIGNUM *result; - SW_STATUS sw_status; - SW_LARGENUMBER arg, res; - SW_PARAM sw_param; - SW_CONTEXT_HANDLE hac; - int to_return, acquired; - - modulus = exponent = argument = result = NULL; - to_return = 0; /* expect failure */ - acquired = 0; - - if(!get_context(&hac)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_UNIT_FAILURE); - goto err; - } - acquired = 1; - /* Prepare the params */ - BN_CTX_start(ctx); - modulus = BN_CTX_get(ctx); - exponent = BN_CTX_get(ctx); - argument = BN_CTX_get(ctx); - result = BN_CTX_get(ctx); - if(!result) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_CTX_FULL); - goto err; - } - if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) || - !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - sw_param.type = SW_ALG_EXP; - sw_param.up.exp.modulus.nbytes = BN_bn2bin(m, - (unsigned char *)modulus->d); - sw_param.up.exp.modulus.value = (unsigned char *)modulus->d; - sw_param.up.exp.exponent.nbytes = BN_bn2bin(p, - (unsigned char *)exponent->d); - sw_param.up.exp.exponent.value = (unsigned char *)exponent->d; - /* Attach the key params */ - sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); - switch(sw_status) - { - case SW_OK: - break; - case SW_ERR_INPUT_SIZE: - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BAD_KEY_SIZE); - goto err; - default: - { - char tmpbuf[DECIMAL_SIZE(sw_status)+1]; - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); - } - goto err; - } - /* Prepare the argument and response */ - arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d); - arg.value = (unsigned char *)argument->d; - res.nbytes = BN_num_bytes(m); - memset(result->d, 0, res.nbytes); - res.value = (unsigned char *)result->d; - /* Perform the operation */ - if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1, - &res, 1)) != SW_OK) - { - char tmpbuf[DECIMAL_SIZE(sw_status)+1]; - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); - goto err; - } - /* Convert the response */ - BN_bin2bn((unsigned char *)result->d, res.nbytes, r); - to_return = 1; -err: - if(acquired) - release_context(hac); - BN_CTX_end(ctx); - return to_return; - } - - -int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in) -{ - int mod; - int numbytes = BN_num_bytes(in); - - mod = 0; - while( ((out->nbytes = (numbytes+mod)) % 32) ) - { - mod++; - } - out->value = (unsigned char*)OPENSSL_malloc(out->nbytes); - if(!out->value) - { - return 0; - } - BN_bn2bin(in, &out->value[mod]); - if(mod) - memset(out->value, 0, mod); - - return 1; -} - -/* Un petit mod_exp chinois */ -static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1, - const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx) - { - SW_STATUS sw_status; - SW_LARGENUMBER arg, res; - SW_PARAM sw_param; - SW_CONTEXT_HANDLE hac; - BIGNUM *result = NULL; - BIGNUM *argument = NULL; - int to_return = 0; /* expect failure */ - int acquired = 0; - - sw_param.up.crt.p.value = NULL; - sw_param.up.crt.q.value = NULL; - sw_param.up.crt.dmp1.value = NULL; - sw_param.up.crt.dmq1.value = NULL; - sw_param.up.crt.iqmp.value = NULL; - - if(!get_context(&hac)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_UNIT_FAILURE); - goto err; - } - acquired = 1; - - /* Prepare the params */ - argument = BN_new(); - result = BN_new(); - if(!result || !argument) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL); - goto err; - } - - - sw_param.type = SW_ALG_CRT; - /************************************************************************/ - /* 04/02/2003 */ - /* Modified by Frederic Giudicelli (deny-all.com) to overcome the */ - /* limitation of cswift with values not a multiple of 32 */ - /************************************************************************/ - if(!cswift_bn_32copy(&sw_param.up.crt.p, p)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - if(!cswift_bn_32copy(&sw_param.up.crt.q, q)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - if(!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - if(!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - if(!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - if( !bn_wexpand(argument, a->top) || - !bn_wexpand(result, p->top + q->top)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - - /* Attach the key params */ - sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); - switch(sw_status) - { - case SW_OK: - break; - case SW_ERR_INPUT_SIZE: - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BAD_KEY_SIZE); - goto err; - default: - { - char tmpbuf[DECIMAL_SIZE(sw_status)+1]; - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); - } - goto err; - } - /* Prepare the argument and response */ - arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d); - arg.value = (unsigned char *)argument->d; - res.nbytes = 2 * BN_num_bytes(p); - memset(result->d, 0, res.nbytes); - res.value = (unsigned char *)result->d; - /* Perform the operation */ - if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1, - &res, 1)) != SW_OK) - { - char tmpbuf[DECIMAL_SIZE(sw_status)+1]; - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); - goto err; - } - /* Convert the response */ - BN_bin2bn((unsigned char *)result->d, res.nbytes, r); - to_return = 1; -err: - if(sw_param.up.crt.p.value) - OPENSSL_free(sw_param.up.crt.p.value); - if(sw_param.up.crt.q.value) - OPENSSL_free(sw_param.up.crt.q.value); - if(sw_param.up.crt.dmp1.value) - OPENSSL_free(sw_param.up.crt.dmp1.value); - if(sw_param.up.crt.dmq1.value) - OPENSSL_free(sw_param.up.crt.dmq1.value); - if(sw_param.up.crt.iqmp.value) - OPENSSL_free(sw_param.up.crt.iqmp.value); - if(result) - BN_free(result); - if(argument) - BN_free(argument); - if(acquired) - release_context(hac); - return to_return; - } - -#ifndef OPENSSL_NO_RSA -static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) - { - BN_CTX *ctx; - int to_return = 0; - const RSA_METHOD * def_rsa_method; - - /* Try the limits of RSA (2048 bits) */ - if(BN_num_bytes(rsa->p) > 128 || - BN_num_bytes(rsa->q) > 128 || - BN_num_bytes(rsa->dmp1) > 128 || - BN_num_bytes(rsa->dmq1) > 128 || - BN_num_bytes(rsa->iqmp) > 128) - { -#ifdef RSA_NULL - def_rsa_method=RSA_null_method(); -#else -#if 0 - def_rsa_method=RSA_PKCS1_RSAref(); -#else - def_rsa_method=RSA_PKCS1_SSLeay(); -#endif -#endif - if(def_rsa_method) - return def_rsa_method->rsa_mod_exp(r0, I, rsa); - } - - if((ctx = BN_CTX_new()) == NULL) - goto err; - if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) - { - CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,CSWIFT_R_MISSING_KEY_COMPONENTS); - goto err; - } - to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, - rsa->dmq1, rsa->iqmp, ctx); -err: - if(ctx) - BN_CTX_free(ctx); - return to_return; - } -#endif - -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - const RSA_METHOD * def_rsa_method; - - /* Try the limits of RSA (2048 bits) */ - if(BN_num_bytes(r) > 256 || - BN_num_bytes(a) > 256 || - BN_num_bytes(m) > 256) - { -#ifdef RSA_NULL - def_rsa_method=RSA_null_method(); -#else -#if 0 - def_rsa_method=RSA_PKCS1_RSAref(); -#else - def_rsa_method=RSA_PKCS1_SSLeay(); -#endif -#endif - if(def_rsa_method) - return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx); - } - - return cswift_mod_exp(r, a, p, m, ctx); - } - -#ifndef OPENSSL_NO_DSA -static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) - { - SW_CONTEXT_HANDLE hac; - SW_PARAM sw_param; - SW_STATUS sw_status; - SW_LARGENUMBER arg, res; - unsigned char *ptr; - BN_CTX *ctx; - BIGNUM *dsa_p = NULL; - BIGNUM *dsa_q = NULL; - BIGNUM *dsa_g = NULL; - BIGNUM *dsa_key = NULL; - BIGNUM *result = NULL; - DSA_SIG *to_return = NULL; - int acquired = 0; - - if((ctx = BN_CTX_new()) == NULL) - goto err; - if(!get_context(&hac)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_UNIT_FAILURE); - goto err; - } - acquired = 1; - /* Prepare the params */ - BN_CTX_start(ctx); - dsa_p = BN_CTX_get(ctx); - dsa_q = BN_CTX_get(ctx); - dsa_g = BN_CTX_get(ctx); - dsa_key = BN_CTX_get(ctx); - result = BN_CTX_get(ctx); - if(!result) - { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_CTX_FULL); - goto err; - } - if(!bn_wexpand(dsa_p, dsa->p->top) || - !bn_wexpand(dsa_q, dsa->q->top) || - !bn_wexpand(dsa_g, dsa->g->top) || - !bn_wexpand(dsa_key, dsa->priv_key->top) || - !bn_wexpand(result, dsa->p->top)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - sw_param.type = SW_ALG_DSA; - sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, - (unsigned char *)dsa_p->d); - sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d; - sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, - (unsigned char *)dsa_q->d); - sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d; - sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, - (unsigned char *)dsa_g->d); - sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d; - sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->priv_key, - (unsigned char *)dsa_key->d); - sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d; - /* Attach the key params */ - sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); - switch(sw_status) - { - case SW_OK: - break; - case SW_ERR_INPUT_SIZE: - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BAD_KEY_SIZE); - goto err; - default: - { - char tmpbuf[DECIMAL_SIZE(sw_status)+1]; - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); - } - goto err; - } - /* Prepare the argument and response */ - arg.nbytes = dlen; - arg.value = (unsigned char *)dgst; - res.nbytes = BN_num_bytes(dsa->p); - memset(result->d, 0, res.nbytes); - res.value = (unsigned char *)result->d; - /* Perform the operation */ - sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_SIGN, &arg, 1, - &res, 1); - if(sw_status != SW_OK) - { - char tmpbuf[DECIMAL_SIZE(sw_status)+1]; - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); - goto err; - } - /* Convert the response */ - ptr = (unsigned char *)result->d; - if((to_return = DSA_SIG_new()) == NULL) - goto err; - to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL); - to_return->s = BN_bin2bn((unsigned char *)result->d + 20, 20, NULL); - -err: - if(acquired) - release_context(hac); - if(ctx) - { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return to_return; - } - -static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa) - { - SW_CONTEXT_HANDLE hac; - SW_PARAM sw_param; - SW_STATUS sw_status; - SW_LARGENUMBER arg[2], res; - unsigned long sig_result; - BN_CTX *ctx; - BIGNUM *dsa_p = NULL; - BIGNUM *dsa_q = NULL; - BIGNUM *dsa_g = NULL; - BIGNUM *dsa_key = NULL; - BIGNUM *argument = NULL; - int to_return = -1; - int acquired = 0; - - if((ctx = BN_CTX_new()) == NULL) - goto err; - if(!get_context(&hac)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_UNIT_FAILURE); - goto err; - } - acquired = 1; - /* Prepare the params */ - BN_CTX_start(ctx); - dsa_p = BN_CTX_get(ctx); - dsa_q = BN_CTX_get(ctx); - dsa_g = BN_CTX_get(ctx); - dsa_key = BN_CTX_get(ctx); - argument = BN_CTX_get(ctx); - if(!argument) - { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_CTX_FULL); - goto err; - } - if(!bn_wexpand(dsa_p, dsa->p->top) || - !bn_wexpand(dsa_q, dsa->q->top) || - !bn_wexpand(dsa_g, dsa->g->top) || - !bn_wexpand(dsa_key, dsa->pub_key->top) || - !bn_wexpand(argument, 40)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - sw_param.type = SW_ALG_DSA; - sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, - (unsigned char *)dsa_p->d); - sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d; - sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, - (unsigned char *)dsa_q->d); - sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d; - sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, - (unsigned char *)dsa_g->d); - sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d; - sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->pub_key, - (unsigned char *)dsa_key->d); - sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d; - /* Attach the key params */ - sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); - switch(sw_status) - { - case SW_OK: - break; - case SW_ERR_INPUT_SIZE: - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BAD_KEY_SIZE); - goto err; - default: - { - char tmpbuf[DECIMAL_SIZE(sw_status)+1]; - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); - } - goto err; - } - /* Prepare the argument and response */ - arg[0].nbytes = dgst_len; - arg[0].value = (unsigned char *)dgst; - arg[1].nbytes = 40; - arg[1].value = (unsigned char *)argument->d; - memset(arg[1].value, 0, 40); - BN_bn2bin(sig->r, arg[1].value + 20 - BN_num_bytes(sig->r)); - BN_bn2bin(sig->s, arg[1].value + 40 - BN_num_bytes(sig->s)); - res.nbytes = 4; /* unsigned long */ - res.value = (unsigned char *)(&sig_result); - /* Perform the operation */ - sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_VERIFY, arg, 2, - &res, 1); - if(sw_status != SW_OK) - { - char tmpbuf[DECIMAL_SIZE(sw_status)+1]; - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); - goto err; - } - /* Convert the response */ - to_return = ((sig_result == 0) ? 0 : 1); - -err: - if(acquired) - release_context(hac); - if(ctx) - { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return to_return; - } -#endif - -#ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - return cswift_mod_exp(r, a, p, m, ctx); - } -#endif - -/* Random bytes are good */ -static int cswift_rand_bytes(unsigned char *buf, int num) -{ - SW_CONTEXT_HANDLE hac; - SW_STATUS swrc; - SW_LARGENUMBER largenum; - int acquired = 0; - int to_return = 0; /* assume failure */ - unsigned char buf32[1024]; - - - if (!get_context(&hac)) - { - CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_UNIT_FAILURE); - goto err; - } - acquired = 1; - - /************************************************************************/ - /* 04/02/2003 */ - /* Modified by Frederic Giudicelli (deny-all.com) to overcome the */ - /* limitation of cswift with values not a multiple of 32 */ - /************************************************************************/ - - while(num >= sizeof(buf32)) - { - largenum.value = buf; - largenum.nbytes = sizeof(buf32); - /* tell CryptoSwift how many bytes we want and where we want it. - * Note: - CryptoSwift cannot do more than 4096 bytes at a time. - * - CryptoSwift can only do multiple of 32-bits. */ - swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); - if (swrc != SW_OK) - { - char tmpbuf[20]; - CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", swrc); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - goto err; - } - buf += sizeof(buf32); - num -= sizeof(buf32); - } - if(num) - { - largenum.nbytes = sizeof(buf32); - largenum.value = buf32; - swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); - if (swrc != SW_OK) - { - char tmpbuf[20]; - CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", swrc); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - goto err; - } - memcpy(buf, largenum.value, num); - } - - to_return = 1; /* success */ -err: - if (acquired) - release_context(hac); - - return to_return; -} - -static int cswift_rand_status(void) -{ - return 1; -} - - -/* This stuff is needed if this ENGINE is being compiled into a self-contained - * shared-library. */ -#ifdef ENGINE_DYNAMIC_SUPPORT -static int bind_fn(ENGINE *e, const char *id) - { - if(id && (strcmp(id, engine_cswift_id) != 0)) - return 0; - if(!bind_helper(e)) - return 0; - return 1; - } -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -#endif /* ENGINE_DYNAMIC_SUPPORT */ - -#endif /* !OPENSSL_NO_HW_CSWIFT */ -#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_cswift_err.c b/src/lib/libcrypto/engine/hw_cswift_err.c deleted file mode 100644 index 684f53bf27..0000000000 --- a/src/lib/libcrypto/engine/hw_cswift_err.c +++ /dev/null @@ -1,149 +0,0 @@ -/* hw_cswift_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "hw_cswift_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA CSWIFT_str_functs[]= - { -{ERR_PACK(0,CSWIFT_F_CSWIFT_CTRL,0), "CSWIFT_CTRL"}, -{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_SIGN,0), "CSWIFT_DSA_SIGN"}, -{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_VERIFY,0), "CSWIFT_DSA_VERIFY"}, -{ERR_PACK(0,CSWIFT_F_CSWIFT_FINISH,0), "CSWIFT_FINISH"}, -{ERR_PACK(0,CSWIFT_F_CSWIFT_INIT,0), "CSWIFT_INIT"}, -{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP,0), "CSWIFT_MOD_EXP"}, -{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP_CRT,0), "CSWIFT_MOD_EXP_CRT"}, -{ERR_PACK(0,CSWIFT_F_CSWIFT_RSA_MOD_EXP,0), "CSWIFT_RSA_MOD_EXP"}, -{0,NULL} - }; - -static ERR_STRING_DATA CSWIFT_str_reasons[]= - { -{CSWIFT_R_ALREADY_LOADED ,"already loaded"}, -{CSWIFT_R_BAD_KEY_SIZE ,"bad key size"}, -{CSWIFT_R_BN_CTX_FULL ,"bn ctx full"}, -{CSWIFT_R_BN_EXPAND_FAIL ,"bn expand fail"}, -{CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, -{CSWIFT_R_MISSING_KEY_COMPONENTS ,"missing key components"}, -{CSWIFT_R_NOT_LOADED ,"not loaded"}, -{CSWIFT_R_REQUEST_FAILED ,"request failed"}, -{CSWIFT_R_UNIT_FAILURE ,"unit failure"}, -{0,NULL} - }; - -#endif - -#ifdef CSWIFT_LIB_NAME -static ERR_STRING_DATA CSWIFT_lib_name[]= - { -{0 ,CSWIFT_LIB_NAME}, -{0,NULL} - }; -#endif - - -static int CSWIFT_lib_error_code=0; -static int CSWIFT_error_init=1; - -static void ERR_load_CSWIFT_strings(void) - { - if (CSWIFT_lib_error_code == 0) - CSWIFT_lib_error_code=ERR_get_next_error_library(); - - if (CSWIFT_error_init) - { - CSWIFT_error_init=0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(CSWIFT_lib_error_code,CSWIFT_str_functs); - ERR_load_strings(CSWIFT_lib_error_code,CSWIFT_str_reasons); -#endif - -#ifdef CSWIFT_LIB_NAME - CSWIFT_lib_name->error = ERR_PACK(CSWIFT_lib_error_code,0,0); - ERR_load_strings(0,CSWIFT_lib_name); -#endif - } - } - -static void ERR_unload_CSWIFT_strings(void) - { - if (CSWIFT_error_init == 0) - { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(CSWIFT_lib_error_code,CSWIFT_str_functs); - ERR_unload_strings(CSWIFT_lib_error_code,CSWIFT_str_reasons); -#endif - -#ifdef CSWIFT_LIB_NAME - ERR_unload_strings(0,CSWIFT_lib_name); -#endif - CSWIFT_error_init=1; - } - } - -static void ERR_CSWIFT_error(int function, int reason, char *file, int line) - { - if (CSWIFT_lib_error_code == 0) - CSWIFT_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(CSWIFT_lib_error_code,function,reason,file,line); - } diff --git a/src/lib/libcrypto/engine/hw_cswift_err.h b/src/lib/libcrypto/engine/hw_cswift_err.h deleted file mode 100644 index 7120c3216f..0000000000 --- a/src/lib/libcrypto/engine/hw_cswift_err.h +++ /dev/null @@ -1,93 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_CSWIFT_ERR_H -#define HEADER_CSWIFT_ERR_H - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_CSWIFT_strings(void); -static void ERR_unload_CSWIFT_strings(void); -static void ERR_CSWIFT_error(int function, int reason, char *file, int line); -#define CSWIFTerr(f,r) ERR_CSWIFT_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the CSWIFT functions. */ - -/* Function codes. */ -#define CSWIFT_F_CSWIFT_CTRL 100 -#define CSWIFT_F_CSWIFT_DSA_SIGN 101 -#define CSWIFT_F_CSWIFT_DSA_VERIFY 102 -#define CSWIFT_F_CSWIFT_FINISH 103 -#define CSWIFT_F_CSWIFT_INIT 104 -#define CSWIFT_F_CSWIFT_MOD_EXP 105 -#define CSWIFT_F_CSWIFT_MOD_EXP_CRT 106 -#define CSWIFT_F_CSWIFT_RSA_MOD_EXP 107 - -/* Reason codes. */ -#define CSWIFT_R_ALREADY_LOADED 100 -#define CSWIFT_R_BAD_KEY_SIZE 101 -#define CSWIFT_R_BN_CTX_FULL 102 -#define CSWIFT_R_BN_EXPAND_FAIL 103 -#define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED 104 -#define CSWIFT_R_MISSING_KEY_COMPONENTS 105 -#define CSWIFT_R_NOT_LOADED 106 -#define CSWIFT_R_REQUEST_FAILED 107 -#define CSWIFT_R_UNIT_FAILURE 108 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/engine/hw_ncipher.c b/src/lib/libcrypto/engine/hw_ncipher.c deleted file mode 100644 index 0d1c6b8df0..0000000000 --- a/src/lib/libcrypto/engine/hw_ncipher.c +++ /dev/null @@ -1,1388 +0,0 @@ -/* crypto/engine/hw_ncipher.c -*- mode: C; c-file-style: "eay" -*- */ -/* Written by Richard Levitte (richard@levitte.org), Geoff Thorpe - * (geoff@geoffthorpe.net) and Dr Stephen N Henson (shenson@bigfoot.com) - * for the OpenSSL project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_NCIPHER - -/* Attribution notice: nCipher have said several times that it's OK for - * us to implement a general interface to their boxes, and recently declared - * their HWCryptoHook to be public, and therefore available for us to use. - * Thanks, nCipher. - * - * The hwcryptohook.h included here is from May 2000. - * [Richard Levitte] - */ -#ifdef FLAT_INC -#include "hwcryptohook.h" -#else -#include "vendor_defns/hwcryptohook.h" -#endif - -#define HWCRHK_LIB_NAME "hwcrhk engine" -#include "hw_ncipher_err.c" - -static int hwcrhk_destroy(ENGINE *e); -static int hwcrhk_init(ENGINE *e); -static int hwcrhk_finish(ENGINE *e); -static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); - -/* Functions to handle mutexes if have dynamic locks */ -static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*); -static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*); -static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*); -static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); -#if 1 /* This is a HACK which will disappear in 0.9.8 */ -/* Functions to handle mutexes if only have static locks */ -static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m, - HWCryptoHook_CallerContext *c); -static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m); -static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m); -static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m); -#endif - -/* BIGNUM stuff */ -static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -#ifndef OPENSSL_NO_RSA -/* RSA stuff */ -static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa); -#endif -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); - -#ifndef OPENSSL_NO_DH -/* DH stuff */ -/* This function is alised to mod_exp (with the DH and mont dropped). */ -static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -#endif - -/* RAND stuff */ -static int hwcrhk_rand_bytes(unsigned char *buf, int num); -static int hwcrhk_rand_status(void); - -/* KM stuff */ -static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data); -static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data); -static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int ind,long argl, void *argp); - -/* Interaction stuff */ -static int hwcrhk_insert_card(const char *prompt_info, - const char *wrong_info, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx); -static int hwcrhk_get_pass(const char *prompt_info, - int *len_io, char *buf, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx); -static void hwcrhk_log_message(void *logstr, const char *message); - -/* The definitions for control commands specific to this engine */ -#define HWCRHK_CMD_SO_PATH ENGINE_CMD_BASE -#define HWCRHK_CMD_FORK_CHECK (ENGINE_CMD_BASE + 1) -#define HWCRHK_CMD_THREAD_LOCKING (ENGINE_CMD_BASE + 2) -#define HWCRHK_CMD_SET_USER_INTERFACE (ENGINE_CMD_BASE + 3) -#define HWCRHK_CMD_SET_CALLBACK_DATA (ENGINE_CMD_BASE + 4) -static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = { - {HWCRHK_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'hwcrhk' shared library", - ENGINE_CMD_FLAG_STRING}, - {HWCRHK_CMD_FORK_CHECK, - "FORK_CHECK", - "Turns fork() checking on or off (boolean)", - ENGINE_CMD_FLAG_NUMERIC}, - {HWCRHK_CMD_THREAD_LOCKING, - "THREAD_LOCKING", - "Turns thread-safe locking on or off (boolean)", - ENGINE_CMD_FLAG_NUMERIC}, - {HWCRHK_CMD_SET_USER_INTERFACE, - "SET_USER_INTERFACE", - "Set the global user interface (internal)", - ENGINE_CMD_FLAG_INTERNAL}, - {HWCRHK_CMD_SET_CALLBACK_DATA, - "SET_CALLBACK_DATA", - "Set the global user interface extra data (internal)", - ENGINE_CMD_FLAG_INTERNAL}, - {0, NULL, NULL, 0} - }; - -#ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD hwcrhk_rsa = - { - "nCipher RSA method", - NULL, - NULL, - NULL, - NULL, - hwcrhk_rsa_mod_exp, - hwcrhk_mod_exp_mont, - NULL, - NULL, - 0, - NULL, - NULL, - NULL - }; -#endif - -#ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD hwcrhk_dh = - { - "nCipher DH method", - NULL, - NULL, - hwcrhk_mod_exp_dh, - NULL, - NULL, - 0, - NULL - }; -#endif - -static RAND_METHOD hwcrhk_rand = - { - /* "nCipher RAND method", */ - NULL, - hwcrhk_rand_bytes, - NULL, - NULL, - hwcrhk_rand_bytes, - hwcrhk_rand_status, - }; - -/* Constants used when creating the ENGINE */ -static const char *engine_hwcrhk_id = "chil"; -static const char *engine_hwcrhk_name = "nCipher hardware engine support"; - -/* Internal stuff for HWCryptoHook */ - -/* Some structures needed for proper use of thread locks */ -/* hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue - into HWCryptoHook_Mutex */ -struct HWCryptoHook_MutexValue - { - int lockid; - }; - -/* hwcryptohook.h has some typedefs that turn - struct HWCryptoHook_PassphraseContextValue - into HWCryptoHook_PassphraseContext */ -struct HWCryptoHook_PassphraseContextValue - { - UI_METHOD *ui_method; - void *callback_data; - }; - -/* hwcryptohook.h has some typedefs that turn - struct HWCryptoHook_CallerContextValue - into HWCryptoHook_CallerContext */ -struct HWCryptoHook_CallerContextValue - { - pem_password_cb *password_callback; /* Deprecated! Only present for - backward compatibility! */ - UI_METHOD *ui_method; - void *callback_data; - }; - -/* The MPI structure in HWCryptoHook is pretty compatible with OpenSSL - BIGNUM's, so lets define a couple of conversion macros */ -#define BN2MPI(mp, bn) \ - {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;} -#define MPI2BN(bn, mp) \ - {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;} - -static BIO *logstream = NULL; -static int disable_mutex_callbacks = 0; - -/* One might wonder why these are needed, since one can pass down at least - a UI_METHOD and a pointer to callback data to the key-loading functions. - The thing is that the ModExp and RSAImmed functions can load keys as well, - if the data they get is in a special, nCipher-defined format (hint: if you - look at the private exponent of the RSA data as a string, you'll see this - string: "nCipher KM tool key id", followed by some bytes, followed a key - identity string, followed by more bytes. This happens when you use "embed" - keys instead of "hwcrhk" keys). Unfortunately, those functions do not take - any passphrase or caller context, and our functions can't really take any - callback data either. Still, the "insert_card" and "get_passphrase" - callbacks may be called down the line, and will need to know what user - interface callbacks to call, and having callback data from the application - may be a nice thing as well, so we need to keep track of that globally. */ -static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL }; - -/* Stuff to pass to the HWCryptoHook library */ -static HWCryptoHook_InitInfo hwcrhk_globals = { - HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */ - &logstream, /* logstream */ - sizeof(BN_ULONG), /* limbsize */ - 0, /* mslimb first: false for BNs */ - -1, /* msbyte first: use native */ - 0, /* Max mutexes, 0 = no small limit */ - 0, /* Max simultaneous, 0 = default */ - - /* The next few are mutex stuff: we write wrapper functions - around the OS mutex functions. We initialise them to 0 - here, and change that to actual function pointers in hwcrhk_init() - if dynamic locks are supported (that is, if the application - programmer has made sure of setting up callbacks bafore starting - this engine) *and* if disable_mutex_callbacks hasn't been set by - a call to ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING). */ - sizeof(HWCryptoHook_Mutex), - 0, - 0, - 0, - 0, - - /* The next few are condvar stuff: we write wrapper functions - round the OS functions. Currently not implemented and not - and absolute necessity even in threaded programs, therefore - 0'ed. Will hopefully be implemented some day, since it - enhances the efficiency of HWCryptoHook. */ - 0, /* sizeof(HWCryptoHook_CondVar), */ - 0, /* hwcrhk_cv_init, */ - 0, /* hwcrhk_cv_wait, */ - 0, /* hwcrhk_cv_signal, */ - 0, /* hwcrhk_cv_broadcast, */ - 0, /* hwcrhk_cv_destroy, */ - - hwcrhk_get_pass, /* pass phrase */ - hwcrhk_insert_card, /* insert a card */ - hwcrhk_log_message /* Log message */ -}; - - -/* Now, to our own code */ - -/* This internal function is used by ENGINE_ncipher() and possibly by the - * "dynamic" ENGINE support too */ -static int bind_helper(ENGINE *e) - { -#ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -#endif -#ifndef OPENSSL_NO_DH - const DH_METHOD *meth2; -#endif - if(!ENGINE_set_id(e, engine_hwcrhk_id) || - !ENGINE_set_name(e, engine_hwcrhk_name) || -#ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &hwcrhk_rsa) || -#endif -#ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &hwcrhk_dh) || -#endif - !ENGINE_set_RAND(e, &hwcrhk_rand) || - !ENGINE_set_destroy_function(e, hwcrhk_destroy) || - !ENGINE_set_init_function(e, hwcrhk_init) || - !ENGINE_set_finish_function(e, hwcrhk_finish) || - !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) || - !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) || - !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) || - !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns)) - return 0; - -#ifndef OPENSSL_NO_RSA - /* We know that the "PKCS1_SSLeay()" functions hook properly - * to the cswift-specific mod_exp and mod_exp_crt so we use - * those functions. NB: We don't use ENGINE_openssl() or - * anything "more generic" because something like the RSAref - * code may not hook properly, and if you own one of these - * cards then you have the right to do RSA operations on it - * anyway! */ - meth1 = RSA_PKCS1_SSLeay(); - hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -#endif - -#ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth2 = DH_OpenSSL(); - hwcrhk_dh.generate_key = meth2->generate_key; - hwcrhk_dh.compute_key = meth2->compute_key; -#endif - - /* Ensure the hwcrhk error handling is set up */ - ERR_load_HWCRHK_strings(); - return 1; - } - -#ifndef ENGINE_DYNAMIC_SUPPORT -static ENGINE *engine_ncipher(void) - { - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_helper(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; - } - -void ENGINE_load_chil(void) - { - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_ncipher(); - if(!toadd) return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); - } -#endif - -/* This is a process-global DSO handle used for loading and unloading - * the HWCryptoHook library. NB: This is only set (or unset) during an - * init() or finish() call (reference counts permitting) and they're - * operating with global locks, so this should be thread-safe - * implicitly. */ -static DSO *hwcrhk_dso = NULL; -static HWCryptoHook_ContextHandle hwcrhk_context = 0; -#ifndef OPENSSL_NO_RSA -static int hndidx_rsa = -1; /* Index for KM handle. Not really used yet. */ -#endif - -/* These are the function pointers that are (un)set when the library has - * successfully (un)loaded. */ -static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL; -static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL; -static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL; -#ifndef OPENSSL_NO_RSA -static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL; -#endif -static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL; -#ifndef OPENSSL_NO_RSA -static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL; -static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL; -static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL; -#endif -static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL; - -/* Used in the DSO operations. */ -static const char *HWCRHK_LIBNAME = NULL; -static void free_HWCRHK_LIBNAME(void) - { - if(HWCRHK_LIBNAME) - OPENSSL_free((void*)HWCRHK_LIBNAME); - HWCRHK_LIBNAME = NULL; - } -static const char *get_HWCRHK_LIBNAME(void) - { - if(HWCRHK_LIBNAME) - return HWCRHK_LIBNAME; - return "nfhwcrhk"; - } -static long set_HWCRHK_LIBNAME(const char *name) - { - free_HWCRHK_LIBNAME(); - return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); - } -static const char *n_hwcrhk_Init = "HWCryptoHook_Init"; -static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish"; -static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp"; -#ifndef OPENSSL_NO_RSA -static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA"; -#endif -static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes"; -#ifndef OPENSSL_NO_RSA -static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey"; -static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey"; -static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey"; -#endif -static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT"; - -/* HWCryptoHook library functions and mechanics - these are used by the - * higher-level functions further down. NB: As and where there's no - * error checking, take a look lower down where these functions are - * called, the checking and error handling is probably down there. */ - -/* utility function to obtain a context */ -static int get_context(HWCryptoHook_ContextHandle *hac, - HWCryptoHook_CallerContext *cac) - { - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg, - cac); - if (!*hac) - return 0; - return 1; - } - -/* similarly to release one. */ -static void release_context(HWCryptoHook_ContextHandle hac) - { - p_hwcrhk_Finish(hac); - } - -/* Destructor (complements the "ENGINE_ncipher()" constructor) */ -static int hwcrhk_destroy(ENGINE *e) - { - free_HWCRHK_LIBNAME(); - ERR_unload_HWCRHK_strings(); - return 1; - } - -/* (de)initialisation functions. */ -static int hwcrhk_init(ENGINE *e) - { - HWCryptoHook_Init_t *p1; - HWCryptoHook_Finish_t *p2; - HWCryptoHook_ModExp_t *p3; -#ifndef OPENSSL_NO_RSA - HWCryptoHook_RSA_t *p4; - HWCryptoHook_RSALoadKey_t *p5; - HWCryptoHook_RSAGetPublicKey_t *p6; - HWCryptoHook_RSAUnloadKey_t *p7; -#endif - HWCryptoHook_RandomBytes_t *p8; - HWCryptoHook_ModExpCRT_t *p9; - - if(hwcrhk_dso != NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_ALREADY_LOADED); - goto err; - } - /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */ - hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0); - if(hwcrhk_dso == NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE); - goto err; - } - if(!(p1 = (HWCryptoHook_Init_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) || - !(p2 = (HWCryptoHook_Finish_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) || - !(p3 = (HWCryptoHook_ModExp_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) || -#ifndef OPENSSL_NO_RSA - !(p4 = (HWCryptoHook_RSA_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) || - !(p5 = (HWCryptoHook_RSALoadKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) || - !(p6 = (HWCryptoHook_RSAGetPublicKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) || - !(p7 = (HWCryptoHook_RSAUnloadKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) || -#endif - !(p8 = (HWCryptoHook_RandomBytes_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) || - !(p9 = (HWCryptoHook_ModExpCRT_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT))) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE); - goto err; - } - /* Copy the pointers */ - p_hwcrhk_Init = p1; - p_hwcrhk_Finish = p2; - p_hwcrhk_ModExp = p3; -#ifndef OPENSSL_NO_RSA - p_hwcrhk_RSA = p4; - p_hwcrhk_RSALoadKey = p5; - p_hwcrhk_RSAGetPublicKey = p6; - p_hwcrhk_RSAUnloadKey = p7; -#endif - p_hwcrhk_RandomBytes = p8; - p_hwcrhk_ModExpCRT = p9; - - /* Check if the application decided to support dynamic locks, - and if it does, use them. */ - if (disable_mutex_callbacks == 0) - { - if (CRYPTO_get_dynlock_create_callback() != NULL && - CRYPTO_get_dynlock_lock_callback() != NULL && - CRYPTO_get_dynlock_destroy_callback() != NULL) - { - hwcrhk_globals.mutex_init = hwcrhk_mutex_init; - hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; - hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; - hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; - } - else if (CRYPTO_get_locking_callback() != NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DYNAMIC_LOCKING_MISSING); - ERR_add_error_data(1,"You HAVE to add dynamic locking callbacks via CRYPTO_set_dynlock_{create,lock,destroy}_callback()"); -#if 1 /* This is a HACK which will disappear in 0.9.8 */ - hwcrhk_globals.maxmutexes = 1; /* Only have one lock */ - hwcrhk_globals.mutex_init = hwcrhk_static_mutex_init; - hwcrhk_globals.mutex_acquire = hwcrhk_static_mutex_lock; - hwcrhk_globals.mutex_release = hwcrhk_static_mutex_unlock; - hwcrhk_globals.mutex_destroy = hwcrhk_static_mutex_destroy; -#else - goto err; -#endif - } - } - - /* Try and get a context - if not, we may have a DSO but no - * accelerator! */ - if(!get_context(&hwcrhk_context, &password_context)) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_UNIT_FAILURE); - goto err; - } - /* Everything's fine. */ -#ifndef OPENSSL_NO_RSA - if (hndidx_rsa == -1) - hndidx_rsa = RSA_get_ex_new_index(0, - "nFast HWCryptoHook RSA key handle", - NULL, NULL, hwcrhk_ex_free); -#endif - return 1; -err: - if(hwcrhk_dso) - DSO_free(hwcrhk_dso); - hwcrhk_dso = NULL; - p_hwcrhk_Init = NULL; - p_hwcrhk_Finish = NULL; - p_hwcrhk_ModExp = NULL; -#ifndef OPENSSL_NO_RSA - p_hwcrhk_RSA = NULL; - p_hwcrhk_RSALoadKey = NULL; - p_hwcrhk_RSAGetPublicKey = NULL; - p_hwcrhk_RSAUnloadKey = NULL; -#endif - p_hwcrhk_ModExpCRT = NULL; - p_hwcrhk_RandomBytes = NULL; - return 0; - } - -static int hwcrhk_finish(ENGINE *e) - { - int to_return = 1; - free_HWCRHK_LIBNAME(); - if(hwcrhk_dso == NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED); - to_return = 0; - goto err; - } - release_context(hwcrhk_context); - if(!DSO_free(hwcrhk_dso)) - { - HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_DSO_FAILURE); - to_return = 0; - goto err; - } - err: - if (logstream) - BIO_free(logstream); - hwcrhk_dso = NULL; - p_hwcrhk_Init = NULL; - p_hwcrhk_Finish = NULL; - p_hwcrhk_ModExp = NULL; -#ifndef OPENSSL_NO_RSA - p_hwcrhk_RSA = NULL; - p_hwcrhk_RSALoadKey = NULL; - p_hwcrhk_RSAGetPublicKey = NULL; - p_hwcrhk_RSAUnloadKey = NULL; -#endif - p_hwcrhk_ModExpCRT = NULL; - p_hwcrhk_RandomBytes = NULL; - return to_return; - } - -static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) - { - int to_return = 1; - - switch(cmd) - { - case HWCRHK_CMD_SO_PATH: - if(hwcrhk_dso) - { - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_ALREADY_LOADED); - return 0; - } - if(p == NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - return set_HWCRHK_LIBNAME((const char *)p); - case ENGINE_CTRL_SET_LOGSTREAM: - { - BIO *bio = (BIO *)p; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (logstream) - { - BIO_free(logstream); - logstream = NULL; - } - if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1) - logstream = bio; - else - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_BIO_WAS_FREED); - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case ENGINE_CTRL_SET_PASSWORD_CALLBACK: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - password_context.password_callback = (pem_password_cb *)f; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case ENGINE_CTRL_SET_USER_INTERFACE: - case HWCRHK_CMD_SET_USER_INTERFACE: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - password_context.ui_method = (UI_METHOD *)p; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case ENGINE_CTRL_SET_CALLBACK_DATA: - case HWCRHK_CMD_SET_CALLBACK_DATA: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - password_context.callback_data = p; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - /* this enables or disables the "SimpleForkCheck" flag used in the - * initialisation structure. */ - case ENGINE_CTRL_CHIL_SET_FORKCHECK: - case HWCRHK_CMD_FORK_CHECK: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if(i) - hwcrhk_globals.flags |= - HWCryptoHook_InitFlags_SimpleForkCheck; - else - hwcrhk_globals.flags &= - ~HWCryptoHook_InitFlags_SimpleForkCheck; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - /* This will prevent the initialisation function from "installing" - * the mutex-handling callbacks, even if they are available from - * within the library (or were provided to the library from the - * calling application). This is to remove any baggage for - * applications not using multithreading. */ - case ENGINE_CTRL_CHIL_NO_LOCKING: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - disable_mutex_callbacks = 1; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case HWCRHK_CMD_THREAD_LOCKING: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - disable_mutex_callbacks = ((i == 0) ? 0 : 1); - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - - /* The command isn't understood by this engine */ - default: - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, - HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED); - to_return = 0; - break; - } - - return to_return; - } - -static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data) - { -#ifndef OPENSSL_NO_RSA - RSA *rtmp = NULL; -#endif - EVP_PKEY *res = NULL; -#ifndef OPENSSL_NO_RSA - HWCryptoHook_MPI e, n; - HWCryptoHook_RSAKeyHandle *hptr; -#endif -#if !defined(OPENSSL_NO_RSA) - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; -#endif - HWCryptoHook_PassphraseContext ppctx; - -#if !defined(OPENSSL_NO_RSA) - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); -#endif - - if(!hwcrhk_context) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - HWCRHK_R_NOT_INITIALISED); - goto err; - } -#ifndef OPENSSL_NO_RSA - hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle)); - if (!hptr) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - ppctx.ui_method = ui_method; - ppctx.callback_data = callback_data; - if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr, - &rmsg, &ppctx)) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - HWCRHK_R_CHIL_ERROR); - ERR_add_error_data(1,rmsg.buf); - goto err; - } - if (!*hptr) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - HWCRHK_R_NO_KEY); - goto err; - } -#endif -#ifndef OPENSSL_NO_RSA - rtmp = RSA_new_method(eng); - RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr); - rtmp->e = BN_new(); - rtmp->n = BN_new(); - rtmp->flags |= RSA_FLAG_EXT_PKEY; - MPI2BN(rtmp->e, e); - MPI2BN(rtmp->n, n); - if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg) - != HWCRYPTOHOOK_ERROR_MPISIZE) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,HWCRHK_R_CHIL_ERROR); - ERR_add_error_data(1,rmsg.buf); - goto err; - } - - bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG)); - bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG)); - MPI2BN(rtmp->e, e); - MPI2BN(rtmp->n, n); - - if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)) - { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY, - HWCRHK_R_CHIL_ERROR); - ERR_add_error_data(1,rmsg.buf); - goto err; - } - rtmp->e->top = e.size / sizeof(BN_ULONG); - bn_fix_top(rtmp->e); - rtmp->n->top = n.size / sizeof(BN_ULONG); - bn_fix_top(rtmp->n); - - res = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(res, rtmp); -#endif - - if (!res) - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY, - HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED); - - return res; - err: - if (res) - EVP_PKEY_free(res); -#ifndef OPENSSL_NO_RSA - if (rtmp) - RSA_free(rtmp); -#endif - return NULL; - } - -static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data) - { - EVP_PKEY *res = NULL; - -#ifndef OPENSSL_NO_RSA - res = hwcrhk_load_privkey(eng, key_id, - ui_method, callback_data); -#endif - - if (res) - switch(res->type) - { -#ifndef OPENSSL_NO_RSA - case EVP_PKEY_RSA: - { - RSA *rsa = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); - rsa = res->pkey.rsa; - res->pkey.rsa = RSA_new(); - res->pkey.rsa->n = rsa->n; - res->pkey.rsa->e = rsa->e; - rsa->n = NULL; - rsa->e = NULL; - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); - RSA_free(rsa); - } - break; -#endif - default: - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY, - HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED); - goto err; - } - - return res; - err: - if (res) - EVP_PKEY_free(res); - return NULL; - } - -/* A little mod_exp */ -static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) - { - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - /* Since HWCryptoHook_MPI is pretty compatible with BIGNUM's, - we use them directly, plus a little macro magic. We only - thing we need to make sure of is that enough space is allocated. */ - HWCryptoHook_MPI m_a, m_p, m_n, m_r; - int to_return, ret; - - to_return = 0; /* expect failure */ - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - if(!hwcrhk_context) - { - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED); - goto err; - } - /* Prepare the params */ - bn_expand2(r, m->top); /* Check for error !! */ - BN2MPI(m_a, a); - BN2MPI(m_p, p); - BN2MPI(m_n, m); - MPI2BN(r, m_r); - - /* Perform the operation */ - ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg); - - /* Convert the response */ - r->top = m_r.size / sizeof(BN_ULONG); - bn_fix_top(r); - - if (ret < 0) - { - /* FIXME: When this error is returned, HWCryptoHook is - telling us that falling back to software computation - might be a good thing. */ - if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) - { - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FALLBACK); - } - else - { - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1,rmsg.buf); - goto err; - } - - to_return = 1; -err: - return to_return; - } - -#ifndef OPENSSL_NO_RSA -static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) - { - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - HWCryptoHook_RSAKeyHandle *hptr; - int to_return = 0, ret; - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - if(!hwcrhk_context) - { - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED); - goto err; - } - - /* This provides support for nForce keys. Since that's opaque data - all we do is provide a handle to the proper key and let HWCryptoHook - take care of the rest. */ - if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa)) - != NULL) - { - HWCryptoHook_MPI m_a, m_r; - - if(!rsa->n) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_MISSING_KEY_COMPONENTS); - goto err; - } - - /* Prepare the params */ - bn_expand2(r, rsa->n->top); /* Check for error !! */ - BN2MPI(m_a, I); - MPI2BN(r, m_r); - - /* Perform the operation */ - ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg); - - /* Convert the response */ - r->top = m_r.size / sizeof(BN_ULONG); - bn_fix_top(r); - - if (ret < 0) - { - /* FIXME: When this error is returned, HWCryptoHook is - telling us that falling back to software computation - might be a good thing. */ - if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FALLBACK); - } - else - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1,rmsg.buf); - goto err; - } - } - else - { - HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r; - - if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_MISSING_KEY_COMPONENTS); - goto err; - } - - /* Prepare the params */ - bn_expand2(r, rsa->n->top); /* Check for error !! */ - BN2MPI(m_a, I); - BN2MPI(m_p, rsa->p); - BN2MPI(m_q, rsa->q); - BN2MPI(m_dmp1, rsa->dmp1); - BN2MPI(m_dmq1, rsa->dmq1); - BN2MPI(m_iqmp, rsa->iqmp); - MPI2BN(r, m_r); - - /* Perform the operation */ - ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q, - m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg); - - /* Convert the response */ - r->top = m_r.size / sizeof(BN_ULONG); - bn_fix_top(r); - - if (ret < 0) - { - /* FIXME: When this error is returned, HWCryptoHook is - telling us that falling back to software computation - might be a good thing. */ - if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FALLBACK); - } - else - { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1,rmsg.buf); - goto err; - } - } - /* If we're here, we must be here with some semblance of success :-) */ - to_return = 1; -err: - return to_return; - } -#endif - -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - return hwcrhk_mod_exp(r, a, p, m, ctx); - } - -#ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - return hwcrhk_mod_exp(r, a, p, m, ctx); - } -#endif - -/* Random bytes are good */ -static int hwcrhk_rand_bytes(unsigned char *buf, int num) - { - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - int to_return = 0; /* assume failure */ - int ret; - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - if(!hwcrhk_context) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,HWCRHK_R_NOT_INITIALISED); - goto err; - } - - ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg); - if (ret < 0) - { - /* FIXME: When this error is returned, HWCryptoHook is - telling us that falling back to software computation - might be a good thing. */ - if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) - { - HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, - HWCRHK_R_REQUEST_FALLBACK); - } - else - { - HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, - HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1,rmsg.buf); - goto err; - } - to_return = 1; - err: - return to_return; - } - -static int hwcrhk_rand_status(void) - { - return 1; - } - -/* This cleans up an RSA KM key, called when ex_data is freed */ - -static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int ind,long argl, void *argp) -{ - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; -#ifndef OPENSSL_NO_RSA - HWCryptoHook_RSAKeyHandle *hptr; -#endif -#if !defined(OPENSSL_NO_RSA) - int ret; -#endif - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - -#ifndef OPENSSL_NO_RSA - hptr = (HWCryptoHook_RSAKeyHandle *) item; - if(hptr) - { - ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL); - OPENSSL_free(hptr); - } -#endif -} - -/* Mutex calls: since the HWCryptoHook model closely follows the POSIX model - * these just wrap the POSIX functions and add some logging. - */ - -static int hwcrhk_mutex_init(HWCryptoHook_Mutex* mt, - HWCryptoHook_CallerContext *cactx) - { - mt->lockid = CRYPTO_get_new_dynlockid(); - if (mt->lockid == 0) - return 1; /* failure */ - return 0; /* success */ - } - -static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *mt) - { - CRYPTO_w_lock(mt->lockid); - return 0; - } - -static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt) - { - CRYPTO_w_unlock(mt->lockid); - } - -static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *mt) - { - CRYPTO_destroy_dynlockid(mt->lockid); - } - -/* Mutex upcalls to use if the application does not support dynamic locks */ - -static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m, - HWCryptoHook_CallerContext *c) - { - return 0; - } -static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m) - { - CRYPTO_w_lock(CRYPTO_LOCK_HWCRHK); - return 0; - } -static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m) - { - CRYPTO_w_unlock(CRYPTO_LOCK_HWCRHK); - } -static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m) - { - } - -static int hwcrhk_get_pass(const char *prompt_info, - int *len_io, char *buf, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx) - { - pem_password_cb *callback = NULL; - void *callback_data = NULL; - UI_METHOD *ui_method = NULL; - - if (cactx) - { - if (cactx->ui_method) - ui_method = cactx->ui_method; - if (cactx->password_callback) - callback = cactx->password_callback; - if (cactx->callback_data) - callback_data = cactx->callback_data; - } - if (ppctx) - { - if (ppctx->ui_method) - { - ui_method = ppctx->ui_method; - callback = NULL; - } - if (ppctx->callback_data) - callback_data = ppctx->callback_data; - } - if (callback == NULL && ui_method == NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS,HWCRHK_R_NO_CALLBACK); - return -1; - } - - if (ui_method) - { - UI *ui = UI_new_method(ui_method); - if (ui) - { - int ok; - char *prompt = UI_construct_prompt(ui, - "pass phrase", prompt_info); - - ok = UI_add_input_string(ui,prompt, - UI_INPUT_FLAG_DEFAULT_PWD, - buf,0,(*len_io) - 1); - UI_add_user_data(ui, callback_data); - UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); - - if (ok >= 0) - do - { - ok=UI_process(ui); - } - while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0)); - - if (ok >= 0) - *len_io = strlen(buf); - - UI_free(ui); - OPENSSL_free(prompt); - } - } - else - { - *len_io = callback(buf, *len_io, 0, callback_data); - } - if(!*len_io) - return -1; - return 0; - } - -static int hwcrhk_insert_card(const char *prompt_info, - const char *wrong_info, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx) - { - int ok = -1; - UI *ui; - void *callback_data = NULL; - UI_METHOD *ui_method = NULL; - - if (cactx) - { - if (cactx->ui_method) - ui_method = cactx->ui_method; - if (cactx->callback_data) - callback_data = cactx->callback_data; - } - if (ppctx) - { - if (ppctx->ui_method) - ui_method = ppctx->ui_method; - if (ppctx->callback_data) - callback_data = ppctx->callback_data; - } - if (ui_method == NULL) - { - HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD, - HWCRHK_R_NO_CALLBACK); - return -1; - } - - ui = UI_new_method(ui_method); - - if (ui) - { - char answer; - char buf[BUFSIZ]; - - if (wrong_info) - BIO_snprintf(buf, sizeof(buf)-1, - "Current card: \"%s\"\n", wrong_info); - ok = UI_dup_info_string(ui, buf); - if (ok >= 0 && prompt_info) - { - BIO_snprintf(buf, sizeof(buf)-1, - "Insert card \"%s\"", prompt_info); - ok = UI_dup_input_boolean(ui, buf, - "\n then hit or C to cancel\n", - "\r\n", "Cc", UI_INPUT_FLAG_ECHO, &answer); - } - UI_add_user_data(ui, callback_data); - - if (ok >= 0) - ok = UI_process(ui); - UI_free(ui); - - if (ok == -2 || (ok >= 0 && answer == 'C')) - ok = 1; - else if (ok < 0) - ok = -1; - else - ok = 0; - } - return ok; - } - -static void hwcrhk_log_message(void *logstr, const char *message) - { - BIO *lstream = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_BIO); - if (logstr) - lstream=*(BIO **)logstr; - if (lstream) - { - BIO_printf(lstream, "%s\n", message); - } - CRYPTO_w_unlock(CRYPTO_LOCK_BIO); - } - -/* This stuff is needed if this ENGINE is being compiled into a self-contained - * shared-library. */ -#ifdef ENGINE_DYNAMIC_SUPPORT -static int bind_fn(ENGINE *e, const char *id) - { - if(id && (strcmp(id, engine_hwcrhk_id) != 0)) - return 0; - if(!bind_helper(e)) - return 0; - return 1; - } -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -#endif /* ENGINE_DYNAMIC_SUPPORT */ - -#endif /* !OPENSSL_NO_HW_NCIPHER */ -#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_ncipher_err.c b/src/lib/libcrypto/engine/hw_ncipher_err.c deleted file mode 100644 index 5bc94581b7..0000000000 --- a/src/lib/libcrypto/engine/hw_ncipher_err.c +++ /dev/null @@ -1,157 +0,0 @@ -/* hw_ncipher_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "hw_ncipher_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA HWCRHK_str_functs[]= - { -{ERR_PACK(0,HWCRHK_F_HWCRHK_CTRL,0), "HWCRHK_CTRL"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_FINISH,0), "HWCRHK_FINISH"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_GET_PASS,0), "HWCRHK_GET_PASS"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_INIT,0), "HWCRHK_INIT"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_INSERT_CARD,0), "HWCRHK_INSERT_CARD"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PRIVKEY,0), "HWCRHK_LOAD_PRIVKEY"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PUBKEY,0), "HWCRHK_LOAD_PUBKEY"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_MOD_EXP,0), "HWCRHK_MOD_EXP"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_RAND_BYTES,0), "HWCRHK_RAND_BYTES"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_RSA_MOD_EXP,0), "HWCRHK_RSA_MOD_EXP"}, -{0,NULL} - }; - -static ERR_STRING_DATA HWCRHK_str_reasons[]= - { -{HWCRHK_R_ALREADY_LOADED ,"already loaded"}, -{HWCRHK_R_BIO_WAS_FREED ,"bio was freed"}, -{HWCRHK_R_CHIL_ERROR ,"chil error"}, -{HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, -{HWCRHK_R_DSO_FAILURE ,"dso failure"}, -{HWCRHK_R_DYNAMIC_LOCKING_MISSING ,"dynamic locking missing"}, -{HWCRHK_R_MISSING_KEY_COMPONENTS ,"missing key components"}, -{HWCRHK_R_NOT_INITIALISED ,"not initialised"}, -{HWCRHK_R_NOT_LOADED ,"not loaded"}, -{HWCRHK_R_NO_CALLBACK ,"no callback"}, -{HWCRHK_R_NO_KEY ,"no key"}, -{HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED,"private key algorithms disabled"}, -{HWCRHK_R_REQUEST_FAILED ,"request failed"}, -{HWCRHK_R_REQUEST_FALLBACK ,"request fallback"}, -{HWCRHK_R_UNIT_FAILURE ,"unit failure"}, -{0,NULL} - }; - -#endif - -#ifdef HWCRHK_LIB_NAME -static ERR_STRING_DATA HWCRHK_lib_name[]= - { -{0 ,HWCRHK_LIB_NAME}, -{0,NULL} - }; -#endif - - -static int HWCRHK_lib_error_code=0; -static int HWCRHK_error_init=1; - -static void ERR_load_HWCRHK_strings(void) - { - if (HWCRHK_lib_error_code == 0) - HWCRHK_lib_error_code=ERR_get_next_error_library(); - - if (HWCRHK_error_init) - { - HWCRHK_error_init=0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_functs); - ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons); -#endif - -#ifdef HWCRHK_LIB_NAME - HWCRHK_lib_name->error = ERR_PACK(HWCRHK_lib_error_code,0,0); - ERR_load_strings(0,HWCRHK_lib_name); -#endif - } - } - -static void ERR_unload_HWCRHK_strings(void) - { - if (HWCRHK_error_init == 0) - { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_functs); - ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons); -#endif - -#ifdef HWCRHK_LIB_NAME - ERR_unload_strings(0,HWCRHK_lib_name); -#endif - HWCRHK_error_init=1; - } - } - -static void ERR_HWCRHK_error(int function, int reason, char *file, int line) - { - if (HWCRHK_lib_error_code == 0) - HWCRHK_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(HWCRHK_lib_error_code,function,reason,file,line); - } diff --git a/src/lib/libcrypto/engine/hw_ncipher_err.h b/src/lib/libcrypto/engine/hw_ncipher_err.h deleted file mode 100644 index d232d02319..0000000000 --- a/src/lib/libcrypto/engine/hw_ncipher_err.h +++ /dev/null @@ -1,101 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_HWCRHK_ERR_H -#define HEADER_HWCRHK_ERR_H - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_HWCRHK_strings(void); -static void ERR_unload_HWCRHK_strings(void); -static void ERR_HWCRHK_error(int function, int reason, char *file, int line); -#define HWCRHKerr(f,r) ERR_HWCRHK_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the HWCRHK functions. */ - -/* Function codes. */ -#define HWCRHK_F_HWCRHK_CTRL 100 -#define HWCRHK_F_HWCRHK_FINISH 101 -#define HWCRHK_F_HWCRHK_GET_PASS 102 -#define HWCRHK_F_HWCRHK_INIT 103 -#define HWCRHK_F_HWCRHK_INSERT_CARD 104 -#define HWCRHK_F_HWCRHK_LOAD_PRIVKEY 105 -#define HWCRHK_F_HWCRHK_LOAD_PUBKEY 106 -#define HWCRHK_F_HWCRHK_MOD_EXP 107 -#define HWCRHK_F_HWCRHK_RAND_BYTES 108 -#define HWCRHK_F_HWCRHK_RSA_MOD_EXP 109 - -/* Reason codes. */ -#define HWCRHK_R_ALREADY_LOADED 100 -#define HWCRHK_R_BIO_WAS_FREED 101 -#define HWCRHK_R_CHIL_ERROR 102 -#define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 -#define HWCRHK_R_DSO_FAILURE 104 -#define HWCRHK_R_DYNAMIC_LOCKING_MISSING 114 -#define HWCRHK_R_MISSING_KEY_COMPONENTS 105 -#define HWCRHK_R_NOT_INITIALISED 106 -#define HWCRHK_R_NOT_LOADED 107 -#define HWCRHK_R_NO_CALLBACK 108 -#define HWCRHK_R_NO_KEY 109 -#define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED 110 -#define HWCRHK_R_REQUEST_FAILED 111 -#define HWCRHK_R_REQUEST_FALLBACK 112 -#define HWCRHK_R_UNIT_FAILURE 113 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/engine/hw_nuron.c b/src/lib/libcrypto/engine/hw_nuron.c deleted file mode 100644 index fb9188bfe5..0000000000 --- a/src/lib/libcrypto/engine/hw_nuron.c +++ /dev/null @@ -1,418 +0,0 @@ -/* crypto/engine/hw_nuron.c */ -/* Written by Ben Laurie for the OpenSSL Project, leaning heavily on Geoff - * Thorpe's Atalla implementation. - */ -/* ==================================================================== - * Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include -#include - - -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_NURON - -#define NURON_LIB_NAME "nuron engine" -#include "hw_nuron_err.c" - -static const char *NURON_LIBNAME = NULL; -static const char *get_NURON_LIBNAME(void) - { - if(NURON_LIBNAME) - return NURON_LIBNAME; - return "nuronssl"; - } -static void free_NURON_LIBNAME(void) - { - if(NURON_LIBNAME) - OPENSSL_free((void*)NURON_LIBNAME); - NURON_LIBNAME = NULL; - } -static long set_NURON_LIBNAME(const char *name) - { - free_NURON_LIBNAME(); - return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); - } -static const char *NURON_F1 = "nuron_mod_exp"; - -/* The definitions for control commands specific to this engine */ -#define NURON_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN nuron_cmd_defns[] = { - {NURON_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'nuronssl' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} - }; - -typedef int tfnModExp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m); -static tfnModExp *pfnModExp = NULL; - -static DSO *pvDSOHandle = NULL; - -static int nuron_destroy(ENGINE *e) - { - free_NURON_LIBNAME(); - ERR_unload_NURON_strings(); - return 1; - } - -static int nuron_init(ENGINE *e) - { - if(pvDSOHandle != NULL) - { - NURONerr(NURON_F_NURON_INIT,NURON_R_ALREADY_LOADED); - return 0; - } - - pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL, - DSO_FLAG_NAME_TRANSLATION_EXT_ONLY); - if(!pvDSOHandle) - { - NURONerr(NURON_F_NURON_INIT,NURON_R_DSO_NOT_FOUND); - return 0; - } - - pfnModExp = (tfnModExp *)DSO_bind_func(pvDSOHandle, NURON_F1); - if(!pfnModExp) - { - NURONerr(NURON_F_NURON_INIT,NURON_R_DSO_FUNCTION_NOT_FOUND); - return 0; - } - - return 1; - } - -static int nuron_finish(ENGINE *e) - { - free_NURON_LIBNAME(); - if(pvDSOHandle == NULL) - { - NURONerr(NURON_F_NURON_FINISH,NURON_R_NOT_LOADED); - return 0; - } - if(!DSO_free(pvDSOHandle)) - { - NURONerr(NURON_F_NURON_FINISH,NURON_R_DSO_FAILURE); - return 0; - } - pvDSOHandle=NULL; - pfnModExp=NULL; - return 1; - } - -static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) - { - int initialised = ((pvDSOHandle == NULL) ? 0 : 1); - switch(cmd) - { - case NURON_CMD_SO_PATH: - if(p == NULL) - { - NURONerr(NURON_F_NURON_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if(initialised) - { - NURONerr(NURON_F_NURON_CTRL,NURON_R_ALREADY_LOADED); - return 0; - } - return set_NURON_LIBNAME((const char *)p); - default: - break; - } - NURONerr(NURON_F_NURON_CTRL,NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; -} - -static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p, - const BIGNUM *m,BN_CTX *ctx) - { - if(!pvDSOHandle) - { - NURONerr(NURON_F_NURON_MOD_EXP,NURON_R_NOT_LOADED); - return 0; - } - return pfnModExp(r,a,p,m); - } - -#ifndef OPENSSL_NO_RSA -static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) - { - return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL); - } -#endif - -#ifndef OPENSSL_NO_DSA -/* This code was liberated and adapted from the commented-out code in - * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration - * (it doesn't have a CRT form for RSA), this function means that an - * Atalla system running with a DSA server certificate can handshake - * around 5 or 6 times faster/more than an equivalent system running with - * RSA. Just check out the "signs" statistics from the RSA and DSA parts - * of "openssl speed -engine atalla dsa1024 rsa1024". */ -static int nuron_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) - { - BIGNUM t; - int to_return = 0; - - BN_init(&t); - /* let rr = a1 ^ p1 mod m */ - if (!nuron_mod_exp(rr,a1,p1,m,ctx)) - goto end; - /* let t = a2 ^ p2 mod m */ - if (!nuron_mod_exp(&t,a2,p2,m,ctx)) - goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr,rr,&t,m,ctx)) - goto end; - to_return = 1; -end: - BN_free(&t); - return to_return; - } - - -static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) - { - return nuron_mod_exp(r, a, p, m, ctx); - } -#endif - -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - return nuron_mod_exp(r, a, p, m, ctx); - } - -#ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - return nuron_mod_exp(r, a, p, m, ctx); - } -#endif - -#ifndef OPENSSL_NO_RSA -static RSA_METHOD nuron_rsa = - { - "Nuron RSA method", - NULL, - NULL, - NULL, - NULL, - nuron_rsa_mod_exp, - nuron_mod_exp_mont, - NULL, - NULL, - 0, - NULL, - NULL, - NULL - }; -#endif - -#ifndef OPENSSL_NO_DSA -static DSA_METHOD nuron_dsa = - { - "Nuron DSA method", - NULL, /* dsa_do_sign */ - NULL, /* dsa_sign_setup */ - NULL, /* dsa_do_verify */ - nuron_dsa_mod_exp, /* dsa_mod_exp */ - nuron_mod_exp_dsa, /* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL /* app_data */ - }; -#endif - -#ifndef OPENSSL_NO_DH -static DH_METHOD nuron_dh = - { - "Nuron DH method", - NULL, - NULL, - nuron_mod_exp_dh, - NULL, - NULL, - 0, - NULL - }; -#endif - -/* Constants used when creating the ENGINE */ -static const char *engine_nuron_id = "nuron"; -static const char *engine_nuron_name = "Nuron hardware engine support"; - -/* This internal function is used by ENGINE_nuron() and possibly by the - * "dynamic" ENGINE support too */ -static int bind_helper(ENGINE *e) - { -#ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -#endif -#ifndef OPENSSL_NO_DSA - const DSA_METHOD *meth2; -#endif -#ifndef OPENSSL_NO_DH - const DH_METHOD *meth3; -#endif - if(!ENGINE_set_id(e, engine_nuron_id) || - !ENGINE_set_name(e, engine_nuron_name) || -#ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &nuron_rsa) || -#endif -#ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &nuron_dsa) || -#endif -#ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &nuron_dh) || -#endif - !ENGINE_set_destroy_function(e, nuron_destroy) || - !ENGINE_set_init_function(e, nuron_init) || - !ENGINE_set_finish_function(e, nuron_finish) || - !ENGINE_set_ctrl_function(e, nuron_ctrl) || - !ENGINE_set_cmd_defns(e, nuron_cmd_defns)) - return 0; - -#ifndef OPENSSL_NO_RSA - /* We know that the "PKCS1_SSLeay()" functions hook properly - * to the nuron-specific mod_exp and mod_exp_crt so we use - * those functions. NB: We don't use ENGINE_openssl() or - * anything "more generic" because something like the RSAref - * code may not hook properly, and if you own one of these - * cards then you have the right to do RSA operations on it - * anyway! */ - meth1=RSA_PKCS1_SSLeay(); - nuron_rsa.rsa_pub_enc=meth1->rsa_pub_enc; - nuron_rsa.rsa_pub_dec=meth1->rsa_pub_dec; - nuron_rsa.rsa_priv_enc=meth1->rsa_priv_enc; - nuron_rsa.rsa_priv_dec=meth1->rsa_priv_dec; -#endif - -#ifndef OPENSSL_NO_DSA - /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish - * bits. */ - meth2=DSA_OpenSSL(); - nuron_dsa.dsa_do_sign=meth2->dsa_do_sign; - nuron_dsa.dsa_sign_setup=meth2->dsa_sign_setup; - nuron_dsa.dsa_do_verify=meth2->dsa_do_verify; -#endif - -#ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth3=DH_OpenSSL(); - nuron_dh.generate_key=meth3->generate_key; - nuron_dh.compute_key=meth3->compute_key; -#endif - - /* Ensure the nuron error handling is set up */ - ERR_load_NURON_strings(); - return 1; - } - -#ifndef ENGINE_DYNAMIC_SUPPORT -static ENGINE *engine_nuron(void) - { - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_helper(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; - } - -void ENGINE_load_nuron(void) - { - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_nuron(); - if(!toadd) return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); - } -#endif - -/* This stuff is needed if this ENGINE is being compiled into a self-contained - * shared-library. */ -#ifdef ENGINE_DYNAMIC_SUPPORT -static int bind_fn(ENGINE *e, const char *id) - { - if(id && (strcmp(id, engine_nuron_id) != 0)) - return 0; - if(!bind_helper(e)) - return 0; - return 1; - } -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -#endif /* ENGINE_DYNAMIC_SUPPORT */ - -#endif /* !OPENSSL_NO_HW_NURON */ -#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_nuron_err.c b/src/lib/libcrypto/engine/hw_nuron_err.c deleted file mode 100644 index df9d7bde76..0000000000 --- a/src/lib/libcrypto/engine/hw_nuron_err.c +++ /dev/null @@ -1,142 +0,0 @@ -/* hw_nuron_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "hw_nuron_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA NURON_str_functs[]= - { -{ERR_PACK(0,NURON_F_NURON_CTRL,0), "NURON_CTRL"}, -{ERR_PACK(0,NURON_F_NURON_FINISH,0), "NURON_FINISH"}, -{ERR_PACK(0,NURON_F_NURON_INIT,0), "NURON_INIT"}, -{ERR_PACK(0,NURON_F_NURON_MOD_EXP,0), "NURON_MOD_EXP"}, -{0,NULL} - }; - -static ERR_STRING_DATA NURON_str_reasons[]= - { -{NURON_R_ALREADY_LOADED ,"already loaded"}, -{NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, -{NURON_R_DSO_FAILURE ,"dso failure"}, -{NURON_R_DSO_FUNCTION_NOT_FOUND ,"dso function not found"}, -{NURON_R_DSO_NOT_FOUND ,"dso not found"}, -{NURON_R_NOT_LOADED ,"not loaded"}, -{0,NULL} - }; - -#endif - -#ifdef NURON_LIB_NAME -static ERR_STRING_DATA NURON_lib_name[]= - { -{0 ,NURON_LIB_NAME}, -{0,NULL} - }; -#endif - - -static int NURON_lib_error_code=0; -static int NURON_error_init=1; - -static void ERR_load_NURON_strings(void) - { - if (NURON_lib_error_code == 0) - NURON_lib_error_code=ERR_get_next_error_library(); - - if (NURON_error_init) - { - NURON_error_init=0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(NURON_lib_error_code,NURON_str_functs); - ERR_load_strings(NURON_lib_error_code,NURON_str_reasons); -#endif - -#ifdef NURON_LIB_NAME - NURON_lib_name->error = ERR_PACK(NURON_lib_error_code,0,0); - ERR_load_strings(0,NURON_lib_name); -#endif - } - } - -static void ERR_unload_NURON_strings(void) - { - if (NURON_error_init == 0) - { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(NURON_lib_error_code,NURON_str_functs); - ERR_unload_strings(NURON_lib_error_code,NURON_str_reasons); -#endif - -#ifdef NURON_LIB_NAME - ERR_unload_strings(0,NURON_lib_name); -#endif - NURON_error_init=1; - } - } - -static void ERR_NURON_error(int function, int reason, char *file, int line) - { - if (NURON_lib_error_code == 0) - NURON_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(NURON_lib_error_code,function,reason,file,line); - } diff --git a/src/lib/libcrypto/engine/hw_nuron_err.h b/src/lib/libcrypto/engine/hw_nuron_err.h deleted file mode 100644 index a56bfdf303..0000000000 --- a/src/lib/libcrypto/engine/hw_nuron_err.h +++ /dev/null @@ -1,86 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_NURON_ERR_H -#define HEADER_NURON_ERR_H - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_NURON_strings(void); -static void ERR_unload_NURON_strings(void); -static void ERR_NURON_error(int function, int reason, char *file, int line); -#define NURONerr(f,r) ERR_NURON_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the NURON functions. */ - -/* Function codes. */ -#define NURON_F_NURON_CTRL 100 -#define NURON_F_NURON_FINISH 101 -#define NURON_F_NURON_INIT 102 -#define NURON_F_NURON_MOD_EXP 103 - -/* Reason codes. */ -#define NURON_R_ALREADY_LOADED 100 -#define NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED 101 -#define NURON_R_DSO_FAILURE 102 -#define NURON_R_DSO_FUNCTION_NOT_FOUND 103 -#define NURON_R_DSO_NOT_FOUND 104 -#define NURON_R_NOT_LOADED 105 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/engine/hw_sureware.c b/src/lib/libcrypto/engine/hw_sureware.c deleted file mode 100644 index fca467e690..0000000000 --- a/src/lib/libcrypto/engine/hw_sureware.c +++ /dev/null @@ -1,1039 +0,0 @@ -/* Written by Corinne Dive-Reclus(cdive@baltimore.com) -* -* -* Redistribution and use in source and binary forms, with or without -* modification, are permitted provided that the following conditions -* are met: -* -* 1. Redistributions of source code must retain the above copyright -* notice, this list of conditions and the following disclaimer. -* -* 2. Redistributions in binary form must reproduce the above copyright -* notice, this list of conditions and the following disclaimer in -* the documentation and/or other materials provided with the -* distribution. -* -* 3. All advertising materials mentioning features or use of this -* software must display the following acknowledgment: -* "This product includes software developed by the OpenSSL Project -* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -* -* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -* endorse or promote products derived from this software without -* prior written permission. For written permission, please contact -* licensing@OpenSSL.org. -* -* 5. Products derived from this software may not be called "OpenSSL" -* nor may "OpenSSL" appear in their names without prior written -* permission of the OpenSSL Project. -* -* 6. Redistributions of any form whatsoever must retain the following -* acknowledgment: -* "This product includes software developed by the OpenSSL Project -* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -* -* Written by Corinne Dive-Reclus(cdive@baltimore.com) -* -* Copyright@2001 Baltimore Technologies Ltd. -* All right Reserved. -* * -* THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND * -* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * -* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * -* ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE * -* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * -* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * -* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * -* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * -* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * -* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * -* SUCH DAMAGE. * -====================================================================*/ - -#include -#include "cryptlib.h" -#include -#include -#include -#include "eng_int.h" -#include "engine.h" -#include - -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_SUREWARE - -#ifdef FLAT_INC -#include "sureware.h" -#else -#include "vendor_defns/sureware.h" -#endif - -#define SUREWARE_LIB_NAME "sureware engine" -#include "hw_sureware_err.c" - -static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); -static int surewarehk_destroy(ENGINE *e); -static int surewarehk_init(ENGINE *e); -static int surewarehk_finish(ENGINE *e); -static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -/* RSA stuff */ -static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to, - RSA *rsa,int padding); -static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to, - RSA *rsa,int padding); - -/* RAND stuff */ -static int surewarehk_rand_bytes(unsigned char *buf, int num); -static void surewarehk_rand_seed(const void *buf, int num); -static void surewarehk_rand_add(const void *buf, int num, double entropy); - -/* KM stuff */ -static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, void *callback_data); -static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, void *callback_data); -static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx,long argl, void *argp); -#if 0 -static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx,long argl, void *argp); -#endif - -#ifndef OPENSSL_NO_RSA -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int surewarehk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return surewarehk_modexp(r, a, p, m, ctx); -} - -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD surewarehk_rsa = - { - "SureWare RSA method", - NULL, /* pub_enc*/ - NULL, /* pub_dec*/ - surewarehk_rsa_sign, /* our rsa_sign is OpenSSL priv_enc*/ - surewarehk_rsa_priv_dec, /* priv_dec*/ - NULL, /*mod_exp*/ - surewarehk_mod_exp_mont, /*mod_exp_mongomery*/ - NULL, /* init*/ - NULL, /* finish*/ - 0, /* RSA flag*/ - NULL, - NULL, /* OpenSSL sign*/ - NULL /* OpenSSL verify*/ - }; -#endif - -#ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int surewarehk_modexp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return surewarehk_modexp(r, a, p, m, ctx); -} - -static DH_METHOD surewarehk_dh = - { - "SureWare DH method", - NULL,/*gen_key*/ - NULL,/*agree,*/ - surewarehk_modexp_dh, /*dh mod exp*/ - NULL, /* init*/ - NULL, /* finish*/ - 0, /* flags*/ - NULL - }; -#endif - -static RAND_METHOD surewarehk_rand = - { - /* "SureWare RAND method", */ - surewarehk_rand_seed, - surewarehk_rand_bytes, - NULL,/*cleanup*/ - surewarehk_rand_add, - surewarehk_rand_bytes, - NULL,/*rand_status*/ - }; - -#ifndef OPENSSL_NO_DSA -/* DSA stuff */ -static DSA_SIG * surewarehk_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); -static int surewarehk_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - BIGNUM t; - int to_return = 0; - BN_init(&t); - /* let rr = a1 ^ p1 mod m */ - if (!surewarehk_modexp(rr,a1,p1,m,ctx)) goto end; - /* let t = a2 ^ p2 mod m */ - if (!surewarehk_modexp(&t,a2,p2,m,ctx)) goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end; - to_return = 1; -end: - BN_free(&t); - return to_return; -} - -static DSA_METHOD surewarehk_dsa = - { - "SureWare DSA method", - surewarehk_dsa_do_sign, - NULL,/*sign setup*/ - NULL,/*verify,*/ - surewarehk_dsa_mod_exp,/*mod exp*/ - NULL,/*bn mod exp*/ - NULL, /*init*/ - NULL,/*finish*/ - 0, - NULL, - }; -#endif - -static const char *engine_sureware_id = "sureware"; -static const char *engine_sureware_name = "SureWare hardware engine support"; - -/* Now, to our own code */ - -/* As this is only ever called once, there's no need for locking - * (indeed - the lock will already be held by our caller!!!) */ -static int bind_sureware(ENGINE *e) -{ -#ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -#endif -#ifndef OPENSSL_NO_DSA - const DSA_METHOD *meth2; -#endif -#ifndef OPENSSL_NO_DH - const DH_METHOD *meth3; -#endif - - if(!ENGINE_set_id(e, engine_sureware_id) || - !ENGINE_set_name(e, engine_sureware_name) || -#ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &surewarehk_rsa) || -#endif -#ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &surewarehk_dsa) || -#endif -#ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &surewarehk_dh) || -#endif - !ENGINE_set_RAND(e, &surewarehk_rand) || - !ENGINE_set_destroy_function(e, surewarehk_destroy) || - !ENGINE_set_init_function(e, surewarehk_init) || - !ENGINE_set_finish_function(e, surewarehk_finish) || - !ENGINE_set_ctrl_function(e, surewarehk_ctrl) || - !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) || - !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey)) - return 0; - -#ifndef OPENSSL_NO_RSA - /* We know that the "PKCS1_SSLeay()" functions hook properly - * to the cswift-specific mod_exp and mod_exp_crt so we use - * those functions. NB: We don't use ENGINE_openssl() or - * anything "more generic" because something like the RSAref - * code may not hook properly, and if you own one of these - * cards then you have the right to do RSA operations on it - * anyway! */ - meth1 = RSA_PKCS1_SSLeay(); - if (meth1) - { - surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - } -#endif - -#ifndef OPENSSL_NO_DSA - /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish - * bits. */ - meth2 = DSA_OpenSSL(); - if (meth2) - { - surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify; - } -#endif - -#ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth3 = DH_OpenSSL(); - if (meth3) - { - surewarehk_dh.generate_key = meth3->generate_key; - surewarehk_dh.compute_key = meth3->compute_key; - } -#endif - - /* Ensure the sureware error handling is set up */ - ERR_load_SUREWARE_strings(); - return 1; -} - -#ifdef ENGINE_DYNAMIC_SUPPORT -static int bind_helper(ENGINE *e, const char *id) - { - if(id && (strcmp(id, engine_sureware_id) != 0)) - return 0; - if(!bind_sureware(e)) - return 0; - return 1; - } -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) -#else -static ENGINE *engine_sureware(void) - { - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_sureware(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; - } - -void ENGINE_load_sureware(void) - { - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_sureware(); - if(!toadd) return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); - } -#endif - -/* This is a process-global DSO handle used for loading and unloading - * the SureWareHook library. NB: This is only set (or unset) during an - * init() or finish() call (reference counts permitting) and they're - * operating with global locks, so this should be thread-safe - * implicitly. */ -static DSO *surewarehk_dso = NULL; -#ifndef OPENSSL_NO_RSA -static int rsaHndidx = -1; /* Index for KM handle. Not really used yet. */ -#endif -#ifndef OPENSSL_NO_DSA -static int dsaHndidx = -1; /* Index for KM handle. Not really used yet. */ -#endif - -/* These are the function pointers that are (un)set when the library has - * successfully (un)loaded. */ -static SureWareHook_Init_t *p_surewarehk_Init = NULL; -static SureWareHook_Finish_t *p_surewarehk_Finish = NULL; -static SureWareHook_Rand_Bytes_t *p_surewarehk_Rand_Bytes = NULL; -static SureWareHook_Rand_Seed_t *p_surewarehk_Rand_Seed = NULL; -static SureWareHook_Load_Privkey_t *p_surewarehk_Load_Privkey = NULL; -static SureWareHook_Info_Pubkey_t *p_surewarehk_Info_Pubkey = NULL; -static SureWareHook_Load_Rsa_Pubkey_t *p_surewarehk_Load_Rsa_Pubkey = NULL; -static SureWareHook_Load_Dsa_Pubkey_t *p_surewarehk_Load_Dsa_Pubkey = NULL; -static SureWareHook_Free_t *p_surewarehk_Free=NULL; -static SureWareHook_Rsa_Priv_Dec_t *p_surewarehk_Rsa_Priv_Dec=NULL; -static SureWareHook_Rsa_Sign_t *p_surewarehk_Rsa_Sign=NULL; -static SureWareHook_Dsa_Sign_t *p_surewarehk_Dsa_Sign=NULL; -static SureWareHook_Mod_Exp_t *p_surewarehk_Mod_Exp=NULL; - -/* Used in the DSO operations. */ -static const char *surewarehk_LIBNAME = "SureWareHook"; -static const char *n_surewarehk_Init = "SureWareHook_Init"; -static const char *n_surewarehk_Finish = "SureWareHook_Finish"; -static const char *n_surewarehk_Rand_Bytes="SureWareHook_Rand_Bytes"; -static const char *n_surewarehk_Rand_Seed="SureWareHook_Rand_Seed"; -static const char *n_surewarehk_Load_Privkey="SureWareHook_Load_Privkey"; -static const char *n_surewarehk_Info_Pubkey="SureWareHook_Info_Pubkey"; -static const char *n_surewarehk_Load_Rsa_Pubkey="SureWareHook_Load_Rsa_Pubkey"; -static const char *n_surewarehk_Load_Dsa_Pubkey="SureWareHook_Load_Dsa_Pubkey"; -static const char *n_surewarehk_Free="SureWareHook_Free"; -static const char *n_surewarehk_Rsa_Priv_Dec="SureWareHook_Rsa_Priv_Dec"; -static const char *n_surewarehk_Rsa_Sign="SureWareHook_Rsa_Sign"; -static const char *n_surewarehk_Dsa_Sign="SureWareHook_Dsa_Sign"; -static const char *n_surewarehk_Mod_Exp="SureWareHook_Mod_Exp"; -static BIO *logstream = NULL; - -/* SureWareHook library functions and mechanics - these are used by the - * higher-level functions further down. NB: As and where there's no - * error checking, take a look lower down where these functions are - * called, the checking and error handling is probably down there. -*/ -static int threadsafe=1; -static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) -{ - int to_return = 1; - - switch(cmd) - { - case ENGINE_CTRL_SET_LOGSTREAM: - { - BIO *bio = (BIO *)p; - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (logstream) - { - BIO_free(logstream); - logstream = NULL; - } - if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1) - logstream = bio; - else - SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,SUREWARE_R_BIO_WAS_FREED); - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - /* This will prevent the initialisation function from "installing" - * the mutex-handling callbacks, even if they are available from - * within the library (or were provided to the library from the - * calling application). This is to remove any baggage for - * applications not using multithreading. */ - case ENGINE_CTRL_CHIL_NO_LOCKING: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - threadsafe = 0; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - - /* The command isn't understood by this engine */ - default: - SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL, - ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); - to_return = 0; - break; - } - - return to_return; -} - -/* Destructor (complements the "ENGINE_surewarehk()" constructor) */ -static int surewarehk_destroy(ENGINE *e) -{ - ERR_unload_SUREWARE_strings(); - return 1; -} - -/* (de)initialisation functions. */ -static int surewarehk_init(ENGINE *e) -{ - char msg[64]="ENGINE_init"; - SureWareHook_Init_t *p1=NULL; - SureWareHook_Finish_t *p2=NULL; - SureWareHook_Rand_Bytes_t *p3=NULL; - SureWareHook_Rand_Seed_t *p4=NULL; - SureWareHook_Load_Privkey_t *p5=NULL; - SureWareHook_Load_Rsa_Pubkey_t *p6=NULL; - SureWareHook_Free_t *p7=NULL; - SureWareHook_Rsa_Priv_Dec_t *p8=NULL; - SureWareHook_Rsa_Sign_t *p9=NULL; - SureWareHook_Dsa_Sign_t *p12=NULL; - SureWareHook_Info_Pubkey_t *p13=NULL; - SureWareHook_Load_Dsa_Pubkey_t *p14=NULL; - SureWareHook_Mod_Exp_t *p15=NULL; - - if(surewarehk_dso != NULL) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_ALREADY_LOADED); - goto err; - } - /* Attempt to load libsurewarehk.so/surewarehk.dll/whatever. */ - surewarehk_dso = DSO_load(NULL, surewarehk_LIBNAME, NULL, 0); - if(surewarehk_dso == NULL) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_DSO_FAILURE); - goto err; - } - if(!(p1=(SureWareHook_Init_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Init)) || - !(p2=(SureWareHook_Finish_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Finish)) || - !(p3=(SureWareHook_Rand_Bytes_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rand_Bytes)) || - !(p4=(SureWareHook_Rand_Seed_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rand_Seed)) || - !(p5=(SureWareHook_Load_Privkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Privkey)) || - !(p6=(SureWareHook_Load_Rsa_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Rsa_Pubkey)) || - !(p7=(SureWareHook_Free_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Free)) || - !(p8=(SureWareHook_Rsa_Priv_Dec_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rsa_Priv_Dec)) || - !(p9=(SureWareHook_Rsa_Sign_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rsa_Sign)) || - !(p12=(SureWareHook_Dsa_Sign_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Dsa_Sign)) || - !(p13=(SureWareHook_Info_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Info_Pubkey)) || - !(p14=(SureWareHook_Load_Dsa_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Dsa_Pubkey)) || - !(p15=(SureWareHook_Mod_Exp_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Mod_Exp))) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_DSO_FAILURE); - goto err; - } - /* Copy the pointers */ - p_surewarehk_Init = p1; - p_surewarehk_Finish = p2; - p_surewarehk_Rand_Bytes = p3; - p_surewarehk_Rand_Seed = p4; - p_surewarehk_Load_Privkey = p5; - p_surewarehk_Load_Rsa_Pubkey = p6; - p_surewarehk_Free = p7; - p_surewarehk_Rsa_Priv_Dec = p8; - p_surewarehk_Rsa_Sign = p9; - p_surewarehk_Dsa_Sign = p12; - p_surewarehk_Info_Pubkey = p13; - p_surewarehk_Load_Dsa_Pubkey = p14; - p_surewarehk_Mod_Exp = p15; - /* Contact the hardware and initialises it. */ - if(p_surewarehk_Init(msg,threadsafe)==SUREWAREHOOK_ERROR_UNIT_FAILURE) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,SUREWARE_R_UNIT_FAILURE); - goto err; - } - if(p_surewarehk_Init(msg,threadsafe)==SUREWAREHOOK_ERROR_UNIT_FAILURE) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,SUREWARE_R_UNIT_FAILURE); - goto err; - } - /* try to load the default private key, if failed does not return a failure but - wait for an explicit ENGINE_load_privakey */ - surewarehk_load_privkey(e,NULL,NULL,NULL); - - /* Everything's fine. */ -#ifndef OPENSSL_NO_RSA - if (rsaHndidx == -1) - rsaHndidx = RSA_get_ex_new_index(0, - "SureWareHook RSA key handle", - NULL, NULL, surewarehk_ex_free); -#endif -#ifndef OPENSSL_NO_DSA - if (dsaHndidx == -1) - dsaHndidx = DSA_get_ex_new_index(0, - "SureWareHook DSA key handle", - NULL, NULL, surewarehk_ex_free); -#endif - - return 1; -err: - if(surewarehk_dso) - DSO_free(surewarehk_dso); - surewarehk_dso = NULL; - p_surewarehk_Init = NULL; - p_surewarehk_Finish = NULL; - p_surewarehk_Rand_Bytes = NULL; - p_surewarehk_Rand_Seed = NULL; - p_surewarehk_Load_Privkey = NULL; - p_surewarehk_Load_Rsa_Pubkey = NULL; - p_surewarehk_Free = NULL; - p_surewarehk_Rsa_Priv_Dec = NULL; - p_surewarehk_Rsa_Sign = NULL; - p_surewarehk_Dsa_Sign = NULL; - p_surewarehk_Info_Pubkey = NULL; - p_surewarehk_Load_Dsa_Pubkey = NULL; - p_surewarehk_Mod_Exp = NULL; - return 0; -} - -static int surewarehk_finish(ENGINE *e) -{ - int to_return = 1; - if(surewarehk_dso == NULL) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH,ENGINE_R_NOT_LOADED); - to_return = 0; - goto err; - } - p_surewarehk_Finish(); - if(!DSO_free(surewarehk_dso)) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH,ENGINE_R_DSO_FAILURE); - to_return = 0; - goto err; - } - err: - if (logstream) - BIO_free(logstream); - surewarehk_dso = NULL; - p_surewarehk_Init = NULL; - p_surewarehk_Finish = NULL; - p_surewarehk_Rand_Bytes = NULL; - p_surewarehk_Rand_Seed = NULL; - p_surewarehk_Load_Privkey = NULL; - p_surewarehk_Load_Rsa_Pubkey = NULL; - p_surewarehk_Free = NULL; - p_surewarehk_Rsa_Priv_Dec = NULL; - p_surewarehk_Rsa_Sign = NULL; - p_surewarehk_Dsa_Sign = NULL; - p_surewarehk_Info_Pubkey = NULL; - p_surewarehk_Load_Dsa_Pubkey = NULL; - p_surewarehk_Mod_Exp = NULL; - return to_return; -} - -static void surewarehk_error_handling(char *const msg,int func,int ret) -{ - switch (ret) - { - case SUREWAREHOOK_ERROR_UNIT_FAILURE: - ENGINEerr(func,SUREWARE_R_UNIT_FAILURE); - break; - case SUREWAREHOOK_ERROR_FALLBACK: - ENGINEerr(func,SUREWARE_R_REQUEST_FALLBACK); - break; - case SUREWAREHOOK_ERROR_DATA_SIZE: - ENGINEerr(func,SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - break; - case SUREWAREHOOK_ERROR_INVALID_PAD: - ENGINEerr(func,RSA_R_PADDING_CHECK_FAILED); - break; - default: - ENGINEerr(func,SUREWARE_R_REQUEST_FAILED); - break; - case 1:/*nothing*/ - msg[0]='\0'; - } - if (*msg) - { - ERR_add_error_data(1,msg); - if (logstream) - { - CRYPTO_w_lock(CRYPTO_LOCK_BIO); - BIO_write(logstream, msg, strlen(msg)); - CRYPTO_w_unlock(CRYPTO_LOCK_BIO); - } - } -} - -static int surewarehk_rand_bytes(unsigned char *buf, int num) -{ - int ret=0; - char msg[64]="ENGINE_rand_bytes"; - if(!p_surewarehk_Rand_Bytes) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_BYTES,ENGINE_R_NOT_INITIALISED); - } - else - { - ret = p_surewarehk_Rand_Bytes(msg,buf, num); - surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_BYTES,ret); - } - return ret==1 ? 1 : 0; -} - -static void surewarehk_rand_seed(const void *buf, int num) -{ - int ret=0; - char msg[64]="ENGINE_rand_seed"; - if(!p_surewarehk_Rand_Seed) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED,ENGINE_R_NOT_INITIALISED); - } - else - { - ret = p_surewarehk_Rand_Seed(msg,buf, num); - surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_SEED,ret); - } -} - -static void surewarehk_rand_add(const void *buf, int num, double entropy) -{ - surewarehk_rand_seed(buf,num); -} - -static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,unsigned long el,char keytype) -{ - EVP_PKEY *res = NULL; -#ifndef OPENSSL_NO_RSA - RSA *rsatmp = NULL; -#endif -#ifndef OPENSSL_NO_DSA - DSA *dsatmp=NULL; -#endif - char msg[64]="sureware_load_public"; - int ret=0; - if(!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED); - goto err; - } - switch (keytype) - { -#ifndef OPENSSL_NO_RSA - case 1: /*RSA*/ - /* set private external reference */ - rsatmp = RSA_new_method(e); - RSA_set_ex_data(rsatmp,rsaHndidx,hptr); - rsatmp->flags |= RSA_FLAG_EXT_PKEY; - - /* set public big nums*/ - rsatmp->e = BN_new(); - rsatmp->n = BN_new(); - bn_expand2(rsatmp->e, el/sizeof(BN_ULONG)); - bn_expand2(rsatmp->n, el/sizeof(BN_ULONG)); - if (!rsatmp->e || rsatmp->e->dmax!=(int)(el/sizeof(BN_ULONG))|| - !rsatmp->n || rsatmp->n->dmax!=(int)(el/sizeof(BN_ULONG))) - goto err; - ret=p_surewarehk_Load_Rsa_Pubkey(msg,key_id,el, - (unsigned long *)rsatmp->n->d, - (unsigned long *)rsatmp->e->d); - surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret); - if (ret!=1) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY); - goto err; - } - /* normalise pub e and pub n */ - rsatmp->e->top=el/sizeof(BN_ULONG); - bn_fix_top(rsatmp->e); - rsatmp->n->top=el/sizeof(BN_ULONG); - bn_fix_top(rsatmp->n); - /* create an EVP object: engine + rsa key */ - res = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(res, rsatmp); - break; -#endif - -#ifndef OPENSSL_NO_DSA - case 2:/*DSA*/ - /* set private/public external reference */ - dsatmp = DSA_new_method(e); - DSA_set_ex_data(dsatmp,dsaHndidx,hptr); - /*dsatmp->flags |= DSA_FLAG_EXT_PKEY;*/ - - /* set public key*/ - dsatmp->pub_key = BN_new(); - dsatmp->p = BN_new(); - dsatmp->q = BN_new(); - dsatmp->g = BN_new(); - bn_expand2(dsatmp->pub_key, el/sizeof(BN_ULONG)); - bn_expand2(dsatmp->p, el/sizeof(BN_ULONG)); - bn_expand2(dsatmp->q, 20/sizeof(BN_ULONG)); - bn_expand2(dsatmp->g, el/sizeof(BN_ULONG)); - if (!dsatmp->pub_key || dsatmp->pub_key->dmax!=(int)(el/sizeof(BN_ULONG))|| - !dsatmp->p || dsatmp->p->dmax!=(int)(el/sizeof(BN_ULONG)) || - !dsatmp->q || dsatmp->q->dmax!=20/sizeof(BN_ULONG) || - !dsatmp->g || dsatmp->g->dmax!=(int)(el/sizeof(BN_ULONG))) - goto err; - - ret=p_surewarehk_Load_Dsa_Pubkey(msg,key_id,el, - (unsigned long *)dsatmp->pub_key->d, - (unsigned long *)dsatmp->p->d, - (unsigned long *)dsatmp->q->d, - (unsigned long *)dsatmp->g->d); - surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret); - if (ret!=1) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY); - goto err; - } - /* set parameters */ - /* normalise pubkey and parameters in case of */ - dsatmp->pub_key->top=el/sizeof(BN_ULONG); - bn_fix_top(dsatmp->pub_key); - dsatmp->p->top=el/sizeof(BN_ULONG); - bn_fix_top(dsatmp->p); - dsatmp->q->top=20/sizeof(BN_ULONG); - bn_fix_top(dsatmp->q); - dsatmp->g->top=el/sizeof(BN_ULONG); - bn_fix_top(dsatmp->g); - - /* create an EVP object: engine + rsa key */ - res = EVP_PKEY_new(); - EVP_PKEY_assign_DSA(res, dsatmp); - break; -#endif - - default: - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - return res; - err: - if (res) - EVP_PKEY_free(res); -#ifndef OPENSSL_NO_RSA - if (rsatmp) - RSA_free(rsatmp); -#endif -#ifndef OPENSSL_NO_DSA - if (dsatmp) - DSA_free(dsatmp); -#endif - return NULL; -} - -static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - EVP_PKEY *res = NULL; - int ret=0; - unsigned long el=0; - char *hptr=NULL; - char keytype=0; - char msg[64]="ENGINE_load_privkey"; - - if(!p_surewarehk_Load_Privkey) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_NOT_INITIALISED); - } - else - { - ret=p_surewarehk_Load_Privkey(msg,key_id,&hptr,&el,&keytype); - if (ret!=1) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY); - ERR_add_error_data(1,msg); - } - else - res=sureware_load_public(e,key_id,hptr,el,keytype); - } - return res; -} - -static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - EVP_PKEY *res = NULL; - int ret=0; - unsigned long el=0; - char *hptr=NULL; - char keytype=0; - char msg[64]="ENGINE_load_pubkey"; - - if(!p_surewarehk_Info_Pubkey) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED); - } - else - { - /* call once to identify if DSA or RSA */ - ret=p_surewarehk_Info_Pubkey(msg,key_id,&el,&keytype); - if (ret!=1) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY); - ERR_add_error_data(1,msg); - } - else - res=sureware_load_public(e,key_id,hptr,el,keytype); - } - return res; -} - -/* This cleans up an RSA/DSA KM key(do not destroy the key into the hardware) -, called when ex_data is freed */ -static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx,long argl, void *argp) -{ - if(!p_surewarehk_Free) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED); - } - else - p_surewarehk_Free((char *)item,0); -} - -#if 0 -/* This cleans up an DH KM key (destroys the key into hardware), -called when ex_data is freed */ -static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx,long argl, void *argp) -{ - if(!p_surewarehk_Free) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED); - } - else - p_surewarehk_Free((char *)item,1); -} -#endif - -/* -* return number of decrypted bytes -*/ -#ifndef OPENSSL_NO_RSA -static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to, - RSA *rsa,int padding) -{ - int ret=0,tlen; - char *buf=NULL,*hptr=NULL; - char msg[64]="ENGINE_rsa_priv_dec"; - if (!p_surewarehk_Rsa_Priv_Dec) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ENGINE_R_NOT_INITIALISED); - } - /* extract ref to private key */ - else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx))) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,SUREWARE_R_MISSING_KEY_COMPONENTS); - goto err; - } - /* analyse what padding we can do into the hardware */ - if (padding==RSA_PKCS1_PADDING) - { - /* do it one shot */ - ret=p_surewarehk_Rsa_Priv_Dec(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD); - surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ret); - if (ret!=1) - goto err; - ret=tlen; - } - else /* do with no padding into hardware */ - { - ret=p_surewarehk_Rsa_Priv_Dec(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_NO_PAD); - surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ret); - if (ret!=1) - goto err; - /* intermediate buffer for padding */ - if ((buf=OPENSSL_malloc(tlen)) == NULL) - { - RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(buf,to,tlen);/* transfert to into buf */ - switch (padding) /* check padding in software */ - { -#ifndef OPENSSL_NO_SHA - case RSA_PKCS1_OAEP_PADDING: - ret=RSA_padding_check_PKCS1_OAEP(to,tlen,(unsigned char *)buf,tlen,tlen,NULL,0); - break; -#endif - case RSA_SSLV23_PADDING: - ret=RSA_padding_check_SSLv23(to,tlen,(unsigned char *)buf,flen,tlen); - break; - case RSA_NO_PADDING: - ret=RSA_padding_check_none(to,tlen,(unsigned char *)buf,flen,tlen); - break; - default: - RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (ret < 0) - RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_PADDING_CHECK_FAILED); - } -err: - if (buf) - { - OPENSSL_cleanse(buf,tlen); - OPENSSL_free(buf); - } - return ret; -} - -/* -* Does what OpenSSL rsa_priv_enc does. -*/ -static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to, - RSA *rsa,int padding) -{ - int ret=0,tlen; - char *hptr=NULL; - char msg[64]="ENGINE_rsa_sign"; - if (!p_surewarehk_Rsa_Sign) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ENGINE_R_NOT_INITIALISED); - } - /* extract ref to private key */ - else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx))) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,SUREWARE_R_MISSING_KEY_COMPONENTS); - } - else - { - switch (padding) - { - case RSA_PKCS1_PADDING: /* do it in one shot */ - ret=p_surewarehk_Rsa_Sign(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD); - surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ret); - break; - case RSA_NO_PADDING: - default: - RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,RSA_R_UNKNOWN_PADDING_TYPE); - } - } - return ret==1 ? tlen : ret; -} - -#endif - -#ifndef OPENSSL_NO_DSA -/* DSA sign and verify */ -static DSA_SIG * surewarehk_dsa_do_sign(const unsigned char *from, int flen, DSA *dsa) -{ - int ret=0; - char *hptr=NULL; - DSA_SIG *psign=NULL; - char msg[64]="ENGINE_dsa_do_sign"; - if (!p_surewarehk_Dsa_Sign) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ENGINE_R_NOT_INITIALISED); - } - /* extract ref to private key */ - else if (!(hptr=DSA_get_ex_data(dsa, dsaHndidx))) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,SUREWARE_R_MISSING_KEY_COMPONENTS); - } - else - { - if((psign = DSA_SIG_new()) == NULL) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ERR_R_MALLOC_FAILURE); - goto err; - } - psign->r=BN_new(); - psign->s=BN_new(); - bn_expand2(psign->r, 20/sizeof(BN_ULONG)); - bn_expand2(psign->s, 20/sizeof(BN_ULONG)); - if (!psign->r || psign->r->dmax!=20/sizeof(BN_ULONG) || - !psign->s || psign->s->dmax!=20/sizeof(BN_ULONG)) - goto err; - ret=p_surewarehk_Dsa_Sign(msg,flen,from, - (unsigned long *)psign->r->d, - (unsigned long *)psign->s->d, - hptr); - surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ret); - } - psign->r->top=20/sizeof(BN_ULONG); - bn_fix_top(psign->r); - psign->s->top=20/sizeof(BN_ULONG); - bn_fix_top(psign->s); - -err: - if (psign) - { - DSA_SIG_free(psign); - psign=NULL; - } - return psign; -} -#endif - -static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) -{ - int ret=0; - char msg[64]="ENGINE_modexp"; - if (!p_surewarehk_Mod_Exp) - { - SUREWAREerr(SUREWARE_F_SUREWAREHK_MOD_EXP,ENGINE_R_NOT_INITIALISED); - } - else - { - bn_expand2(r,m->top); - if (r && r->dmax==m->top) - { - /* do it*/ - ret=p_surewarehk_Mod_Exp(msg, - m->top*sizeof(BN_ULONG), - (unsigned long *)m->d, - p->top*sizeof(BN_ULONG), - (unsigned long *)p->d, - a->top*sizeof(BN_ULONG), - (unsigned long *)a->d, - (unsigned long *)r->d); - surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_MOD_EXP,ret); - if (ret==1) - { - /* normalise result */ - r->top=m->top; - bn_fix_top(r); - } - } - } - return ret; -} -#endif /* !OPENSSL_NO_HW_SureWare */ -#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_sureware_err.c b/src/lib/libcrypto/engine/hw_sureware_err.c deleted file mode 100644 index 69955dadbb..0000000000 --- a/src/lib/libcrypto/engine/hw_sureware_err.c +++ /dev/null @@ -1,150 +0,0 @@ -/* hw_sureware_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "hw_sureware_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA SUREWARE_str_functs[]= - { -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_CTRL,0), "SUREWAREHK_CTRL"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,0), "SUREWAREHK_DSA_DO_SIGN"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_EX_FREE,0), "SUREWAREHK_EX_FREE"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_FINISH,0), "SUREWAREHK_FINISH"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_INIT,0), "SUREWAREHK_INIT"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,0), "SUREWAREHK_LOAD_PRIVATE_KEY"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,0), "SUREWAREHK_LOAD_PUBLIC_KEY"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_MOD_EXP,0), "SUREWAREHK_MOD_EXP"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RAND_BYTES,0), "SUREWAREHK_RAND_BYTES"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RAND_SEED,0), "SUREWAREHK_RAND_SEED"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,0), "SUREWAREHK_RSA_PRIV_DEC"}, -{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,0), "SUREWAREHK_RSA_PRIV_ENC"}, -{0,NULL} - }; - -static ERR_STRING_DATA SUREWARE_str_reasons[]= - { -{SUREWARE_R_BIO_WAS_FREED ,"bio was freed"}, -{SUREWARE_R_MISSING_KEY_COMPONENTS ,"missing key components"}, -{SUREWARE_R_REQUEST_FAILED ,"request failed"}, -{SUREWARE_R_REQUEST_FALLBACK ,"request fallback"}, -{SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL ,"size too large or too small"}, -{SUREWARE_R_UNIT_FAILURE ,"unit failure"}, -{0,NULL} - }; - -#endif - -#ifdef SUREWARE_LIB_NAME -static ERR_STRING_DATA SUREWARE_lib_name[]= - { -{0 ,SUREWARE_LIB_NAME}, -{0,NULL} - }; -#endif - - -static int SUREWARE_lib_error_code=0; -static int SUREWARE_error_init=1; - -static void ERR_load_SUREWARE_strings(void) - { - if (SUREWARE_lib_error_code == 0) - SUREWARE_lib_error_code=ERR_get_next_error_library(); - - if (SUREWARE_error_init) - { - SUREWARE_error_init=0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(SUREWARE_lib_error_code,SUREWARE_str_functs); - ERR_load_strings(SUREWARE_lib_error_code,SUREWARE_str_reasons); -#endif - -#ifdef SUREWARE_LIB_NAME - SUREWARE_lib_name->error = ERR_PACK(SUREWARE_lib_error_code,0,0); - ERR_load_strings(0,SUREWARE_lib_name); -#endif - } - } - -static void ERR_unload_SUREWARE_strings(void) - { - if (SUREWARE_error_init == 0) - { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(SUREWARE_lib_error_code,SUREWARE_str_functs); - ERR_unload_strings(SUREWARE_lib_error_code,SUREWARE_str_reasons); -#endif - -#ifdef SUREWARE_LIB_NAME - ERR_unload_strings(0,SUREWARE_lib_name); -#endif - SUREWARE_error_init=1; - } - } - -static void ERR_SUREWARE_error(int function, int reason, char *file, int line) - { - if (SUREWARE_lib_error_code == 0) - SUREWARE_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(SUREWARE_lib_error_code,function,reason,file,line); - } diff --git a/src/lib/libcrypto/engine/hw_sureware_err.h b/src/lib/libcrypto/engine/hw_sureware_err.h deleted file mode 100644 index bc52af5e05..0000000000 --- a/src/lib/libcrypto/engine/hw_sureware_err.h +++ /dev/null @@ -1,94 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_SUREWARE_ERR_H -#define HEADER_SUREWARE_ERR_H - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_SUREWARE_strings(void); -static void ERR_unload_SUREWARE_strings(void); -static void ERR_SUREWARE_error(int function, int reason, char *file, int line); -#define SUREWAREerr(f,r) ERR_SUREWARE_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the SUREWARE functions. */ - -/* Function codes. */ -#define SUREWARE_F_SUREWAREHK_CTRL 100 -#define SUREWARE_F_SUREWAREHK_DSA_DO_SIGN 101 -#define SUREWARE_F_SUREWAREHK_EX_FREE 102 -#define SUREWARE_F_SUREWAREHK_FINISH 103 -#define SUREWARE_F_SUREWAREHK_INIT 104 -#define SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY 105 -#define SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY 106 -#define SUREWARE_F_SUREWAREHK_MOD_EXP 107 -#define SUREWARE_F_SUREWAREHK_RAND_BYTES 108 -#define SUREWARE_F_SUREWAREHK_RAND_SEED 109 -#define SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC 110 -#define SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC 111 - -/* Reason codes. */ -#define SUREWARE_R_BIO_WAS_FREED 100 -#define SUREWARE_R_MISSING_KEY_COMPONENTS 105 -#define SUREWARE_R_REQUEST_FAILED 101 -#define SUREWARE_R_REQUEST_FALLBACK 102 -#define SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL 103 -#define SUREWARE_R_UNIT_FAILURE 104 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/engine/hw_ubsec.c b/src/lib/libcrypto/engine/hw_ubsec.c deleted file mode 100644 index 8fb834af31..0000000000 --- a/src/lib/libcrypto/engine/hw_ubsec.c +++ /dev/null @@ -1,1061 +0,0 @@ -/* crypto/engine/hw_ubsec.c */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - * - * Cloned shamelessly by Joe Tardo. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_UBSEC - -#ifdef FLAT_INC -#include "hw_ubsec.h" -#else -#include "vendor_defns/hw_ubsec.h" -#endif - -#define UBSEC_LIB_NAME "ubsec engine" -#include "hw_ubsec_err.c" - -#define FAIL_TO_SOFTWARE -15 - -static int ubsec_destroy(ENGINE *e); -static int ubsec_init(ENGINE *e); -static int ubsec_finish(ENGINE *e); -static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); -static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dp, - const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx); -#ifndef OPENSSL_NO_RSA -static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); -#endif -static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -#ifndef OPENSSL_NO_DSA -#ifdef NOT_USED -static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); -static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -#endif -static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); -static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); -#endif -#ifndef OPENSSL_NO_DH -static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -static int ubsec_dh_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); -static int ubsec_dh_generate_key(DH *dh); -#endif - -#ifdef NOT_USED -static int ubsec_rand_bytes(unsigned char *buf, int num); -static int ubsec_rand_status(void); -#endif - -#define UBSEC_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN ubsec_cmd_defns[] = { - {UBSEC_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'ubsec' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} - }; - -#ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD ubsec_rsa = - { - "UBSEC RSA method", - NULL, - NULL, - NULL, - NULL, - ubsec_rsa_mod_exp, - ubsec_mod_exp_mont, - NULL, - NULL, - 0, - NULL, - NULL, - NULL - }; -#endif - -#ifndef OPENSSL_NO_DSA -/* Our internal DSA_METHOD that we provide pointers to */ -static DSA_METHOD ubsec_dsa = - { - "UBSEC DSA method", - ubsec_dsa_do_sign, /* dsa_do_sign */ - NULL, /* dsa_sign_setup */ - ubsec_dsa_verify, /* dsa_do_verify */ - NULL, /* ubsec_dsa_mod_exp */ /* dsa_mod_exp */ - NULL, /* ubsec_mod_exp_dsa */ /* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL /* app_data */ - }; -#endif - -#ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD ubsec_dh = - { - "UBSEC DH method", - ubsec_dh_generate_key, - ubsec_dh_compute_key, - ubsec_mod_exp_dh, - NULL, - NULL, - 0, - NULL - }; -#endif - -/* Constants used when creating the ENGINE */ -static const char *engine_ubsec_id = "ubsec"; -static const char *engine_ubsec_name = "UBSEC hardware engine support"; - -/* This internal function is used by ENGINE_ubsec() and possibly by the - * "dynamic" ENGINE support too */ -static int bind_helper(ENGINE *e) - { -#ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -#endif -#ifndef OPENSSL_NO_DH -#ifndef HAVE_UBSEC_DH - const DH_METHOD *meth3; -#endif /* HAVE_UBSEC_DH */ -#endif - if(!ENGINE_set_id(e, engine_ubsec_id) || - !ENGINE_set_name(e, engine_ubsec_name) || -#ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &ubsec_rsa) || -#endif -#ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &ubsec_dsa) || -#endif -#ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &ubsec_dh) || -#endif - !ENGINE_set_destroy_function(e, ubsec_destroy) || - !ENGINE_set_init_function(e, ubsec_init) || - !ENGINE_set_finish_function(e, ubsec_finish) || - !ENGINE_set_ctrl_function(e, ubsec_ctrl) || - !ENGINE_set_cmd_defns(e, ubsec_cmd_defns)) - return 0; - -#ifndef OPENSSL_NO_RSA - /* We know that the "PKCS1_SSLeay()" functions hook properly - * to the Broadcom-specific mod_exp and mod_exp_crt so we use - * those functions. NB: We don't use ENGINE_openssl() or - * anything "more generic" because something like the RSAref - * code may not hook properly, and if you own one of these - * cards then you have the right to do RSA operations on it - * anyway! */ - meth1 = RSA_PKCS1_SSLeay(); - ubsec_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -#endif - -#ifndef OPENSSL_NO_DH -#ifndef HAVE_UBSEC_DH - /* Much the same for Diffie-Hellman */ - meth3 = DH_OpenSSL(); - ubsec_dh.generate_key = meth3->generate_key; - ubsec_dh.compute_key = meth3->compute_key; -#endif /* HAVE_UBSEC_DH */ -#endif - - /* Ensure the ubsec error handling is set up */ - ERR_load_UBSEC_strings(); - return 1; - } - -#ifndef ENGINE_DYNAMIC_SUPPORT -static ENGINE *engine_ubsec(void) - { - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_helper(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; - } - -void ENGINE_load_ubsec(void) - { - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_ubsec(); - if(!toadd) return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); - } -#endif - -/* This is a process-global DSO handle used for loading and unloading - * the UBSEC library. NB: This is only set (or unset) during an - * init() or finish() call (reference counts permitting) and they're - * operating with global locks, so this should be thread-safe - * implicitly. */ - -static DSO *ubsec_dso = NULL; - -/* These are the function pointers that are (un)set when the library has - * successfully (un)loaded. */ - -static t_UBSEC_ubsec_bytes_to_bits *p_UBSEC_ubsec_bytes_to_bits = NULL; -static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL; -static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL; -static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL; -#ifndef OPENSSL_NO_DH -static t_UBSEC_diffie_hellman_generate_ioctl - *p_UBSEC_diffie_hellman_generate_ioctl = NULL; -static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL; -#endif -/* #ifndef OPENSSL_NO_RSA */ -static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL; -static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; -/* #endif */ -#ifndef OPENSSL_NO_DSA -static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL; -static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL; -#endif -static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL; -static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL; -static t_UBSEC_max_key_len_ioctl *p_UBSEC_max_key_len_ioctl = NULL; - -static int max_key_len = 1024; /* ??? */ - -/* - * These are the static string constants for the DSO file name and the function - * symbol names to bind to. - */ - -static const char *UBSEC_LIBNAME = NULL; -static const char *get_UBSEC_LIBNAME(void) - { - if(UBSEC_LIBNAME) - return UBSEC_LIBNAME; - return "ubsec"; - } -static void free_UBSEC_LIBNAME(void) - { - if(UBSEC_LIBNAME) - OPENSSL_free((void*)UBSEC_LIBNAME); - UBSEC_LIBNAME = NULL; - } -static long set_UBSEC_LIBNAME(const char *name) - { - free_UBSEC_LIBNAME(); - return (((UBSEC_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); - } -static const char *UBSEC_F1 = "ubsec_bytes_to_bits"; -static const char *UBSEC_F2 = "ubsec_bits_to_bytes"; -static const char *UBSEC_F3 = "ubsec_open"; -static const char *UBSEC_F4 = "ubsec_close"; -#ifndef OPENSSL_NO_DH -static const char *UBSEC_F5 = "diffie_hellman_generate_ioctl"; -static const char *UBSEC_F6 = "diffie_hellman_agree_ioctl"; -#endif -/* #ifndef OPENSSL_NO_RSA */ -static const char *UBSEC_F7 = "rsa_mod_exp_ioctl"; -static const char *UBSEC_F8 = "rsa_mod_exp_crt_ioctl"; -/* #endif */ -#ifndef OPENSSL_NO_DSA -static const char *UBSEC_F9 = "dsa_sign_ioctl"; -static const char *UBSEC_F10 = "dsa_verify_ioctl"; -#endif -static const char *UBSEC_F11 = "math_accelerate_ioctl"; -static const char *UBSEC_F12 = "rng_ioctl"; -static const char *UBSEC_F13 = "ubsec_max_key_len_ioctl"; - -/* Destructor (complements the "ENGINE_ubsec()" constructor) */ -static int ubsec_destroy(ENGINE *e) - { - free_UBSEC_LIBNAME(); - ERR_unload_UBSEC_strings(); - return 1; - } - -/* (de)initialisation functions. */ -static int ubsec_init(ENGINE *e) - { - t_UBSEC_ubsec_bytes_to_bits *p1; - t_UBSEC_ubsec_bits_to_bytes *p2; - t_UBSEC_ubsec_open *p3; - t_UBSEC_ubsec_close *p4; -#ifndef OPENSSL_NO_DH - t_UBSEC_diffie_hellman_generate_ioctl *p5; - t_UBSEC_diffie_hellman_agree_ioctl *p6; -#endif -/* #ifndef OPENSSL_NO_RSA */ - t_UBSEC_rsa_mod_exp_ioctl *p7; - t_UBSEC_rsa_mod_exp_crt_ioctl *p8; -/* #endif */ -#ifndef OPENSSL_NO_DSA - t_UBSEC_dsa_sign_ioctl *p9; - t_UBSEC_dsa_verify_ioctl *p10; -#endif - t_UBSEC_math_accelerate_ioctl *p11; - t_UBSEC_rng_ioctl *p12; - t_UBSEC_max_key_len_ioctl *p13; - int fd = 0; - - if(ubsec_dso != NULL) - { - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_ALREADY_LOADED); - goto err; - } - /* - * Attempt to load libubsec.so/ubsec.dll/whatever. - */ - ubsec_dso = DSO_load(NULL, get_UBSEC_LIBNAME(), NULL, 0); - if(ubsec_dso == NULL) - { - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE); - goto err; - } - - if ( - !(p1 = (t_UBSEC_ubsec_bytes_to_bits *) DSO_bind_func(ubsec_dso, UBSEC_F1)) || - !(p2 = (t_UBSEC_ubsec_bits_to_bytes *) DSO_bind_func(ubsec_dso, UBSEC_F2)) || - !(p3 = (t_UBSEC_ubsec_open *) DSO_bind_func(ubsec_dso, UBSEC_F3)) || - !(p4 = (t_UBSEC_ubsec_close *) DSO_bind_func(ubsec_dso, UBSEC_F4)) || -#ifndef OPENSSL_NO_DH - !(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F5)) || - !(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F6)) || -#endif -/* #ifndef OPENSSL_NO_RSA */ - !(p7 = (t_UBSEC_rsa_mod_exp_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F7)) || - !(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F8)) || -/* #endif */ -#ifndef OPENSSL_NO_DSA - !(p9 = (t_UBSEC_dsa_sign_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F9)) || - !(p10 = (t_UBSEC_dsa_verify_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F10)) || -#endif - !(p11 = (t_UBSEC_math_accelerate_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F11)) || - !(p12 = (t_UBSEC_rng_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F12)) || - !(p13 = (t_UBSEC_max_key_len_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F13))) - { - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE); - goto err; - } - - /* Copy the pointers */ - p_UBSEC_ubsec_bytes_to_bits = p1; - p_UBSEC_ubsec_bits_to_bytes = p2; - p_UBSEC_ubsec_open = p3; - p_UBSEC_ubsec_close = p4; -#ifndef OPENSSL_NO_DH - p_UBSEC_diffie_hellman_generate_ioctl = p5; - p_UBSEC_diffie_hellman_agree_ioctl = p6; -#endif -#ifndef OPENSSL_NO_RSA - p_UBSEC_rsa_mod_exp_ioctl = p7; - p_UBSEC_rsa_mod_exp_crt_ioctl = p8; -#endif -#ifndef OPENSSL_NO_DSA - p_UBSEC_dsa_sign_ioctl = p9; - p_UBSEC_dsa_verify_ioctl = p10; -#endif - p_UBSEC_math_accelerate_ioctl = p11; - p_UBSEC_rng_ioctl = p12; - p_UBSEC_max_key_len_ioctl = p13; - - /* Perform an open to see if there's actually any unit running. */ - if (((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) > 0) && (p_UBSEC_max_key_len_ioctl(fd, &max_key_len) == 0)) - { - p_UBSEC_ubsec_close(fd); - return 1; - } - else - { - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE); - } - -err: - if(ubsec_dso) - DSO_free(ubsec_dso); - ubsec_dso = NULL; - p_UBSEC_ubsec_bytes_to_bits = NULL; - p_UBSEC_ubsec_bits_to_bytes = NULL; - p_UBSEC_ubsec_open = NULL; - p_UBSEC_ubsec_close = NULL; -#ifndef OPENSSL_NO_DH - p_UBSEC_diffie_hellman_generate_ioctl = NULL; - p_UBSEC_diffie_hellman_agree_ioctl = NULL; -#endif -#ifndef OPENSSL_NO_RSA - p_UBSEC_rsa_mod_exp_ioctl = NULL; - p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; -#endif -#ifndef OPENSSL_NO_DSA - p_UBSEC_dsa_sign_ioctl = NULL; - p_UBSEC_dsa_verify_ioctl = NULL; -#endif - p_UBSEC_math_accelerate_ioctl = NULL; - p_UBSEC_rng_ioctl = NULL; - p_UBSEC_max_key_len_ioctl = NULL; - - return 0; - } - -static int ubsec_finish(ENGINE *e) - { - free_UBSEC_LIBNAME(); - if(ubsec_dso == NULL) - { - UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED); - return 0; - } - if(!DSO_free(ubsec_dso)) - { - UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_DSO_FAILURE); - return 0; - } - ubsec_dso = NULL; - p_UBSEC_ubsec_bytes_to_bits = NULL; - p_UBSEC_ubsec_bits_to_bytes = NULL; - p_UBSEC_ubsec_open = NULL; - p_UBSEC_ubsec_close = NULL; -#ifndef OPENSSL_NO_DH - p_UBSEC_diffie_hellman_generate_ioctl = NULL; - p_UBSEC_diffie_hellman_agree_ioctl = NULL; -#endif -#ifndef OPENSSL_NO_RSA - p_UBSEC_rsa_mod_exp_ioctl = NULL; - p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; -#endif -#ifndef OPENSSL_NO_DSA - p_UBSEC_dsa_sign_ioctl = NULL; - p_UBSEC_dsa_verify_ioctl = NULL; -#endif - p_UBSEC_math_accelerate_ioctl = NULL; - p_UBSEC_rng_ioctl = NULL; - p_UBSEC_max_key_len_ioctl = NULL; - return 1; - } - -static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) - { - int initialised = ((ubsec_dso == NULL) ? 0 : 1); - switch(cmd) - { - case UBSEC_CMD_SO_PATH: - if(p == NULL) - { - UBSECerr(UBSEC_F_UBSEC_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if(initialised) - { - UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_ALREADY_LOADED); - return 0; - } - return set_UBSEC_LIBNAME((const char *)p); - default: - break; - } - UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; - } - -static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) - { - int y_len = 0; - int fd; - - if(ubsec_dso == NULL) - { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_NOT_LOADED); - return 0; - } - - /* Check if hardware can't handle this argument. */ - y_len = BN_num_bits(m); - if (y_len > max_key_len) { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return BN_mod_exp(r, a, p, m, ctx); - } - - if(!bn_wexpand(r, m->top)) - { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_BN_EXPAND_FAIL); - return 0; - } - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - fd = 0; - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE); - return BN_mod_exp(r, a, p, m, ctx); - } - - if (p_UBSEC_rsa_mod_exp_ioctl(fd, (unsigned char *)a->d, BN_num_bits(a), - (unsigned char *)m->d, BN_num_bits(m), (unsigned char *)p->d, - BN_num_bits(p), (unsigned char *)r->d, &y_len) != 0) - { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - - return BN_mod_exp(r, a, p, m, ctx); - } - - p_UBSEC_ubsec_close(fd); - - r->top = (BN_num_bits(m)+BN_BITS2-1)/BN_BITS2; - return 1; - } - -#ifndef OPENSSL_NO_RSA -static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) - { - BN_CTX *ctx; - int to_return = 0; - - if((ctx = BN_CTX_new()) == NULL) - goto err; - - if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) - { - UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP, UBSEC_R_MISSING_KEY_COMPONENTS); - goto err; - } - - to_return = ubsec_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, - rsa->dmq1, rsa->iqmp, ctx); - if (to_return == FAIL_TO_SOFTWARE) - { - /* - * Do in software as hardware failed. - */ - const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); - to_return = (*meth->rsa_mod_exp)(r0, I, rsa); - } -err: - if(ctx) - BN_CTX_free(ctx); - return to_return; - } -#endif - -static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dp, - const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx) - { - int y_len, - m_len, - fd; - - m_len = BN_num_bytes(p) + BN_num_bytes(q) + 1; - y_len = BN_num_bits(p) + BN_num_bits(q); - - /* Check if hardware can't handle this argument. */ - if (y_len > max_key_len) { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return FAIL_TO_SOFTWARE; - } - - if (!bn_wexpand(r, p->top + q->top + 1)) { - UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL); - return 0; - } - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - fd = 0; - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE); - return FAIL_TO_SOFTWARE; - } - - if (p_UBSEC_rsa_mod_exp_crt_ioctl(fd, - (unsigned char *)a->d, BN_num_bits(a), - (unsigned char *)qinv->d, BN_num_bits(qinv), - (unsigned char *)dp->d, BN_num_bits(dp), - (unsigned char *)p->d, BN_num_bits(p), - (unsigned char *)dq->d, BN_num_bits(dq), - (unsigned char *)q->d, BN_num_bits(q), - (unsigned char *)r->d, &y_len) != 0) { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - return FAIL_TO_SOFTWARE; - } - - p_UBSEC_ubsec_close(fd); - - r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1)/BN_BITS2; - return 1; -} - -#ifndef OPENSSL_NO_DSA -#ifdef NOT_USED -static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) - { - BIGNUM t; - int to_return = 0; - - BN_init(&t); - /* let rr = a1 ^ p1 mod m */ - if (!ubsec_mod_exp(rr,a1,p1,m,ctx)) goto end; - /* let t = a2 ^ p2 mod m */ - if (!ubsec_mod_exp(&t,a2,p2,m,ctx)) goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end; - to_return = 1; -end: - BN_free(&t); - return to_return; - } - -static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) - { - return ubsec_mod_exp(r, a, p, m, ctx); - } -#endif -#endif - -/* - * This function is aliased to mod_exp (with the mont stuff dropped). - */ -static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) - { - int ret = 0; - -#ifndef OPENSSL_NO_RSA - /* Do in software if the key is too large for the hardware. */ - if (BN_num_bits(m) > max_key_len) - { - const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); - ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx); - } - else -#endif - { - ret = ubsec_mod_exp(r, a, p, m, ctx); - } - - return ret; - } - -#ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) - { - return ubsec_mod_exp(r, a, p, m, ctx); - } -#endif - -#ifndef OPENSSL_NO_DSA -static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) - { - DSA_SIG *to_return = NULL; - int s_len = 160, r_len = 160, d_len, fd; - BIGNUM m, *r=NULL, *s=NULL; - - BN_init(&m); - - s = BN_new(); - r = BN_new(); - if ((s == NULL) || (r==NULL)) - goto err; - - d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dlen); - - if(!bn_wexpand(r, (160+BN_BITS2-1)/BN_BITS2) || - (!bn_wexpand(s, (160+BN_BITS2-1)/BN_BITS2))) { - UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL); - goto err; - } - - if (BN_bin2bn(dgst,dlen,&m) == NULL) { - UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL); - goto err; - } - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - const DSA_METHOD *meth; - fd = 0; - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE); - meth = DSA_OpenSSL(); - to_return = meth->dsa_do_sign(dgst, dlen, dsa); - goto err; - } - - if (p_UBSEC_dsa_sign_ioctl(fd, 0, /* compute hash before signing */ - (unsigned char *)dgst, d_len, - NULL, 0, /* compute random value */ - (unsigned char *)dsa->p->d, BN_num_bits(dsa->p), - (unsigned char *)dsa->q->d, BN_num_bits(dsa->q), - (unsigned char *)dsa->g->d, BN_num_bits(dsa->g), - (unsigned char *)dsa->priv_key->d, BN_num_bits(dsa->priv_key), - (unsigned char *)r->d, &r_len, - (unsigned char *)s->d, &s_len ) != 0) { - const DSA_METHOD *meth; - - UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - meth = DSA_OpenSSL(); - to_return = meth->dsa_do_sign(dgst, dlen, dsa); - - goto err; - } - - p_UBSEC_ubsec_close(fd); - - r->top = (160+BN_BITS2-1)/BN_BITS2; - s->top = (160+BN_BITS2-1)/BN_BITS2; - - to_return = DSA_SIG_new(); - if(to_return == NULL) { - UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL); - goto err; - } - - to_return->r = r; - to_return->s = s; - -err: - if (!to_return) { - if (r) BN_free(r); - if (s) BN_free(s); - } - BN_clear_free(&m); - return to_return; -} - -static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa) - { - int v_len, d_len; - int to_return = 0; - int fd; - BIGNUM v; - - BN_init(&v); - - if(!bn_wexpand(&v, dsa->p->top)) { - UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY ,UBSEC_R_BN_EXPAND_FAIL); - goto err; - } - - v_len = BN_num_bits(dsa->p); - - d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dgst_len); - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - const DSA_METHOD *meth; - fd = 0; - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE); - meth = DSA_OpenSSL(); - to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa); - goto err; - } - - if (p_UBSEC_dsa_verify_ioctl(fd, 0, /* compute hash before signing */ - (unsigned char *)dgst, d_len, - (unsigned char *)dsa->p->d, BN_num_bits(dsa->p), - (unsigned char *)dsa->q->d, BN_num_bits(dsa->q), - (unsigned char *)dsa->g->d, BN_num_bits(dsa->g), - (unsigned char *)dsa->pub_key->d, BN_num_bits(dsa->pub_key), - (unsigned char *)sig->r->d, BN_num_bits(sig->r), - (unsigned char *)sig->s->d, BN_num_bits(sig->s), - (unsigned char *)v.d, &v_len) != 0) { - const DSA_METHOD *meth; - UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY , UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - - meth = DSA_OpenSSL(); - to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa); - - goto err; - } - - p_UBSEC_ubsec_close(fd); - - to_return = 1; -err: - BN_clear_free(&v); - return to_return; - } -#endif - -#ifndef OPENSSL_NO_DH -static int ubsec_dh_compute_key (unsigned char *key,const BIGNUM *pub_key,DH *dh) - { - int ret = -1, - k_len, - fd; - - k_len = BN_num_bits(dh->p); - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) - { - const DH_METHOD *meth; - ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE); - meth = DH_OpenSSL(); - ret = meth->compute_key(key, pub_key, dh); - goto err; - } - - if (p_UBSEC_diffie_hellman_agree_ioctl(fd, - (unsigned char *)dh->priv_key->d, BN_num_bits(dh->priv_key), - (unsigned char *)pub_key->d, BN_num_bits(pub_key), - (unsigned char *)dh->p->d, BN_num_bits(dh->p), - key, &k_len) != 0) - { - /* Hardware's a no go, failover to software */ - const DH_METHOD *meth; - ENGINEerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - - meth = DH_OpenSSL(); - ret = meth->compute_key(key, pub_key, dh); - - goto err; - } - - p_UBSEC_ubsec_close(fd); - - ret = p_UBSEC_ubsec_bits_to_bytes(k_len); -err: - return ret; - } - -static int ubsec_dh_generate_key (DH *dh) - { - int ret = 0, - random_bits = 0, - pub_key_len = 0, - priv_key_len = 0, - fd; - BIGNUM *pub_key = NULL; - BIGNUM *priv_key = NULL; - - /* - * How many bits should Random x be? dh_key.c - * sets the range from 0 to num_bits(modulus) ??? - */ - - if (dh->priv_key == NULL) - { - priv_key = BN_new(); - if (priv_key == NULL) goto err; - priv_key_len = BN_num_bits(dh->p); - bn_wexpand(priv_key, dh->p->top); - do - if (!BN_rand_range(priv_key, dh->p)) goto err; - while (BN_is_zero(priv_key)); - random_bits = BN_num_bits(priv_key); - } - else - { - priv_key = dh->priv_key; - } - - if (dh->pub_key == NULL) - { - pub_key = BN_new(); - pub_key_len = BN_num_bits(dh->p); - bn_wexpand(pub_key, dh->p->top); - if(pub_key == NULL) goto err; - } - else - { - pub_key = dh->pub_key; - } - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) - { - const DH_METHOD *meth; - ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE); - meth = DH_OpenSSL(); - ret = meth->generate_key(dh); - goto err; - } - - if (p_UBSEC_diffie_hellman_generate_ioctl(fd, - (unsigned char *)priv_key->d, &priv_key_len, - (unsigned char *)pub_key->d, &pub_key_len, - (unsigned char *)dh->g->d, BN_num_bits(dh->g), - (unsigned char *)dh->p->d, BN_num_bits(dh->p), - 0, 0, random_bits) != 0) - { - /* Hardware's a no go, failover to software */ - const DH_METHOD *meth; - - ENGINEerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - - meth = DH_OpenSSL(); - ret = meth->generate_key(dh); - - goto err; - } - - p_UBSEC_ubsec_close(fd); - - dh->pub_key = pub_key; - dh->pub_key->top = (pub_key_len + BN_BITS2-1) / BN_BITS2; - dh->priv_key = priv_key; - dh->priv_key->top = (priv_key_len + BN_BITS2-1) / BN_BITS2; - - ret = 1; -err: - return ret; - } -#endif - -#ifdef NOT_USED -static int ubsec_rand_bytes(unsigned char * buf, - int num) - { - int ret = 0, - fd; - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) - { - const RAND_METHOD *meth; - ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE); - num = p_UBSEC_ubsec_bits_to_bytes(num); - meth = RAND_SSLeay(); - meth->seed(buf, num); - ret = meth->bytes(buf, num); - goto err; - } - - num *= 8; /* bytes to bits */ - - if (p_UBSEC_rng_ioctl(fd, - UBSEC_RNG_DIRECT, - buf, - &num) != 0) - { - /* Hardware's a no go, failover to software */ - const RAND_METHOD *meth; - - ENGINEerr(UBSEC_F_UBSEC_RNG_BYTES, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - - num = p_UBSEC_ubsec_bits_to_bytes(num); - meth = RAND_SSLeay(); - meth->seed(buf, num); - ret = meth->bytes(buf, num); - - goto err; - } - - p_UBSEC_ubsec_close(fd); - - ret = 1; -err: - return(ret); - } - - -static int ubsec_rand_status(void) - { - return 0; - } -#endif - -/* This stuff is needed if this ENGINE is being compiled into a self-contained - * shared-library. */ -#ifdef ENGINE_DYNAMIC_SUPPORT -static int bind_fn(ENGINE *e, const char *id) - { - if(id && (strcmp(id, engine_ubsec_id) != 0)) - return 0; - if(!bind_helper(e)) - return 0; - return 1; - } -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -#endif /* ENGINE_DYNAMIC_SUPPORT */ - -#endif /* !OPENSSL_NO_HW_UBSEC */ -#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_ubsec_err.c b/src/lib/libcrypto/engine/hw_ubsec_err.c deleted file mode 100644 index d707331fc2..0000000000 --- a/src/lib/libcrypto/engine/hw_ubsec_err.c +++ /dev/null @@ -1,151 +0,0 @@ -/* hw_ubsec_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "hw_ubsec_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA UBSEC_str_functs[]= - { -{ERR_PACK(0,UBSEC_F_UBSEC_CTRL,0), "UBSEC_CTRL"}, -{ERR_PACK(0,UBSEC_F_UBSEC_DH_COMPUTE_KEY,0), "UBSEC_DH_COMPUTE_KEY"}, -{ERR_PACK(0,UBSEC_F_UBSEC_DSA_SIGN,0), "UBSEC_DSA_SIGN"}, -{ERR_PACK(0,UBSEC_F_UBSEC_DSA_VERIFY,0), "UBSEC_DSA_VERIFY"}, -{ERR_PACK(0,UBSEC_F_UBSEC_FINISH,0), "UBSEC_FINISH"}, -{ERR_PACK(0,UBSEC_F_UBSEC_INIT,0), "UBSEC_INIT"}, -{ERR_PACK(0,UBSEC_F_UBSEC_MOD_EXP,0), "UBSEC_MOD_EXP"}, -{ERR_PACK(0,UBSEC_F_UBSEC_RNG_BYTES,0), "UBSEC_RNG_BYTES"}, -{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP,0), "UBSEC_RSA_MOD_EXP"}, -{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP_CRT,0), "UBSEC_RSA_MOD_EXP_CRT"}, -{0,NULL} - }; - -static ERR_STRING_DATA UBSEC_str_reasons[]= - { -{UBSEC_R_ALREADY_LOADED ,"already loaded"}, -{UBSEC_R_BN_EXPAND_FAIL ,"bn expand fail"}, -{UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, -{UBSEC_R_DSO_FAILURE ,"dso failure"}, -{UBSEC_R_MISSING_KEY_COMPONENTS ,"missing key components"}, -{UBSEC_R_NOT_LOADED ,"not loaded"}, -{UBSEC_R_REQUEST_FAILED ,"request failed"}, -{UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL ,"size too large or too small"}, -{UBSEC_R_UNIT_FAILURE ,"unit failure"}, -{0,NULL} - }; - -#endif - -#ifdef UBSEC_LIB_NAME -static ERR_STRING_DATA UBSEC_lib_name[]= - { -{0 ,UBSEC_LIB_NAME}, -{0,NULL} - }; -#endif - - -static int UBSEC_lib_error_code=0; -static int UBSEC_error_init=1; - -static void ERR_load_UBSEC_strings(void) - { - if (UBSEC_lib_error_code == 0) - UBSEC_lib_error_code=ERR_get_next_error_library(); - - if (UBSEC_error_init) - { - UBSEC_error_init=0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(UBSEC_lib_error_code,UBSEC_str_functs); - ERR_load_strings(UBSEC_lib_error_code,UBSEC_str_reasons); -#endif - -#ifdef UBSEC_LIB_NAME - UBSEC_lib_name->error = ERR_PACK(UBSEC_lib_error_code,0,0); - ERR_load_strings(0,UBSEC_lib_name); -#endif - } - } - -static void ERR_unload_UBSEC_strings(void) - { - if (UBSEC_error_init == 0) - { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(UBSEC_lib_error_code,UBSEC_str_functs); - ERR_unload_strings(UBSEC_lib_error_code,UBSEC_str_reasons); -#endif - -#ifdef UBSEC_LIB_NAME - ERR_unload_strings(0,UBSEC_lib_name); -#endif - UBSEC_error_init=1; - } - } - -static void ERR_UBSEC_error(int function, int reason, char *file, int line) - { - if (UBSEC_lib_error_code == 0) - UBSEC_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(UBSEC_lib_error_code,function,reason,file,line); - } diff --git a/src/lib/libcrypto/engine/hw_ubsec_err.h b/src/lib/libcrypto/engine/hw_ubsec_err.h deleted file mode 100644 index 023d3be771..0000000000 --- a/src/lib/libcrypto/engine/hw_ubsec_err.h +++ /dev/null @@ -1,95 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_UBSEC_ERR_H -#define HEADER_UBSEC_ERR_H - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_UBSEC_strings(void); -static void ERR_unload_UBSEC_strings(void); -static void ERR_UBSEC_error(int function, int reason, char *file, int line); -#define UBSECerr(f,r) ERR_UBSEC_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the UBSEC functions. */ - -/* Function codes. */ -#define UBSEC_F_UBSEC_CTRL 100 -#define UBSEC_F_UBSEC_DH_COMPUTE_KEY 101 -#define UBSEC_F_UBSEC_DSA_SIGN 102 -#define UBSEC_F_UBSEC_DSA_VERIFY 103 -#define UBSEC_F_UBSEC_FINISH 104 -#define UBSEC_F_UBSEC_INIT 105 -#define UBSEC_F_UBSEC_MOD_EXP 106 -#define UBSEC_F_UBSEC_RNG_BYTES 107 -#define UBSEC_F_UBSEC_RSA_MOD_EXP 108 -#define UBSEC_F_UBSEC_RSA_MOD_EXP_CRT 109 - -/* Reason codes. */ -#define UBSEC_R_ALREADY_LOADED 100 -#define UBSEC_R_BN_EXPAND_FAIL 101 -#define UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED 102 -#define UBSEC_R_DSO_FAILURE 103 -#define UBSEC_R_MISSING_KEY_COMPONENTS 104 -#define UBSEC_R_NOT_LOADED 105 -#define UBSEC_R_REQUEST_FAILED 106 -#define UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL 107 -#define UBSEC_R_UNIT_FAILURE 108 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/engine/vendor_defns/aep.h b/src/lib/libcrypto/engine/vendor_defns/aep.h deleted file mode 100644 index 2b2792d2d6..0000000000 --- a/src/lib/libcrypto/engine/vendor_defns/aep.h +++ /dev/null @@ -1,178 +0,0 @@ -/* This header declares the necessary definitions for using the exponentiation - * acceleration capabilities, and rnd number generation of the AEP card. - * - */ - -/* - * - * Some AEP defines - * - */ - -/*Successful return value*/ -#define AEP_R_OK 0x00000000 - -/*Miscelleanous unsuccessful return value*/ -#define AEP_R_GENERAL_ERROR 0x10000001 - -/*Insufficient host memory*/ -#define AEP_R_HOST_MEMORY 0x10000002 - -#define AEP_R_FUNCTION_FAILED 0x10000006 - -/*Invalid arguments in function call*/ -#define AEP_R_ARGUMENTS_BAD 0x10020000 - -#define AEP_R_NO_TARGET_RESOURCES 0x10030000 - -/*Error occuring on socket operation*/ -#define AEP_R_SOCKERROR 0x10000010 - -/*Socket has been closed from the other end*/ -#define AEP_R_SOCKEOF 0x10000011 - -/*Invalid handles*/ -#define AEP_R_CONNECTION_HANDLE_INVALID 0x100000B3 - -#define AEP_R_TRANSACTION_HANDLE_INVALID 0x10040000 - -/*Transaction has not yet returned from accelerator*/ -#define AEP_R_TRANSACTION_NOT_READY 0x00010000 - -/*There is already a thread waiting on this transaction*/ -#define AEP_R_TRANSACTION_CLAIMED 0x10050000 - -/*The transaction timed out*/ -#define AEP_R_TIMED_OUT 0x10060000 - -#define AEP_R_FXN_NOT_IMPLEMENTED 0x10070000 - -#define AEP_R_TARGET_ERROR 0x10080000 - -/*Error in the AEP daemon process*/ -#define AEP_R_DAEMON_ERROR 0x10090000 - -/*Invalid ctx id*/ -#define AEP_R_INVALID_CTX_ID 0x10009000 - -#define AEP_R_NO_KEY_MANAGER 0x1000a000 - -/*Error obtaining a mutex*/ -#define AEP_R_MUTEX_BAD 0x000001A0 - -/*Fxn call before AEP_Initialise ot after AEP_Finialise*/ -#define AEP_R_AEPAPI_NOT_INITIALIZED 0x10000190 - -/*AEP_Initialise has already been called*/ -#define AEP_R_AEPAPI_ALREADY_INITIALIZED 0x10000191 - -/*Maximum number of connections to daemon reached*/ -#define AEP_R_NO_MORE_CONNECTION_HNDLS 0x10000200 - -/* - * - * Some AEP Type definitions - * - */ - -/* an unsigned 8-bit value */ -typedef unsigned char AEP_U8; - -/* an unsigned 8-bit character */ -typedef char AEP_CHAR; - -/* a BYTE-sized Boolean flag */ -typedef AEP_U8 AEP_BBOOL; - -/*Unsigned value, at least 16 bits long*/ -typedef unsigned short AEP_U16; - -/* an unsigned value, at least 32 bits long */ -#ifdef SIXTY_FOUR_BIT_LONG -typedef unsigned int AEP_U32; -#else -typedef unsigned long AEP_U32; -#endif - -#ifdef SIXTY_FOUR_BIT_LONG -typedef unsigned long AEP_U64; -#else -typedef struct { unsigned long l1, l2; } AEP_U64; -#endif - -/* at least 32 bits; each bit is a Boolean flag */ -typedef AEP_U32 AEP_FLAGS; - -typedef AEP_U8 *AEP_U8_PTR; -typedef AEP_CHAR *AEP_CHAR_PTR; -typedef AEP_U32 *AEP_U32_PTR; -typedef AEP_U64 *AEP_U64_PTR; -typedef void *AEP_VOID_PTR; - -/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */ -typedef AEP_VOID_PTR *AEP_VOID_PTR_PTR; - -/*Used to identify an AEP connection handle*/ -typedef AEP_U32 AEP_CONNECTION_HNDL; - -/*Pointer to an AEP connection handle*/ -typedef AEP_CONNECTION_HNDL *AEP_CONNECTION_HNDL_PTR; - -/*Used by an application (in conjunction with the apps process id) to -identify an individual transaction*/ -typedef AEP_U32 AEP_TRANSACTION_ID; - -/*Pointer to an applications transaction identifier*/ -typedef AEP_TRANSACTION_ID *AEP_TRANSACTION_ID_PTR; - -/*Return value type*/ -typedef AEP_U32 AEP_RV; - -#define MAX_PROCESS_CONNECTIONS 256 - -#define RAND_BLK_SIZE 1024 - -typedef enum{ - NotConnected= 0, - Connected= 1, - InUse= 2 -} AEP_CONNECTION_STATE; - - -typedef struct AEP_CONNECTION_ENTRY{ - AEP_CONNECTION_STATE conn_state; - AEP_CONNECTION_HNDL conn_hndl; -} AEP_CONNECTION_ENTRY; - - -typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection); -typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection); - -typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection, - AEP_VOID_PTR pA, AEP_VOID_PTR pP, - AEP_VOID_PTR pN, - AEP_VOID_PTR pResult, - AEP_TRANSACTION_ID* pidTransID); - -typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection, - AEP_VOID_PTR pA, AEP_VOID_PTR pP, - AEP_VOID_PTR pQ, - AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1, - AEP_VOID_PTR pIqmp, - AEP_VOID_PTR pResult, - AEP_TRANSACTION_ID* pidTransID); - -#ifdef AEPRAND -typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection, - AEP_U32 Len, - AEP_U32 Type, - AEP_VOID_PTR pResult, - AEP_TRANSACTION_ID* pidTransID); -#endif - -typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs); -typedef AEP_RV t_AEP_Finalize(); -typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)(), - AEP_RV (*MakeAEPBigNumFunc)(), - AEP_RV (*ConverAEPBigNumFunc)()); - diff --git a/src/lib/libcrypto/engine/vendor_defns/atalla.h b/src/lib/libcrypto/engine/vendor_defns/atalla.h deleted file mode 100644 index 149970d441..0000000000 --- a/src/lib/libcrypto/engine/vendor_defns/atalla.h +++ /dev/null @@ -1,48 +0,0 @@ -/* This header declares the necessary definitions for using the exponentiation - * acceleration capabilities of Atalla cards. The only cryptographic operation - * is performed by "ASI_RSAPrivateKeyOpFn" and this takes a structure that - * defines an "RSA private key". However, it is really only performing a - * regular mod_exp using the supplied modulus and exponent - no CRT form is - * being used. Hence, it is a generic mod_exp function in disguise, and we use - * it as such. - * - * Thanks to the people at Atalla for letting me know these definitions are - * fine and that they can be reproduced here. - * - * Geoff. - */ - -typedef struct ItemStr - { - unsigned char *data; - int len; - } Item; - -typedef struct RSAPrivateKeyStr - { - void *reserved; - Item version; - Item modulus; - Item publicExponent; - Item privateExponent; - Item prime[2]; - Item exponent[2]; - Item coefficient; - } RSAPrivateKey; - -/* Predeclare the function pointer types that we dynamically load from the DSO. - * These use the same names and form that Ben's original support code had (in - * crypto/bn/bn_exp.c) unless of course I've inadvertently changed the style - * somewhere along the way! - */ - -typedef int tfnASI_GetPerformanceStatistics(int reset_flag, - unsigned int *ret_buf); - -typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf); - -typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey, - unsigned char *output, - unsigned char *input, - unsigned int modulus_len); - diff --git a/src/lib/libcrypto/engine/vendor_defns/cswift.h b/src/lib/libcrypto/engine/vendor_defns/cswift.h deleted file mode 100644 index 60079326bb..0000000000 --- a/src/lib/libcrypto/engine/vendor_defns/cswift.h +++ /dev/null @@ -1,234 +0,0 @@ -/* Attribution notice: Rainbow have generously allowed me to reproduce - * the necessary definitions here from their API. This means the support - * can build independently of whether application builders have the - * API or hardware. This will allow developers to easily produce software - * that has latent hardware support for any users that have accelertors - * installed, without the developers themselves needing anything extra. - * - * I have only clipped the parts from the CryptoSwift header files that - * are (or seem) relevant to the CryptoSwift support code. This is - * simply to keep the file sizes reasonable. - * [Geoff] - */ - - -/* NB: These type widths do *not* seem right in general, in particular - * they're not terribly friendly to 64-bit architectures (unsigned long) - * will be 64-bit on IA-64 for a start. I'm leaving these alone as they - * agree with Rainbow's API and this will only be called into question - * on platforms with Rainbow support anyway! ;-) */ - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - -typedef long SW_STATUS; /* status */ -typedef unsigned char SW_BYTE; /* 8 bit byte */ -typedef unsigned short SW_U16; /* 16 bit number */ -#if defined(_IRIX) -#include -typedef __uint32_t SW_U32; -#else -typedef unsigned long SW_U32; /* 32 bit integer */ -#endif - -#if defined(OPENSSL_SYS_WIN32) - typedef struct _SW_U64 { - SW_U32 low32; - SW_U32 high32; - } SW_U64; /* 64 bit integer */ -#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC) - typedef longlong SW_U64 -#else /* Unix variants */ - typedef struct _SW_U64 { - SW_U32 low32; - SW_U32 high32; - } SW_U64; /* 64 bit integer */ -#endif - -/* status codes */ -#define SW_OK (0L) -#define SW_ERR_BASE (-10000L) -#define SW_ERR_NO_CARD (SW_ERR_BASE-1) /* The Card is not present */ -#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered */ - /* up yet */ -#define SW_ERR_TIME_OUT (SW_ERR_BASE-3) /* Execution of a command */ - /* time out */ -#define SW_ERR_NO_EXECUTE (SW_ERR_BASE-4) /* The Card failed to */ - /* execute the command */ -#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is */ - /* NULL */ -#define SW_ERR_INPUT_SIZE (SW_ERR_BASE-6) /* size is invalid, too */ - /* small, too large. */ -#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT */ - /* handle */ -#define SW_ERR_PENDING (SW_ERR_BASE-8) /* A request is already out- */ - /* standing at this */ - /* context handle */ -#define SW_ERR_AVAILABLE (SW_ERR_BASE-9) /* A result is available. */ -#define SW_ERR_NO_PENDING (SW_ERR_BASE-10)/* No request is pending. */ -#define SW_ERR_NO_MEMORY (SW_ERR_BASE-11)/* Not enough memory */ -#define SW_ERR_BAD_ALGORITHM (SW_ERR_BASE-12)/* Invalid algorithm type */ - /* in SW_PARAM structure */ -#define SW_ERR_MISSING_KEY (SW_ERR_BASE-13)/* No key is associated with */ - /* context. */ - /* swAttachKeyParam() is */ - /* not called. */ -#define SW_ERR_KEY_CMD_MISMATCH \ - (SW_ERR_BASE-14)/* Cannot perform requested */ - /* SW_COMMAND_CODE since */ - /* key attached via */ - /* swAttachKeyParam() */ - /* cannot be used for this*/ - /* SW_COMMAND_CODE. */ -#define SW_ERR_NOT_IMPLEMENTED \ - (SW_ERR_BASE-15)/* Not implemented */ -#define SW_ERR_BAD_COMMAND (SW_ERR_BASE-16)/* Bad command code */ -#define SW_ERR_BAD_ITEM_SIZE (SW_ERR_BASE-17)/* too small or too large in */ - /* the "initems" or */ - /* "outitems". */ -#define SW_ERR_BAD_ACCNUM (SW_ERR_BASE-18)/* Bad accelerator number */ -#define SW_ERR_SELFTEST_FAIL (SW_ERR_BASE-19)/* At least one of the self */ - /* test fail, look at the */ - /* selfTestBitmap in */ - /* SW_ACCELERATOR_INFO for*/ - /* details. */ -#define SW_ERR_MISALIGN (SW_ERR_BASE-20)/* Certain alogrithms require*/ - /* key materials aligned */ - /* in certain order, e.g. */ - /* 128 bit for CRT */ -#define SW_ERR_OUTPUT_NULL_PTR \ - (SW_ERR_BASE-21)/* a required pointer is */ - /* NULL */ -#define SW_ERR_OUTPUT_SIZE \ - (SW_ERR_BASE-22)/* size is invalid, too */ - /* small, too large. */ -#define SW_ERR_FIRMWARE_CHECKSUM \ - (SW_ERR_BASE-23)/* firmware checksum mismatch*/ - /* download failed. */ -#define SW_ERR_UNKNOWN_FIRMWARE \ - (SW_ERR_BASE-24)/* unknown firmware error */ -#define SW_ERR_INTERRUPT (SW_ERR_BASE-25)/* request is abort when */ - /* it's waiting to be */ - /* completed. */ -#define SW_ERR_NVWRITE_FAIL (SW_ERR_BASE-26)/* error in writing to Non- */ - /* volatile memory */ -#define SW_ERR_NVWRITE_RANGE (SW_ERR_BASE-27)/* out of range error in */ - /* writing to NV memory */ -#define SW_ERR_RNG_ERROR (SW_ERR_BASE-28)/* Random Number Generation */ - /* failure */ -#define SW_ERR_DSS_FAILURE (SW_ERR_BASE-29)/* DSS Sign or Verify failure*/ -#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30)/* Failure in various math */ - /* calculations */ -#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31)/* Error in accessing on - */ - /* board memory */ -#define SW_ERR_FIRMWARE_VERSION \ - (SW_ERR_BASE-32)/* Wrong version in firmware */ - /* update */ -#define SW_ERR_ZERO_WORKING_ACCELERATOR \ - (SW_ERR_BASE-44)/* All accelerators are bad */ - - - /* algorithm type */ -#define SW_ALG_CRT 1 -#define SW_ALG_EXP 2 -#define SW_ALG_DSA 3 -#define SW_ALG_NVDATA 4 - - /* command code */ -#define SW_CMD_MODEXP_CRT 1 /* perform Modular Exponentiation using */ - /* Chinese Remainder Theorem (CRT) */ -#define SW_CMD_MODEXP 2 /* perform Modular Exponentiation */ -#define SW_CMD_DSS_SIGN 3 /* perform DSS sign */ -#define SW_CMD_DSS_VERIFY 4 /* perform DSS verify */ -#define SW_CMD_RAND 5 /* perform random number generation */ -#define SW_CMD_NVREAD 6 /* perform read to nonvolatile RAM */ -#define SW_CMD_NVWRITE 7 /* perform write to nonvolatile RAM */ - -typedef SW_U32 SW_ALGTYPE; /* alogrithm type */ -typedef SW_U32 SW_STATE; /* state */ -typedef SW_U32 SW_COMMAND_CODE; /* command code */ -typedef SW_U32 SW_COMMAND_BITMAP[4]; /* bitmap */ - -typedef struct _SW_LARGENUMBER { - SW_U32 nbytes; /* number of bytes in the buffer "value" */ - SW_BYTE* value; /* the large integer as a string of */ - /* bytes in network (big endian) order */ -} SW_LARGENUMBER; - -#if defined(OPENSSL_SYS_WIN32) - #include - typedef HANDLE SW_OSHANDLE; /* handle to kernel object */ - #define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE - #define SW_CALLCONV _stdcall -#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC) - /* async callback mechanisms */ - /* swiftCallbackLevel */ - #define SW_MAC_CALLBACK_LEVEL_NO 0 - #define SW_MAC_CALLBACK_LEVEL_HARDWARE 1 /* from the hardware ISR */ - #define SW_MAC_CALLBACK_LEVEL_SECONDARY 2 /* as secondary ISR */ - typedef int SW_MAC_CALLBACK_LEVEL; - typedef int SW_OSHANDLE; - #define SW_OS_INVALID_HANDLE (-1) - #define SW_CALLCONV -#else /* Unix variants */ - typedef int SW_OSHANDLE; /* handle to driver */ - #define SW_OS_INVALID_HANDLE (-1) - #define SW_CALLCONV -#endif - -typedef struct _SW_CRT { - SW_LARGENUMBER p; /* prime number p */ - SW_LARGENUMBER q; /* prime number q */ - SW_LARGENUMBER dmp1; /* exponent1 */ - SW_LARGENUMBER dmq1; /* exponent2 */ - SW_LARGENUMBER iqmp; /* CRT coefficient */ -} SW_CRT; - -typedef struct _SW_EXP { - SW_LARGENUMBER modulus; /* modulus */ - SW_LARGENUMBER exponent;/* exponent */ -} SW_EXP; - -typedef struct _SW_DSA { - SW_LARGENUMBER p; /* */ - SW_LARGENUMBER q; /* */ - SW_LARGENUMBER g; /* */ - SW_LARGENUMBER key; /* private/public key */ -} SW_DSA; - -typedef struct _SW_NVDATA { - SW_U32 accnum; /* accelerator board number */ - SW_U32 offset; /* offset in byte */ -} SW_NVDATA; - -typedef struct _SW_PARAM { - SW_ALGTYPE type; /* type of the alogrithm */ - union { - SW_CRT crt; - SW_EXP exp; - SW_DSA dsa; - SW_NVDATA nvdata; - } up; -} SW_PARAM; - -typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */ - - -/* Now the OpenSSL bits, these function types are the for the function - * pointers that will bound into the Rainbow shared libraries. */ -typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac); -typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac, - SW_PARAM *key_params); -typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac, - SW_COMMAND_CODE cmd, - SW_LARGENUMBER pin[], - SW_U32 pin_count, - SW_LARGENUMBER pout[], - SW_U32 pout_count); -typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE hac); - -#ifdef __cplusplus -} -#endif /* __cplusplus */ - diff --git a/src/lib/libcrypto/engine/vendor_defns/hw_4758_cca.h b/src/lib/libcrypto/engine/vendor_defns/hw_4758_cca.h deleted file mode 100644 index 296636e81a..0000000000 --- a/src/lib/libcrypto/engine/vendor_defns/hw_4758_cca.h +++ /dev/null @@ -1,149 +0,0 @@ -/**********************************************************************/ -/* */ -/* Prototypes of the CCA verbs used by the 4758 CCA openssl driver */ -/* */ -/* Maurice Gittens */ -/* */ -/**********************************************************************/ - -#ifndef __HW_4758_CCA__ -#define __HW_4758_CCA__ - -/* - * Only WIN32 support for now - */ -#if defined(WIN32) - - #define CCA_LIB_NAME "CSUNSAPI" - - #define CSNDPKX "CSNDPKX_32" - #define CSNDKRR "CSNDKRR_32" - #define CSNDPKE "CSNDPKE_32" - #define CSNDPKD "CSNDPKD_32" - #define CSNDDSV "CSNDDSV_32" - #define CSNDDSG "CSNDDSG_32" - #define CSNBRNG "CSNBRNG_32" - - #define SECURITYAPI __stdcall -#else - /* Fixme!! - Find out the values of these constants for other platforms. - */ - #define CCA_LIB_NAME "CSUNSAPI" - - #define CSNDPKX "CSNDPKX" - #define CSNDKRR "CSNDKRR" - #define CSNDPKE "CSNDPKE" - #define CSNDPKD "CSNDPKD" - #define CSNDDSV "CSNDDSV" - #define CSNDDSG "CSNDDSG" - #define CSNBRNG "CSNBRNG" - - #define SECURITYAPI -#endif - -/* - * security API prototypes - */ - -/* PKA Key Record Read */ -typedef void (SECURITYAPI *F_KEYRECORDREAD) - (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - unsigned char * key_label, - long * key_token_length, - unsigned char * key_token); - -/* Random Number Generate */ -typedef void (SECURITYAPI *F_RANDOMNUMBERGENERATE) - (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - unsigned char * form, - unsigned char * random_number); - -/* Digital Signature Generate */ -typedef void (SECURITYAPI *F_DIGITALSIGNATUREGENERATE) - (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * PKA_private_key_id_length, - unsigned char * PKA_private_key_id, - long * hash_length, - unsigned char * hash, - long * signature_field_length, - long * signature_bit_length, - unsigned char * signature_field); - -/* Digital Signature Verify */ -typedef void (SECURITYAPI *F_DIGITALSIGNATUREVERIFY)( - long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * PKA_public_key_id_length, - unsigned char * PKA_public_key_id, - long * hash_length, - unsigned char * hash, - long * signature_field_length, - unsigned char * signature_field); - -/* PKA Public Key Extract */ -typedef void (SECURITYAPI *F_PUBLICKEYEXTRACT)( - long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * source_key_identifier_length, - unsigned char * source_key_identifier, - long * target_key_token_length, - unsigned char * target_key_token); - -/* PKA Encrypt */ -typedef void (SECURITYAPI *F_PKAENCRYPT) - (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * key_value_length, - unsigned char * key_value, - long * data_struct_length, - unsigned char * data_struct, - long * RSA_public_key_length, - unsigned char * RSA_public_key, - long * RSA_encipher_length, - unsigned char * RSA_encipher ); - -/* PKA Decrypt */ -typedef void (SECURITYAPI *F_PKADECRYPT) - (long * return_code, - long * reason_code, - long * exit_data_length, - unsigned char * exit_data, - long * rule_array_count, - unsigned char * rule_array, - long * enciphered_key_length, - unsigned char * enciphered_key, - long * data_struct_length, - unsigned char * data_struct, - long * RSA_private_key_length, - unsigned char * RSA_private_key, - long * key_value_length, - unsigned char * key_value ); - - -#endif diff --git a/src/lib/libcrypto/engine/vendor_defns/hw_ubsec.h b/src/lib/libcrypto/engine/vendor_defns/hw_ubsec.h deleted file mode 100644 index b6619d40f2..0000000000 --- a/src/lib/libcrypto/engine/vendor_defns/hw_ubsec.h +++ /dev/null @@ -1,100 +0,0 @@ -/****************************************************************************** - * - * Copyright 2000 - * Broadcom Corporation - * 16215 Alton Parkway - * PO Box 57013 - * Irvine CA 92619-7013 - * - *****************************************************************************/ -/* - * Broadcom Corporation uBSec SDK - */ -/* - * Character device header file. - */ -/* - * Revision History: - * - * October 2000 JTT Created. - */ - -#define MAX_PUBLIC_KEY_BITS (1024) -#define MAX_PUBLIC_KEY_BYTES (1024/8) -#define SHA_BIT_SIZE (160) -#define MAX_CRYPTO_KEY_LENGTH 24 -#define MAX_MAC_KEY_LENGTH 64 -#define UBSEC_CRYPTO_DEVICE_NAME ((unsigned char *)"/dev/ubscrypt") -#define UBSEC_KEY_DEVICE_NAME ((unsigned char *)"/dev/ubskey") - -/* Math command types. */ -#define UBSEC_MATH_MODADD 0x0001 -#define UBSEC_MATH_MODSUB 0x0002 -#define UBSEC_MATH_MODMUL 0x0004 -#define UBSEC_MATH_MODEXP 0x0008 -#define UBSEC_MATH_MODREM 0x0010 -#define UBSEC_MATH_MODINV 0x0020 - -typedef long ubsec_MathCommand_t; -typedef long ubsec_RNGCommand_t; - -typedef struct ubsec_crypto_context_s { - unsigned int flags; - unsigned char crypto[MAX_CRYPTO_KEY_LENGTH]; - unsigned char auth[MAX_MAC_KEY_LENGTH]; -} ubsec_crypto_context_t, *ubsec_crypto_context_p; - -/* - * Predeclare the function pointer types that we dynamically load from the DSO. - */ - -typedef int t_UBSEC_ubsec_bytes_to_bits(unsigned char *n, int bytes); - -typedef int t_UBSEC_ubsec_bits_to_bytes(int bits); - -typedef int t_UBSEC_ubsec_open(unsigned char *device); - -typedef int t_UBSEC_ubsec_close(int fd); - -typedef int t_UBSEC_diffie_hellman_generate_ioctl (int fd, - unsigned char *x, int *x_len, unsigned char *y, int *y_len, - unsigned char *g, int g_len, unsigned char *m, int m_len, - unsigned char *userX, int userX_len, int random_bits); - -typedef int t_UBSEC_diffie_hellman_agree_ioctl (int fd, - unsigned char *x, int x_len, unsigned char *y, int y_len, - unsigned char *m, int m_len, unsigned char *k, int *k_len); - -typedef int t_UBSEC_rsa_mod_exp_ioctl (int fd, - unsigned char *x, int x_len, unsigned char *m, int m_len, - unsigned char *e, int e_len, unsigned char *y, int *y_len); - -typedef int t_UBSEC_rsa_mod_exp_crt_ioctl (int fd, - unsigned char *x, int x_len, unsigned char *qinv, int qinv_len, - unsigned char *edq, int edq_len, unsigned char *q, int q_len, - unsigned char *edp, int edp_len, unsigned char *p, int p_len, - unsigned char *y, int *y_len); - -typedef int t_UBSEC_dsa_sign_ioctl (int fd, - int hash, unsigned char *data, int data_len, - unsigned char *rndom, int random_len, - unsigned char *p, int p_len, unsigned char *q, int q_len, - unsigned char *g, int g_len, unsigned char *key, int key_len, - unsigned char *r, int *r_len, unsigned char *s, int *s_len); - -typedef int t_UBSEC_dsa_verify_ioctl (int fd, - int hash, unsigned char *data, int data_len, - unsigned char *p, int p_len, unsigned char *q, int q_len, - unsigned char *g, int g_len, unsigned char *key, int key_len, - unsigned char *r, int r_len, unsigned char *s, int s_len, - unsigned char *v, int *v_len); - -typedef int t_UBSEC_math_accelerate_ioctl(int fd, ubsec_MathCommand_t command, - unsigned char *ModN, int *ModN_len, unsigned char *ExpE, int *ExpE_len, - unsigned char *ParamA, int *ParamA_len, unsigned char *ParamB, int *ParamB_len, - unsigned char *Result, int *Result_len); - -typedef int t_UBSEC_rng_ioctl(int fd, ubsec_RNGCommand_t command, - unsigned char *Result, int *Result_len); - -typedef int t_UBSEC_max_key_len_ioctl(int fd, int *max_key_len); diff --git a/src/lib/libcrypto/engine/vendor_defns/hwcryptohook.h b/src/lib/libcrypto/engine/vendor_defns/hwcryptohook.h deleted file mode 100644 index aaa4d4575e..0000000000 --- a/src/lib/libcrypto/engine/vendor_defns/hwcryptohook.h +++ /dev/null @@ -1,486 +0,0 @@ -/* - * ModExp / RSA (with/without KM) plugin API - * - * The application will load a dynamic library which - * exports entrypoint(s) defined in this file. - * - * This set of entrypoints provides only a multithreaded, - * synchronous-within-each-thread, facility. - * - * - * This file is Copyright 1998-2000 nCipher Corporation Limited. - * - * Redistribution and use in source and binary forms, with opr without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the copyright notice, - * this list of conditions, and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions, and the following - * disclaimer, in the documentation and/or other materials provided - * with the distribution - * - * IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR - * ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any - * damages arising directly or indirectly from this file, its use or - * this licence. Without prejudice to the generality of the - * foregoing: all liability shall be excluded for direct, indirect, - * special, incidental, consequential or other damages or any loss of - * profits, business, revenue goodwill or anticipated savings; - * liability shall be excluded even if nCipher or anyone else has been - * advised of the possibility of damage. In any event, if the - * exclusion of liability is not effective, the liability of nCipher - * or any author or distributor shall be limited to the lesser of the - * price paid and 1,000 pounds sterling. This licence only fails to - * exclude or limit liability for death or personal injury arising out - * of negligence, and only to the extent that such an exclusion or - * limitation is not effective. - * - * NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL - * AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not - * limited to, any implied warranties of merchantability, fitness for - * a particular purpose, satisfactory quality, and/or non-infringement - * of any third party rights. - * - * US Government use: This software and documentation is Commercial - * Computer Software and Computer Software Documentation, as defined in - * sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in - * Noncommercial Computer Software and Noncommercial Computer Software - * Documentation." Use, duplication or disclosure by the Government is - * subject to the terms and conditions specified here. - * - * By using or distributing this file you will be accepting these - * terms and conditions, including the limitation of liability and - * lack of warranty. If you do not wish to accept these terms and - * conditions, DO NOT USE THE FILE. - * - * - * The actual dynamically loadable plugin, and the library files for - * static linking, which are also provided in some distributions, are - * not covered by the licence described above. You should have - * received a separate licence with terms and conditions for these - * library files; if you received the library files without a licence, - * please contact nCipher. - * - * - * $Id: hwcryptohook.h,v 1.1.1.1 2003/05/11 21:35:16 markus Exp $ - */ - -#ifndef HWCRYPTOHOOK_H -#define HWCRYPTOHOOK_H - -#include -#include - -#ifndef HWCRYPTOHOOK_DECLARE_APPTYPES -#define HWCRYPTOHOOK_DECLARE_APPTYPES 1 -#endif - -#define HWCRYPTOHOOK_ERROR_FAILED -1 -#define HWCRYPTOHOOK_ERROR_FALLBACK -2 -#define HWCRYPTOHOOK_ERROR_MPISIZE -3 - -#if HWCRYPTOHOOK_DECLARE_APPTYPES - -/* These structs are defined by the application and opaque to the - * crypto plugin. The application may define these as it sees fit. - * Default declarations are provided here, but the application may - * #define HWCRYPTOHOOK_DECLARE_APPTYPES 0 - * to prevent these declarations, and instead provide its own - * declarations of these types. (Pointers to them must still be - * ordinary pointers to structs or unions, or the resulting combined - * program will have a type inconsistency.) - */ -typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex; -typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar; -typedef struct HWCryptoHook_PassphraseContextValue HWCryptoHook_PassphraseContext; -typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext; - -#endif /* HWCRYPTOHOOK_DECLARE_APPTYPES */ - -/* These next two structs are opaque to the application. The crypto - * plugin will return pointers to them; the caller simply manipulates - * the pointers. - */ -typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle; -typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle; - -typedef struct { - char *buf; - size_t size; -} HWCryptoHook_ErrMsgBuf; -/* Used for error reporting. When a HWCryptoHook function fails it - * will return a sentinel value (0 for pointer-valued functions, or a - * negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for - * integer-valued ones). It will, if an ErrMsgBuf is passed, also put - * an error message there. - * - * size is the size of the buffer, and will not be modified. If you - * pass 0 for size you must pass 0 for buf, and nothing will be - * recorded (just as if you passed 0 for the struct pointer). - * Messages written to the buffer will always be null-terminated, even - * when truncated to fit within size bytes. - * - * The contents of the buffer are not defined if there is no error. - */ - -typedef struct HWCryptoHook_MPIStruct { - unsigned char *buf; - size_t size; -} HWCryptoHook_MPI; -/* When one of these is returned, a pointer is passed to the function. - * At call, size is the space available. Afterwards it is updated to - * be set to the actual length (which may be more than the space available, - * if there was not enough room and the result was truncated). - * buf (the pointer) is not updated. - * - * size is in bytes and may be zero at call or return, but must be a - * multiple of the limb size. Zero limbs at the MS end are not - * permitted. - */ - -#define HWCryptoHook_InitFlags_FallbackModExp 0x0002UL -#define HWCryptoHook_InitFlags_FallbackRSAImmed 0x0004UL -/* Enable requesting fallback to software in case of problems with the - * hardware support. This indicates to the crypto provider that the - * application is prepared to fall back to software operation if the - * ModExp* or RSAImmed* functions return HWCRYPTOHOOK_ERROR_FALLBACK. - * Without this flag those calls will never return - * HWCRYPTOHOOK_ERROR_FALLBACK. The flag will also cause the crypto - * provider to avoid repeatedly attempting to contact dead hardware - * within a short interval, if appropriate. - */ - -#define HWCryptoHook_InitFlags_SimpleForkCheck 0x0010UL -/* Without _SimpleForkCheck the library is allowed to assume that the - * application will not fork and call the library in the child(ren). - * - * When it is specified, this is allowed. However, after a fork - * neither parent nor child may unload any loaded keys or call - * _Finish. Instead, they should call exit (or die with a signal) - * without calling _Finish. After all the children have died the - * parent may unload keys or call _Finish. - * - * This flag only has any effect on UN*X platforms. - */ - -typedef struct { - unsigned long flags; - void *logstream; /* usually a FILE*. See below. */ - - size_t limbsize; /* bignum format - size of radix type, must be power of 2 */ - int mslimbfirst; /* 0 or 1 */ - int msbytefirst; /* 0 or 1; -1 = native */ - - /* All the callback functions should return 0 on success, or a - * nonzero integer (whose value will be visible in the error message - * put in the buffer passed to the call). - * - * If a callback is not available pass a null function pointer. - * - * The callbacks may not call down again into the crypto plugin. - */ - - /* For thread-safety. Set everything to 0 if you promise only to be - * singlethreaded. maxsimultaneous is the number of calls to - * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to - * put there then say 0 and the hook library will use a default. - * - * maxmutexes is a small limit on the number of simultaneous mutexes - * which will be requested by the library. If there is no small - * limit, set it to 0. If the crypto plugin cannot create the - * advertised number of mutexes the calls to its functions may fail. - * If a low number of mutexes is advertised the plugin will try to - * do the best it can. Making larger numbers of mutexes available - * may improve performance and parallelism by reducing contention - * over critical sections. Unavailability of any mutexes, implying - * single-threaded operation, should be indicated by the setting - * mutex_init et al to 0. - */ - int maxmutexes; - int maxsimultaneous; - size_t mutexsize; - int (*mutex_init)(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext *cactx); - int (*mutex_acquire)(HWCryptoHook_Mutex*); - void (*mutex_release)(HWCryptoHook_Mutex*); - void (*mutex_destroy)(HWCryptoHook_Mutex*); - - /* For greater efficiency, can use condition vars internally for - * synchronisation. In this case maxsimultaneous is ignored, but - * the other mutex stuff must be available. In singlethreaded - * programs, set everything to 0. - */ - size_t condvarsize; - int (*condvar_init)(HWCryptoHook_CondVar*, HWCryptoHook_CallerContext *cactx); - int (*condvar_wait)(HWCryptoHook_CondVar*, HWCryptoHook_Mutex*); - void (*condvar_signal)(HWCryptoHook_CondVar*); - void (*condvar_broadcast)(HWCryptoHook_CondVar*); - void (*condvar_destroy)(HWCryptoHook_CondVar*); - - /* The semantics of acquiring and releasing mutexes and broadcasting - * and waiting on condition variables are expected to be those from - * POSIX threads (pthreads). The mutexes may be (in pthread-speak) - * fast mutexes, recursive mutexes, or nonrecursive ones. - * - * The _release/_signal/_broadcast and _destroy functions must - * always succeed when given a valid argument; if they are given an - * invalid argument then the program (crypto plugin + application) - * has an internal error, and they should abort the program. - */ - - int (*getpassphrase)(const char *prompt_info, - int *len_io, char *buf, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx); - /* Passphrases and the prompt_info, if they contain high-bit-set - * characters, are UTF-8. The prompt_info may be a null pointer if - * no prompt information is available (it should not be an empty - * string). It will not contain text like `enter passphrase'; - * instead it might say something like `Operator Card for John - * Smith' or `SmartCard in nFast Module #1, Slot #1'. - * - * buf points to a buffer in which to return the passphrase; on - * entry *len_io is the length of the buffer. It should be updated - * by the callback. The returned passphrase should not be - * null-terminated by the callback. - */ - - int (*getphystoken)(const char *prompt_info, - const char *wrong_info, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx); - /* Requests that the human user physically insert a different - * smartcard, DataKey, etc. The plugin should check whether the - * currently inserted token(s) are appropriate, and if they are it - * should not make this call. - * - * prompt_info is as before. wrong_info is a description of the - * currently inserted token(s) so that the user is told what - * something is. wrong_info, like prompt_info, may be null, but - * should not be an empty string. Its contents should be - * syntactically similar to that of prompt_info. - */ - - /* Note that a single LoadKey operation might cause several calls to - * getpassphrase and/or requestphystoken. If requestphystoken is - * not provided (ie, a null pointer is passed) then the plugin may - * not support loading keys for which authorisation by several cards - * is required. If getpassphrase is not provided then cards with - * passphrases may not be supported. - * - * getpassphrase and getphystoken do not need to check that the - * passphrase has been entered correctly or the correct token - * inserted; the crypto plugin will do that. If this is not the - * case then the crypto plugin is responsible for calling these - * routines again as appropriate until the correct token(s) and - * passphrase(s) are supplied as required, or until any retry limits - * implemented by the crypto plugin are reached. - * - * In either case, the application must allow the user to say `no' - * or `cancel' to indicate that they do not know the passphrase or - * have the appropriate token; this should cause the callback to - * return nonzero indicating error. - */ - - void (*logmessage)(void *logstream, const char *message); - /* A log message will be generated at least every time something goes - * wrong and an ErrMsgBuf is filled in (or would be if one was - * provided). Other diagnostic information may be written there too, - * including more detailed reasons for errors which are reported in an - * ErrMsgBuf. - * - * When a log message is generated, this callback is called. It - * should write a message to the relevant logging arrangements. - * - * The message string passed will be null-terminated and may be of arbitrary - * length. It will not be prefixed by the time and date, nor by the - * name of the library that is generating it - if this is required, - * the logmessage callback must do it. The message will not have a - * trailing newline (though it may contain internal newlines). - * - * If a null pointer is passed for logmessage a default function is - * used. The default function treats logstream as a FILE* which has - * been converted to a void*. If logstream is 0 it does nothing. - * Otherwise it prepends the date and time and library name and - * writes the message to logstream. Each line will be prefixed by a - * descriptive string containing the date, time and identity of the - * crypto plugin. Errors on the logstream are not reported - * anywhere, and the default function doesn't flush the stream, so - * the application must set the buffering how it wants it. - * - * The crypto plugin may also provide a facility to have copies of - * log messages sent elsewhere, and or for adjusting the verbosity - * of the log messages; any such facilities will be configured by - * external means. - */ - -} HWCryptoHook_InitInfo; - -typedef -HWCryptoHook_ContextHandle HWCryptoHook_Init_t(const HWCryptoHook_InitInfo *initinfo, - size_t initinfosize, - const HWCryptoHook_ErrMsgBuf *errors, - HWCryptoHook_CallerContext *cactx); -extern HWCryptoHook_Init_t HWCryptoHook_Init; - -/* Caller should set initinfosize to the size of the HWCryptoHook struct, - * so it can be extended later. - * - * On success, a message for display or logging by the server, - * including the name and version number of the plugin, will be filled - * in into *errors; on failure *errors is used for error handling, as - * usual. - */ - -/* All these functions return 0 on success, HWCRYPTOHOOK_ERROR_FAILED - * on most failures. HWCRYPTOHOOK_ERROR_MPISIZE means at least one of - * the output MPI buffer(s) was too small; the sizes of all have been - * set to the desired size (and for those where the buffer was large - * enough, the value may have been copied in), and no error message - * has been recorded. - * - * You may pass 0 for the errors struct. In any case, unless you set - * _NoStderr at init time then messages may be reported to stderr. - */ - -/* The RSAImmed* functions (and key managed RSA) only work with - * modules which have an RSA patent licence - currently that means KM - * units; the ModExp* ones work with all modules, so you need a patent - * licence in the software in the US. They are otherwise identical. - */ - -typedef -void HWCryptoHook_Finish_t(HWCryptoHook_ContextHandle hwctx); -extern HWCryptoHook_Finish_t HWCryptoHook_Finish; -/* You must not have any calls going or keys loaded when you call this. */ - -typedef -int HWCryptoHook_RandomBytes_t(HWCryptoHook_ContextHandle hwctx, - unsigned char *buf, size_t len, - const HWCryptoHook_ErrMsgBuf *errors); -extern HWCryptoHook_RandomBytes_t HWCryptoHook_RandomBytes; - -typedef -int HWCryptoHook_ModExp_t(HWCryptoHook_ContextHandle hwctx, - HWCryptoHook_MPI a, - HWCryptoHook_MPI p, - HWCryptoHook_MPI n, - HWCryptoHook_MPI *r, - const HWCryptoHook_ErrMsgBuf *errors); -extern HWCryptoHook_ModExp_t HWCryptoHook_ModExp; - -typedef -int HWCryptoHook_RSAImmedPub_t(HWCryptoHook_ContextHandle hwctx, - HWCryptoHook_MPI m, - HWCryptoHook_MPI e, - HWCryptoHook_MPI n, - HWCryptoHook_MPI *r, - const HWCryptoHook_ErrMsgBuf *errors); -extern HWCryptoHook_RSAImmedPub_t HWCryptoHook_RSAImmedPub; - -typedef -int HWCryptoHook_ModExpCRT_t(HWCryptoHook_ContextHandle hwctx, - HWCryptoHook_MPI a, - HWCryptoHook_MPI p, - HWCryptoHook_MPI q, - HWCryptoHook_MPI dmp1, - HWCryptoHook_MPI dmq1, - HWCryptoHook_MPI iqmp, - HWCryptoHook_MPI *r, - const HWCryptoHook_ErrMsgBuf *errors); -extern HWCryptoHook_ModExpCRT_t HWCryptoHook_ModExpCRT; - -typedef -int HWCryptoHook_RSAImmedPriv_t(HWCryptoHook_ContextHandle hwctx, - HWCryptoHook_MPI m, - HWCryptoHook_MPI p, - HWCryptoHook_MPI q, - HWCryptoHook_MPI dmp1, - HWCryptoHook_MPI dmq1, - HWCryptoHook_MPI iqmp, - HWCryptoHook_MPI *r, - const HWCryptoHook_ErrMsgBuf *errors); -extern HWCryptoHook_RSAImmedPriv_t HWCryptoHook_RSAImmedPriv; - -/* The RSAImmed* and ModExp* functions may return E_FAILED or - * E_FALLBACK for failure. - * - * E_FAILED means the failure is permanent and definite and there - * should be no attempt to fall back to software. (Eg, for some - * applications, which support only the acceleration-only - * functions, the `key material' may actually be an encoded key - * identifier, and doing the operation in software would give wrong - * answers.) - * - * E_FALLBACK means that doing the computation in software would seem - * reasonable. If an application pays attention to this and is - * able to fall back, it should also set the Fallback init flags. - */ - -typedef -int HWCryptoHook_RSALoadKey_t(HWCryptoHook_ContextHandle hwctx, - const char *key_ident, - HWCryptoHook_RSAKeyHandle *keyhandle_r, - const HWCryptoHook_ErrMsgBuf *errors, - HWCryptoHook_PassphraseContext *ppctx); -extern HWCryptoHook_RSALoadKey_t HWCryptoHook_RSALoadKey; -/* The key_ident is a null-terminated string configured by the - * user via the application's usual configuration mechanisms. - * It is provided to the user by the crypto provider's key management - * system. The user must be able to enter at least any string of between - * 1 and 1023 characters inclusive, consisting of printable 7-bit - * ASCII characters. The provider should avoid using - * any characters except alphanumerics and the punctuation - * characters _ - + . / @ ~ (the user is expected to be able - * to enter these without quoting). The string may be case-sensitive. - * The application may allow the user to enter other NULL-terminated strings, - * and the provider must cope (returning an error if the string is not - * valid). - * - * If the key does not exist, no error is recorded and 0 is returned; - * keyhandle_r will be set to 0 instead of to a key handle. - */ - -typedef -int HWCryptoHook_RSAGetPublicKey_t(HWCryptoHook_RSAKeyHandle k, - HWCryptoHook_MPI *n, - HWCryptoHook_MPI *e, - const HWCryptoHook_ErrMsgBuf *errors); -extern HWCryptoHook_RSAGetPublicKey_t HWCryptoHook_RSAGetPublicKey; -/* The crypto plugin will not store certificates. - * - * Although this function for acquiring the public key value is - * provided, it is not the purpose of this API to deal fully with the - * handling of the public key. - * - * It is expected that the crypto supplier's key generation program - * will provide general facilities for producing X.509 - * self-certificates and certificate requests in PEM format. These - * will be given to the user so that they can configure them in the - * application, send them to CAs, or whatever. - * - * In case this kind of certificate handling is not appropriate, the - * crypto supplier's key generation program should be able to be - * configured not to generate such a self-certificate or certificate - * request. Then the application will need to do all of this, and - * will need to store and handle the public key and certificates - * itself. - */ - -typedef -int HWCryptoHook_RSAUnloadKey_t(HWCryptoHook_RSAKeyHandle k, - const HWCryptoHook_ErrMsgBuf *errors); -extern HWCryptoHook_RSAUnloadKey_t HWCryptoHook_RSAUnloadKey; -/* Might fail due to locking problems, or other serious internal problems. */ - -typedef -int HWCryptoHook_RSA_t(HWCryptoHook_MPI m, - HWCryptoHook_RSAKeyHandle k, - HWCryptoHook_MPI *r, - const HWCryptoHook_ErrMsgBuf *errors); -extern HWCryptoHook_RSA_t HWCryptoHook_RSA; -/* RSA private key operation (sign or decrypt) - raw, unpadded. */ - -#endif /*HWCRYPTOHOOK_H*/ diff --git a/src/lib/libcrypto/engine/vendor_defns/sureware.h b/src/lib/libcrypto/engine/vendor_defns/sureware.h deleted file mode 100644 index 4bc22027f9..0000000000 --- a/src/lib/libcrypto/engine/vendor_defns/sureware.h +++ /dev/null @@ -1,239 +0,0 @@ -/* -* Written by Corinne Dive-Reclus(cdive@baltimore.com) -* -* Copyright@2001 Baltimore Technologies Ltd. -* * -* THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND * -* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * -* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * -* ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE * -* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * -* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * -* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * -* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * -* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * -* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * -* SUCH DAMAGE. * -* -* -*/ -#ifdef WIN32 -#define SW_EXPORT __declspec ( dllexport ) -#else -#define SW_EXPORT -#endif - -/* -* List of exposed SureWare errors -*/ -#define SUREWAREHOOK_ERROR_FAILED -1 -#define SUREWAREHOOK_ERROR_FALLBACK -2 -#define SUREWAREHOOK_ERROR_UNIT_FAILURE -3 -#define SUREWAREHOOK_ERROR_DATA_SIZE -4 -#define SUREWAREHOOK_ERROR_INVALID_PAD -5 -/* -* -----------------WARNING----------------------------------- -* In all the following functions: -* msg is a string with at least 24 bytes free. -* A 24 bytes string will be concatenated to the existing content of msg. -*/ -/* -* SureWare Initialisation function -* in param threadsafe, if !=0, thread safe enabled -* return SureWareHOOK_ERROR_UNIT_FAILURE if failure, 1 if success -*/ -typedef int SureWareHook_Init_t(char*const msg,int threadsafe); -extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init; -/* -* SureWare Finish function -*/ -typedef void SureWareHook_Finish_t(); -extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish; -/* -* PRE_CONDITION: -* DO NOT CALL ANY OF THE FOLLOWING FUNCTIONS IN CASE OF INIT FAILURE -*/ -/* -* SureWare RAND Bytes function -* In case of failure, the content of buf is unpredictable. -* return 1 if success -* SureWareHOOK_ERROR_FALLBACK if function not available in hardware -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* in/out param buf : a num bytes long buffer where random bytes will be put -* in param num : the number of bytes into buf -*/ -typedef int SureWareHook_Rand_Bytes_t(char*const msg,unsigned char *buf, int num); -extern SW_EXPORT SureWareHook_Rand_Bytes_t SureWareHook_Rand_Bytes; - -/* -* SureWare RAND Seed function -* Adds some seed to the Hardware Random Number Generator -* return 1 if success -* SureWareHOOK_ERROR_FALLBACK if function not available in hardware -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* in param buf : the seed to add into the HRNG -* in param num : the number of bytes into buf -*/ -typedef int SureWareHook_Rand_Seed_t(char*const msg,const void *buf, int num); -extern SW_EXPORT SureWareHook_Rand_Seed_t SureWareHook_Rand_Seed; - -/* -* SureWare Load Private Key function -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* No hardware is contact for this function. -* -* in param key_id :the name of the private protected key file without the extension - ".sws" -* out param hptr : a pointer to a buffer allocated by SureWare_Hook -* out param num: the effective key length in bytes -* out param keytype: 1 if RSA 2 if DSA -*/ -typedef int SureWareHook_Load_Privkey_t(char*const msg,const char *key_id,char **hptr,unsigned long *num,char *keytype); -extern SW_EXPORT SureWareHook_Load_Privkey_t SureWareHook_Load_Privkey; - -/* -* SureWare Info Public Key function -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* No hardware is contact for this function. -* -* in param key_id :the name of the private protected key file without the extension - ".swp" -* out param hptr : a pointer to a buffer allocated by SureWare_Hook -* out param num: the effective key length in bytes -* out param keytype: 1 if RSA 2 if DSA -*/ -typedef int SureWareHook_Info_Pubkey_t(char*const msg,const char *key_id,unsigned long *num, - char *keytype); -extern SW_EXPORT SureWareHook_Info_Pubkey_t SureWareHook_Info_Pubkey; - -/* -* SureWare Load Public Key function -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* No hardware is contact for this function. -* -* in param key_id :the name of the public protected key file without the extension - ".swp" -* in param num : the bytes size of n and e -* out param n: where to write modulus in bn format -* out param e: where to write exponent in bn format -*/ -typedef int SureWareHook_Load_Rsa_Pubkey_t(char*const msg,const char *key_id,unsigned long num, - unsigned long *n, unsigned long *e); -extern SW_EXPORT SureWareHook_Load_Rsa_Pubkey_t SureWareHook_Load_Rsa_Pubkey; - -/* -* SureWare Load DSA Public Key function -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* No hardware is contact for this function. -* -* in param key_id :the name of the public protected key file without the extension - ".swp" -* in param num : the bytes size of n and e -* out param pub: where to write pub key in bn format -* out param p: where to write prime in bn format -* out param q: where to write sunprime (length 20 bytes) in bn format -* out param g: where to write base in bn format -*/ -typedef int SureWareHook_Load_Dsa_Pubkey_t(char*const msg,const char *key_id,unsigned long num, - unsigned long *pub, unsigned long *p,unsigned long*q, - unsigned long *g); -extern SW_EXPORT SureWareHook_Load_Dsa_Pubkey_t SureWareHook_Load_Dsa_Pubkey; - -/* -* SureWare Free function -* Destroy the key into the hardware if destroy==1 -*/ -typedef void SureWareHook_Free_t(char *p,int destroy); -extern SW_EXPORT SureWareHook_Free_t SureWareHook_Free; - -#define SUREWARE_PKCS1_PAD 1 -#define SUREWARE_ISO9796_PAD 2 -#define SUREWARE_NO_PAD 0 -/* -* SureWare RSA Private Decryption -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* in param flen : byte size of from and to -* in param from : encrypted data buffer, should be a not-null valid pointer -* out param tlen: byte size of decrypted data, if error, unexpected value -* out param to : decrypted data buffer, should be a not-null valid pointer -* in param prsa: a protected key pointer, should be a not-null valid pointer -* int padding: padding id as follow -* SUREWARE_PKCS1_PAD -* SUREWARE_NO_PAD -* -*/ -typedef int SureWareHook_Rsa_Priv_Dec_t(char*const msg,int flen,unsigned char *from, - int *tlen,unsigned char *to, - char *prsa,int padding); -extern SW_EXPORT SureWareHook_Rsa_Priv_Dec_t SureWareHook_Rsa_Priv_Dec; -/* -* SureWare RSA Signature -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* in param flen : byte size of from and to -* in param from : encrypted data buffer, should be a not-null valid pointer -* out param tlen: byte size of decrypted data, if error, unexpected value -* out param to : decrypted data buffer, should be a not-null valid pointer -* in param prsa: a protected key pointer, should be a not-null valid pointer -* int padding: padding id as follow -* SUREWARE_PKCS1_PAD -* SUREWARE_ISO9796_PAD -* -*/ -typedef int SureWareHook_Rsa_Sign_t(char*const msg,int flen,unsigned char *from, - int *tlen,unsigned char *to, - char *prsa,int padding); -extern SW_EXPORT SureWareHook_Rsa_Sign_t SureWareHook_Rsa_Sign; -/* -* SureWare DSA Signature -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* in param flen : byte size of from and to -* in param from : encrypted data buffer, should be a not-null valid pointer -* out param to : decrypted data buffer, should be a 40bytes valid pointer -* in param pdsa: a protected key pointer, should be a not-null valid pointer -* -*/ -typedef int SureWareHook_Dsa_Sign_t(char*const msg,int flen,const unsigned char *from, - unsigned long *r,unsigned long *s,char *pdsa); -extern SW_EXPORT SureWareHook_Dsa_Sign_t SureWareHook_Dsa_Sign; - - -/* -* SureWare Mod Exp -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* mod and res are mlen bytes long. -* exp is elen bytes long -* data is dlen bytes long -* mlen,elen and dlen are all multiple of sizeof(unsigned long) -*/ -typedef int SureWareHook_Mod_Exp_t(char*const msg,int mlen,const unsigned long *mod, - int elen,const unsigned long *exponent, - int dlen,unsigned long *data, - unsigned long *res); -extern SW_EXPORT SureWareHook_Mod_Exp_t SureWareHook_Mod_Exp; - diff --git a/src/lib/libcrypto/err/Makefile.ssl b/src/lib/libcrypto/err/Makefile.ssl deleted file mode 100644 index b253061d07..0000000000 --- a/src/lib/libcrypto/err/Makefile.ssl +++ /dev/null @@ -1,119 +0,0 @@ -# -# SSLeay/crypto/err/Makefile -# - -DIR= err -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=err.c err_all.c err_prn.c -LIBOBJ=err.o err_all.o err_prn.o - -SRC= $(LIBSRC) - -EXHEADER= err.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -err.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/buffer.h -err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -err.o: ../../include/openssl/symhacks.h ../cryptlib.h err.c -err_all.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -err_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -err_all.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -err_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -err_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -err_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -err_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h -err_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -err_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -err_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -err_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h -err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -err_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem2.h -err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -err_all.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -err_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -err_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -err_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -err_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -err_all.o: ../../include/openssl/x509v3.h err_all.c -err_prn.o: ../../e_os.h ../../include/openssl/bio.h -err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -err_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -err_prn.o: ../cryptlib.h err_prn.c diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c index 292404a2fb..69713a6e2f 100644 --- a/src/lib/libcrypto/err/err.c +++ b/src/lib/libcrypto/err/err.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -119,9 +119,507 @@ #include #include -static unsigned long get_error_values(int inc,int top, - const char **file,int *line, - const char **data,int *flags); +DECLARE_LHASH_OF(ERR_STRING_DATA); +DECLARE_LHASH_OF(ERR_STATE); + +static void err_load_strings(int lib, ERR_STRING_DATA *str); + +static void ERR_STATE_free(ERR_STATE *s); +#ifndef OPENSSL_NO_ERR +static ERR_STRING_DATA ERR_str_libraries[]= + { +{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"}, +{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"}, +{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"}, +{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"}, +{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"}, +{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"}, +{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"}, +{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"}, +{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"}, +{ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"}, +{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"}, +{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"}, +{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"}, +{ERR_PACK(ERR_LIB_CRYPTO,0,0) ,"common libcrypto routines"}, +{ERR_PACK(ERR_LIB_EC,0,0) ,"elliptic curve routines"}, +{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"}, +{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, +{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"}, +{ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"}, +{ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"}, +{ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"}, +{ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, +{ERR_PACK(ERR_LIB_TS,0,0) ,"time stamp routines"}, +{ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, +{ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, +{ERR_PACK(ERR_LIB_FIPS,0,0) ,"FIPS routines"}, +{ERR_PACK(ERR_LIB_CMS,0,0) ,"CMS routines"}, +{ERR_PACK(ERR_LIB_HMAC,0,0) ,"HMAC routines"}, +{0,NULL}, + }; + +static ERR_STRING_DATA ERR_str_functs[]= + { + {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"}, + {ERR_PACK(0,SYS_F_CONNECT,0), "connect"}, + {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"}, + {ERR_PACK(0,SYS_F_SOCKET,0), "socket"}, + {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"}, + {ERR_PACK(0,SYS_F_BIND,0), "bind"}, + {ERR_PACK(0,SYS_F_LISTEN,0), "listen"}, + {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"}, +#ifdef OPENSSL_SYS_WINDOWS + {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"}, +#endif + {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, + {ERR_PACK(0,SYS_F_FREAD,0), "fread"}, + {0,NULL}, + }; + +static ERR_STRING_DATA ERR_str_reasons[]= + { +{ERR_R_SYS_LIB ,"system lib"}, +{ERR_R_BN_LIB ,"BN lib"}, +{ERR_R_RSA_LIB ,"RSA lib"}, +{ERR_R_DH_LIB ,"DH lib"}, +{ERR_R_EVP_LIB ,"EVP lib"}, +{ERR_R_BUF_LIB ,"BUF lib"}, +{ERR_R_OBJ_LIB ,"OBJ lib"}, +{ERR_R_PEM_LIB ,"PEM lib"}, +{ERR_R_DSA_LIB ,"DSA lib"}, +{ERR_R_X509_LIB ,"X509 lib"}, +{ERR_R_ASN1_LIB ,"ASN1 lib"}, +{ERR_R_CONF_LIB ,"CONF lib"}, +{ERR_R_CRYPTO_LIB ,"CRYPTO lib"}, +{ERR_R_EC_LIB ,"EC lib"}, +{ERR_R_SSL_LIB ,"SSL lib"}, +{ERR_R_BIO_LIB ,"BIO lib"}, +{ERR_R_PKCS7_LIB ,"PKCS7 lib"}, +{ERR_R_X509V3_LIB ,"X509V3 lib"}, +{ERR_R_PKCS12_LIB ,"PKCS12 lib"}, +{ERR_R_RAND_LIB ,"RAND lib"}, +{ERR_R_DSO_LIB ,"DSO lib"}, +{ERR_R_ENGINE_LIB ,"ENGINE lib"}, +{ERR_R_OCSP_LIB ,"OCSP lib"}, +{ERR_R_TS_LIB ,"TS lib"}, + +{ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"}, +{ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"}, +{ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"}, +{ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"}, +{ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"}, +{ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"}, + +{ERR_R_FATAL ,"fatal"}, +{ERR_R_MALLOC_FAILURE ,"malloc failure"}, +{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, +{ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, +{ERR_R_INTERNAL_ERROR ,"internal error"}, +{ERR_R_DISABLED ,"called a function that was disabled at compile-time"}, + +{0,NULL}, + }; +#endif + + +/* Define the predeclared (but externally opaque) "ERR_FNS" type */ +struct st_ERR_FNS + { + /* Works on the "error_hash" string table */ + LHASH_OF(ERR_STRING_DATA) *(*cb_err_get)(int create); + void (*cb_err_del)(void); + ERR_STRING_DATA *(*cb_err_get_item)(const ERR_STRING_DATA *); + ERR_STRING_DATA *(*cb_err_set_item)(ERR_STRING_DATA *); + ERR_STRING_DATA *(*cb_err_del_item)(ERR_STRING_DATA *); + /* Works on the "thread_hash" error-state table */ + LHASH_OF(ERR_STATE) *(*cb_thread_get)(int create); + void (*cb_thread_release)(LHASH_OF(ERR_STATE) **hash); + ERR_STATE *(*cb_thread_get_item)(const ERR_STATE *); + ERR_STATE *(*cb_thread_set_item)(ERR_STATE *); + void (*cb_thread_del_item)(const ERR_STATE *); + /* Returns the next available error "library" numbers */ + int (*cb_get_next_lib)(void); + }; + +/* Predeclarations of the "err_defaults" functions */ +static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create); +static void int_err_del(void); +static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *); +static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *); +static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *); +static LHASH_OF(ERR_STATE) *int_thread_get(int create); +static void int_thread_release(LHASH_OF(ERR_STATE) **hash); +static ERR_STATE *int_thread_get_item(const ERR_STATE *); +static ERR_STATE *int_thread_set_item(ERR_STATE *); +static void int_thread_del_item(const ERR_STATE *); +static int int_err_get_next_lib(void); +/* The static ERR_FNS table using these defaults functions */ +static const ERR_FNS err_defaults = + { + int_err_get, + int_err_del, + int_err_get_item, + int_err_set_item, + int_err_del_item, + int_thread_get, + int_thread_release, + int_thread_get_item, + int_thread_set_item, + int_thread_del_item, + int_err_get_next_lib + }; + +/* The replacable table of ERR_FNS functions we use at run-time */ +static const ERR_FNS *err_fns = NULL; + +/* Eg. rather than using "err_get()", use "ERRFN(err_get)()". */ +#define ERRFN(a) err_fns->cb_##a + +/* The internal state used by "err_defaults" - as such, the setting, reading, + * creating, and deleting of this data should only be permitted via the + * "err_defaults" functions. This way, a linked module can completely defer all + * ERR state operation (together with requisite locking) to the implementations + * and state in the loading application. */ +static LHASH_OF(ERR_STRING_DATA) *int_error_hash = NULL; +static LHASH_OF(ERR_STATE) *int_thread_hash = NULL; +static int int_thread_hash_references = 0; +static int int_err_library_number= ERR_LIB_USER; + +/* Internal function that checks whether "err_fns" is set and if not, sets it to + * the defaults. */ +static void err_fns_check(void) + { + if (err_fns) return; + + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + if (!err_fns) + err_fns = &err_defaults; + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + } + +/* API functions to get or set the underlying ERR functions. */ + +const ERR_FNS *ERR_get_implementation(void) + { + err_fns_check(); + return err_fns; + } + +int ERR_set_implementation(const ERR_FNS *fns) + { + int ret = 0; + + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + /* It's too late if 'err_fns' is non-NULL. BTW: not much point setting + * an error is there?! */ + if (!err_fns) + { + err_fns = fns; + ret = 1; + } + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + return ret; + } + +/* These are the callbacks provided to "lh_new()" when creating the LHASH tables + * internal to the "err_defaults" implementation. */ + +static unsigned long get_error_values(int inc,int top,const char **file,int *line, + const char **data,int *flags); + +/* The internal functions used in the "err_defaults" implementation */ + +static unsigned long err_string_data_hash(const ERR_STRING_DATA *a) + { + unsigned long ret,l; + + l=a->error; + ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); + return(ret^ret%19*13); + } +static IMPLEMENT_LHASH_HASH_FN(err_string_data, ERR_STRING_DATA) + +static int err_string_data_cmp(const ERR_STRING_DATA *a, + const ERR_STRING_DATA *b) + { + return (int)(a->error - b->error); + } +static IMPLEMENT_LHASH_COMP_FN(err_string_data, ERR_STRING_DATA) + +static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create) + { + LHASH_OF(ERR_STRING_DATA) *ret = NULL; + + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + if (!int_error_hash && create) + { + CRYPTO_push_info("int_err_get (err.c)"); + int_error_hash = lh_ERR_STRING_DATA_new(); + CRYPTO_pop_info(); + } + if (int_error_hash) + ret = int_error_hash; + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + + return ret; + } + +static void int_err_del(void) + { + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + if (int_error_hash) + { + lh_ERR_STRING_DATA_free(int_error_hash); + int_error_hash = NULL; + } + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + } + +static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d) + { + ERR_STRING_DATA *p; + LHASH_OF(ERR_STRING_DATA) *hash; + + err_fns_check(); + hash = ERRFN(err_get)(0); + if (!hash) + return NULL; + + CRYPTO_r_lock(CRYPTO_LOCK_ERR); + p = lh_ERR_STRING_DATA_retrieve(hash, d); + CRYPTO_r_unlock(CRYPTO_LOCK_ERR); + + return p; + } + +static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d) + { + ERR_STRING_DATA *p; + LHASH_OF(ERR_STRING_DATA) *hash; + + err_fns_check(); + hash = ERRFN(err_get)(1); + if (!hash) + return NULL; + + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + p = lh_ERR_STRING_DATA_insert(hash, d); + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + + return p; + } + +static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d) + { + ERR_STRING_DATA *p; + LHASH_OF(ERR_STRING_DATA) *hash; + + err_fns_check(); + hash = ERRFN(err_get)(0); + if (!hash) + return NULL; + + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + p = lh_ERR_STRING_DATA_delete(hash, d); + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + + return p; + } + +static unsigned long err_state_hash(const ERR_STATE *a) + { + return CRYPTO_THREADID_hash(&a->tid) * 13; + } +static IMPLEMENT_LHASH_HASH_FN(err_state, ERR_STATE) + +static int err_state_cmp(const ERR_STATE *a, const ERR_STATE *b) + { + return CRYPTO_THREADID_cmp(&a->tid, &b->tid); + } +static IMPLEMENT_LHASH_COMP_FN(err_state, ERR_STATE) + +static LHASH_OF(ERR_STATE) *int_thread_get(int create) + { + LHASH_OF(ERR_STATE) *ret = NULL; + + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + if (!int_thread_hash && create) + { + CRYPTO_push_info("int_thread_get (err.c)"); + int_thread_hash = lh_ERR_STATE_new(); + CRYPTO_pop_info(); + } + if (int_thread_hash) + { + int_thread_hash_references++; + ret = int_thread_hash; + } + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + return ret; + } + +static void int_thread_release(LHASH_OF(ERR_STATE) **hash) + { + int i; + + if (hash == NULL || *hash == NULL) + return; + + i = CRYPTO_add(&int_thread_hash_references, -1, CRYPTO_LOCK_ERR); + +#ifdef REF_PRINT + fprintf(stderr,"%4d:%s\n",int_thread_hash_references,"ERR"); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"int_thread_release, bad reference count\n"); + abort(); /* ok */ + } +#endif + *hash = NULL; + } + +static ERR_STATE *int_thread_get_item(const ERR_STATE *d) + { + ERR_STATE *p; + LHASH_OF(ERR_STATE) *hash; + + err_fns_check(); + hash = ERRFN(thread_get)(0); + if (!hash) + return NULL; + + CRYPTO_r_lock(CRYPTO_LOCK_ERR); + p = lh_ERR_STATE_retrieve(hash, d); + CRYPTO_r_unlock(CRYPTO_LOCK_ERR); + + ERRFN(thread_release)(&hash); + return p; + } + +static ERR_STATE *int_thread_set_item(ERR_STATE *d) + { + ERR_STATE *p; + LHASH_OF(ERR_STATE) *hash; + + err_fns_check(); + hash = ERRFN(thread_get)(1); + if (!hash) + return NULL; + + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + p = lh_ERR_STATE_insert(hash, d); + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + + ERRFN(thread_release)(&hash); + return p; + } + +static void int_thread_del_item(const ERR_STATE *d) + { + ERR_STATE *p; + LHASH_OF(ERR_STATE) *hash; + + err_fns_check(); + hash = ERRFN(thread_get)(0); + if (!hash) + return; + + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + p = lh_ERR_STATE_delete(hash, d); + /* make sure we don't leak memory */ + if (int_thread_hash_references == 1 + && int_thread_hash && lh_ERR_STATE_num_items(int_thread_hash) == 0) + { + lh_ERR_STATE_free(int_thread_hash); + int_thread_hash = NULL; + } + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + + ERRFN(thread_release)(&hash); + if (p) + ERR_STATE_free(p); + } + +static int int_err_get_next_lib(void) + { + int ret; + + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + ret = int_err_library_number++; + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + + return ret; + } + + +#ifndef OPENSSL_NO_ERR +#define NUM_SYS_STR_REASONS 127 +#define LEN_SYS_STR_REASON 32 + +static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; +/* SYS_str_reasons is filled with copies of strerror() results at + * initialization. + * 'errno' values up to 127 should cover all usual errors, + * others will be displayed numerically by ERR_error_string. + * It is crucial that we have something for each reason code + * that occurs in ERR_str_reasons, or bogus reason strings + * will be returned for SYSerr(), which always gets an errno + * value and never one of those 'standard' reason codes. */ + +static void build_SYS_str_reasons(void) + { + /* OPENSSL_malloc cannot be used here, use static storage instead */ + static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; + int i; + static int init = 1; + + CRYPTO_r_lock(CRYPTO_LOCK_ERR); + if (!init) + { + CRYPTO_r_unlock(CRYPTO_LOCK_ERR); + return; + } + + CRYPTO_r_unlock(CRYPTO_LOCK_ERR); + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + if (!init) + { + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + return; + } + + for (i = 1; i <= NUM_SYS_STR_REASONS; i++) + { + ERR_STRING_DATA *str = &SYS_str_reasons[i - 1]; + + str->error = (unsigned long)i; + if (str->string == NULL) + { + char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]); + char *src = strerror(i); + if (src != NULL) + { + strncpy(*dest, src, sizeof *dest); + (*dest)[sizeof *dest - 1] = '\0'; + str->string = *dest; + } + } + if (str->string == NULL) + str->string = "unknown"; + } + + /* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, + * as required by ERR_load_strings. */ + + init = 0; + + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + } +#endif #define err_clear_data(p,i) \ do { \ @@ -143,6 +641,68 @@ static unsigned long get_error_values(int inc,int top, (p)->err_line[i]= -1; \ } while(0) +static void ERR_STATE_free(ERR_STATE *s) + { + int i; + + if (s == NULL) + return; + + for (i=0; ierror) + { + if (lib) + str->error|=ERR_PACK(lib,0,0); + ERRFN(err_set_item)(str); + str++; + } + } + +void ERR_load_strings(int lib, ERR_STRING_DATA *str) + { + ERR_load_ERR_strings(); + err_load_strings(lib, str); + } + +void ERR_unload_strings(int lib, ERR_STRING_DATA *str) + { + while (str->error) + { + if (lib) + str->error|=ERR_PACK(lib,0,0); + ERRFN(err_del_item)(str); + str++; + } + } + +void ERR_free_strings(void) + { + err_fns_check(); + ERRFN(err_del)(); + } + +/********************************************************/ + void ERR_put_error(int lib, int func, int reason, const char *file, int line) { @@ -297,6 +857,196 @@ static unsigned long get_error_values(int inc, int top, const char **file, int * return ret; } +void ERR_error_string_n(unsigned long e, char *buf, size_t len) + { + char lsbuf[64], fsbuf[64], rsbuf[64]; + const char *ls,*fs,*rs; + unsigned long l,f,r; + + l=ERR_GET_LIB(e); + f=ERR_GET_FUNC(e); + r=ERR_GET_REASON(e); + + ls=ERR_lib_error_string(e); + fs=ERR_func_error_string(e); + rs=ERR_reason_error_string(e); + + if (ls == NULL) + BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); + if (fs == NULL) + BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); + if (rs == NULL) + BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); + + BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf, + fs?fs:fsbuf, rs?rs:rsbuf); + if (strlen(buf) == len-1) + { + /* output may be truncated; make sure we always have 5 + * colon-separated fields, i.e. 4 colons ... */ +#define NUM_COLONS 4 + if (len > NUM_COLONS) /* ... if possible */ + { + int i; + char *s = buf; + + for (i = 0; i < NUM_COLONS; i++) + { + char *colon = strchr(s, ':'); + if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i) + { + /* set colon no. i at last possible position + * (buf[len-1] is the terminating 0)*/ + colon = &buf[len-1] - NUM_COLONS + i; + *colon = ':'; + } + s = colon + 1; + } + } + } + } + +/* BAD for multi-threading: uses a local buffer if ret == NULL */ +/* ERR_error_string_n should be used instead for ret != NULL + * as ERR_error_string cannot know how large the buffer is */ +char *ERR_error_string(unsigned long e, char *ret) + { + static char buf[256]; + + if (ret == NULL) ret=buf; + ERR_error_string_n(e, ret, 256); + + return ret; + } + +LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void) + { + err_fns_check(); + return ERRFN(err_get)(0); + } + +LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void) + { + err_fns_check(); + return ERRFN(thread_get)(0); + } + +void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash) + { + err_fns_check(); + ERRFN(thread_release)(hash); + } + +const char *ERR_lib_error_string(unsigned long e) + { + ERR_STRING_DATA d,*p; + unsigned long l; + + err_fns_check(); + l=ERR_GET_LIB(e); + d.error=ERR_PACK(l,0,0); + p=ERRFN(err_get_item)(&d); + return((p == NULL)?NULL:p->string); + } + +const char *ERR_func_error_string(unsigned long e) + { + ERR_STRING_DATA d,*p; + unsigned long l,f; + + err_fns_check(); + l=ERR_GET_LIB(e); + f=ERR_GET_FUNC(e); + d.error=ERR_PACK(l,f,0); + p=ERRFN(err_get_item)(&d); + return((p == NULL)?NULL:p->string); + } + +const char *ERR_reason_error_string(unsigned long e) + { + ERR_STRING_DATA d,*p=NULL; + unsigned long l,r; + + err_fns_check(); + l=ERR_GET_LIB(e); + r=ERR_GET_REASON(e); + d.error=ERR_PACK(l,0,r); + p=ERRFN(err_get_item)(&d); + if (!p) + { + d.error=ERR_PACK(0,0,r); + p=ERRFN(err_get_item)(&d); + } + return((p == NULL)?NULL:p->string); + } + +void ERR_remove_thread_state(const CRYPTO_THREADID *id) + { + ERR_STATE tmp; + + if (id) + CRYPTO_THREADID_cpy(&tmp.tid, id); + else + CRYPTO_THREADID_current(&tmp.tid); + err_fns_check(); + /* thread_del_item automatically destroys the LHASH if the number of + * items reaches zero. */ + ERRFN(thread_del_item)(&tmp); + } + +#ifndef OPENSSL_NO_DEPRECATED +void ERR_remove_state(unsigned long pid) + { + ERR_remove_thread_state(NULL); + } +#endif + +ERR_STATE *ERR_get_state(void) + { + static ERR_STATE fallback; + ERR_STATE *ret,tmp,*tmpp=NULL; + int i; + CRYPTO_THREADID tid; + + err_fns_check(); + CRYPTO_THREADID_current(&tid); + CRYPTO_THREADID_cpy(&tmp.tid, &tid); + ret=ERRFN(thread_get_item)(&tmp); + + /* ret == the error state, if NULL, make a new one */ + if (ret == NULL) + { + ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE)); + if (ret == NULL) return(&fallback); + CRYPTO_THREADID_cpy(&ret->tid, &tid); + ret->top=0; + ret->bottom=0; + for (i=0; ierr_data[i]=NULL; + ret->err_data_flags[i]=0; + } + tmpp = ERRFN(thread_set_item)(ret); + /* To check if insertion failed, do a get. */ + if (ERRFN(thread_get_item)(ret) != ret) + { + ERR_STATE_free(ret); /* could not insert it */ + return(&fallback); + } + /* If a race occured in this function and we came second, tmpp + * is the first one that we just replaced. */ + if (tmpp) + ERR_STATE_free(tmpp); + } + return ret; + } + +int ERR_get_next_error_library(void) + { + err_fns_check(); + return ERRFN(get_next_lib)(); + } + void ERR_set_error_data(char *data, int flags) { ERR_STATE *es; @@ -383,34 +1133,3 @@ int ERR_pop_to_mark(void) es->err_flags[es->top]&=~ERR_FLAG_MARK; return 1; } - -#ifdef OPENSSL_FIPS - -static ERR_STATE *fget_state(void) - { - static ERR_STATE fstate; - return &fstate; - } - -ERR_STATE *(*get_state_func)(void) = fget_state; -void (*remove_state_func)(unsigned long pid); - -ERR_STATE *ERR_get_state(void) - { - return get_state_func(); - } - -void int_ERR_set_state_func(ERR_STATE *(*get_func)(void), - void (*remove_func)(unsigned long pid)) - { - get_state_func = get_func; - remove_state_func = remove_func; - } - -void ERR_remove_state(unsigned long pid) - { - if (remove_state_func) - remove_state_func(pid); - } - -#endif diff --git a/src/lib/libcrypto/err/err.h b/src/lib/libcrypto/err/err.h index dcac415231..b9f8c16d47 100644 --- a/src/lib/libcrypto/err/err.h +++ b/src/lib/libcrypto/err/err.h @@ -55,6 +55,59 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ #ifndef HEADER_ERR_H #define HEADER_ERR_H @@ -94,7 +147,7 @@ extern "C" { #define ERR_NUM_ERRORS 16 typedef struct err_state_st { - unsigned long pid; + CRYPTO_THREADID tid; int err_flags[ERR_NUM_ERRORS]; unsigned long err_buffer[ERR_NUM_ERRORS]; char *err_data[ERR_NUM_ERRORS]; @@ -142,7 +195,9 @@ typedef struct err_state_st #define ERR_LIB_STORE 44 #define ERR_LIB_FIPS 45 #define ERR_LIB_CMS 46 -#define ERR_LIB_JPAKE 47 +#define ERR_LIB_TS 47 +#define ERR_LIB_HMAC 48 +#define ERR_LIB_JPAKE 49 #define ERR_LIB_USER 128 @@ -176,6 +231,8 @@ typedef struct err_state_st #define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__) #define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__) #define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__) +#define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__) +#define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__) #define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__) /* Borland C seems too stupid to be able to shift and do longs in @@ -232,6 +289,7 @@ typedef struct err_state_st #define ERR_R_ECDSA_LIB ERR_LIB_ECDSA /* 42 */ #define ERR_R_ECDH_LIB ERR_LIB_ECDH /* 43 */ #define ERR_R_STORE_LIB ERR_LIB_STORE /* 44 */ +#define ERR_R_TS_LIB ERR_LIB_TS /* 45 */ #define ERR_R_NESTED_ASN1_ERROR 58 #define ERR_R_BAD_ASN1_OBJECT_HEADER 59 @@ -294,13 +352,16 @@ void ERR_load_ERR_strings(void); void ERR_load_crypto_strings(void); void ERR_free_strings(void); +void ERR_remove_thread_state(const CRYPTO_THREADID *tid); +#ifndef OPENSSL_NO_DEPRECATED void ERR_remove_state(unsigned long pid); /* if zero we look it up */ +#endif ERR_STATE *ERR_get_state(void); #ifndef OPENSSL_NO_LHASH -LHASH *ERR_get_string_table(void); -LHASH *ERR_get_err_state_table(void); -void ERR_release_err_state_table(LHASH **hash); +LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void); +LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void); +void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash); #endif int ERR_get_next_error_library(void); @@ -308,12 +369,6 @@ int ERR_get_next_error_library(void); int ERR_set_mark(void); int ERR_pop_to_mark(void); -#ifdef OPENSSL_FIPS -void int_ERR_set_state_func(ERR_STATE *(*get_func)(void), - void (*remove_func)(unsigned long pid)); -void int_ERR_lib_init(void); -#endif - /* Already defined in ossl_typ.h */ /* typedef struct st_ERR_FNS ERR_FNS; */ /* An application can use this function and provide the return value to loaded diff --git a/src/lib/libcrypto/err/err_all.c b/src/lib/libcrypto/err/err_all.c index f21a5276ed..fc049e8e88 100644 --- a/src/lib/libcrypto/err/err_all.c +++ b/src/lib/libcrypto/err/err_all.c @@ -64,6 +64,7 @@ #endif #include #include +#include #ifndef OPENSSL_NO_RSA #include #endif @@ -94,16 +95,14 @@ #include #include #include -#ifdef OPENSSL_FIPS -#include -#endif - +#include #ifndef OPENSSL_NO_CMS #include #endif #ifndef OPENSSL_NO_JPAKE #include #endif +#include void ERR_load_crypto_strings(void) { @@ -127,6 +126,7 @@ void ERR_load_crypto_strings(void) ERR_load_ASN1_strings(); ERR_load_CONF_strings(); ERR_load_CRYPTO_strings(); + ERR_load_COMP_strings(); #ifndef OPENSSL_NO_EC ERR_load_EC_strings(); #endif @@ -143,19 +143,18 @@ void ERR_load_crypto_strings(void) ERR_load_PKCS12_strings(); ERR_load_RAND_strings(); ERR_load_DSO_strings(); + ERR_load_TS_strings(); #ifndef OPENSSL_NO_ENGINE ERR_load_ENGINE_strings(); #endif ERR_load_OCSP_strings(); ERR_load_UI_strings(); -#ifdef OPENSSL_FIPS - ERR_load_FIPS_strings(); -#endif #ifndef OPENSSL_NO_CMS ERR_load_CMS_strings(); #endif #ifndef OPENSSL_NO_JPAKE ERR_load_JPAKE_strings(); #endif + ERR_load_COMP_strings(); #endif } diff --git a/src/lib/libcrypto/err/err_bio.c b/src/lib/libcrypto/err/err_bio.c deleted file mode 100644 index a42f804840..0000000000 --- a/src/lib/libcrypto/err/err_bio.c +++ /dev/null @@ -1,75 +0,0 @@ -/* crypto/err/err_prn.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -static int print_bio(const char *str, size_t len, void *bp) - { - return BIO_write((BIO *)bp, str, len); - } -void ERR_print_errors(BIO *bp) - { - ERR_print_errors_cb(print_bio, bp); - } - - diff --git a/src/lib/libcrypto/err/err_def.c b/src/lib/libcrypto/err/err_def.c deleted file mode 100644 index 7ed3d84955..0000000000 --- a/src/lib/libcrypto/err/err_def.c +++ /dev/null @@ -1,665 +0,0 @@ -/* crypto/err/err_def.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -#define err_clear_data(p,i) \ - do { \ - if (((p)->err_data[i] != NULL) && \ - (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ - { \ - OPENSSL_free((p)->err_data[i]); \ - (p)->err_data[i]=NULL; \ - } \ - (p)->err_data_flags[i]=0; \ - } while(0) - -#define err_clear(p,i) \ - do { \ - (p)->err_flags[i]=0; \ - (p)->err_buffer[i]=0; \ - err_clear_data(p,i); \ - (p)->err_file[i]=NULL; \ - (p)->err_line[i]= -1; \ - } while(0) - -static void err_load_strings(int lib, ERR_STRING_DATA *str); - -static void ERR_STATE_free(ERR_STATE *s); - -/* Define the predeclared (but externally opaque) "ERR_FNS" type */ -struct st_ERR_FNS - { - /* Works on the "error_hash" string table */ - LHASH *(*cb_err_get)(int create); - void (*cb_err_del)(void); - ERR_STRING_DATA *(*cb_err_get_item)(const ERR_STRING_DATA *); - ERR_STRING_DATA *(*cb_err_set_item)(ERR_STRING_DATA *); - ERR_STRING_DATA *(*cb_err_del_item)(ERR_STRING_DATA *); - /* Works on the "thread_hash" error-state table */ - LHASH *(*cb_thread_get)(int create); - void (*cb_thread_release)(LHASH **hash); - ERR_STATE *(*cb_thread_get_item)(const ERR_STATE *); - ERR_STATE *(*cb_thread_set_item)(ERR_STATE *); - void (*cb_thread_del_item)(const ERR_STATE *); - /* Returns the next available error "library" numbers */ - int (*cb_get_next_lib)(void); - }; - -/* Predeclarations of the "err_defaults" functions */ -static LHASH *int_err_get(int create); -static void int_err_del(void); -static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *); -static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *); -static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *); -static LHASH *int_thread_get(int create); -static void int_thread_release(LHASH **hash); -static ERR_STATE *int_thread_get_item(const ERR_STATE *); -static ERR_STATE *int_thread_set_item(ERR_STATE *); -static void int_thread_del_item(const ERR_STATE *); -static int int_err_get_next_lib(void); -/* The static ERR_FNS table using these defaults functions */ -static const ERR_FNS err_defaults = - { - int_err_get, - int_err_del, - int_err_get_item, - int_err_set_item, - int_err_del_item, - int_thread_get, - int_thread_release, - int_thread_get_item, - int_thread_set_item, - int_thread_del_item, - int_err_get_next_lib - }; - -/* The replacable table of ERR_FNS functions we use at run-time */ -static const ERR_FNS *err_fns = NULL; - -/* Eg. rather than using "err_get()", use "ERRFN(err_get)()". */ -#define ERRFN(a) err_fns->cb_##a - -/* The internal state used by "err_defaults" - as such, the setting, reading, - * creating, and deleting of this data should only be permitted via the - * "err_defaults" functions. This way, a linked module can completely defer all - * ERR state operation (together with requisite locking) to the implementations - * and state in the loading application. */ -static LHASH *int_error_hash = NULL; -static LHASH *int_thread_hash = NULL; -static int int_thread_hash_references = 0; -static int int_err_library_number= ERR_LIB_USER; - -/* Internal function that checks whether "err_fns" is set and if not, sets it to - * the defaults. */ -static void err_fns_check(void) - { - if (err_fns) return; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!err_fns) - err_fns = &err_defaults; - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - } - -/* API functions to get or set the underlying ERR functions. */ - -const ERR_FNS *ERR_get_implementation(void) - { - err_fns_check(); - return err_fns; - } - -int ERR_set_implementation(const ERR_FNS *fns) - { - int ret = 0; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - /* It's too late if 'err_fns' is non-NULL. BTW: not much point setting - * an error is there?! */ - if (!err_fns) - { - err_fns = fns; - ret = 1; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - return ret; - } - -/* These are the callbacks provided to "lh_new()" when creating the LHASH tables - * internal to the "err_defaults" implementation. */ - -/* static unsigned long err_hash(ERR_STRING_DATA *a); */ -static unsigned long err_hash(const void *a_void); -/* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b); */ -static int err_cmp(const void *a_void, const void *b_void); -/* static unsigned long pid_hash(ERR_STATE *pid); */ -static unsigned long pid_hash(const void *pid_void); -/* static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); */ -static int pid_cmp(const void *a_void,const void *pid_void); - -/* The internal functions used in the "err_defaults" implementation */ - -static LHASH *int_err_get(int create) - { - LHASH *ret = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!int_error_hash && create) - { - CRYPTO_push_info("int_err_get (err.c)"); - int_error_hash = lh_new(err_hash, err_cmp); - CRYPTO_pop_info(); - } - if (int_error_hash) - ret = int_error_hash; - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return ret; - } - -static void int_err_del(void) - { - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (int_error_hash) - { - lh_free(int_error_hash); - int_error_hash = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - } - -static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d) - { - ERR_STRING_DATA *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(err_get)(0); - if (!hash) - return NULL; - - CRYPTO_r_lock(CRYPTO_LOCK_ERR); - p = (ERR_STRING_DATA *)lh_retrieve(hash, d); - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - - return p; - } - -static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d) - { - ERR_STRING_DATA *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(err_get)(1); - if (!hash) - return NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = (ERR_STRING_DATA *)lh_insert(hash, d); - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return p; - } - -static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d) - { - ERR_STRING_DATA *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(err_get)(0); - if (!hash) - return NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = (ERR_STRING_DATA *)lh_delete(hash, d); - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return p; - } - -static LHASH *int_thread_get(int create) - { - LHASH *ret = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!int_thread_hash && create) - { - CRYPTO_push_info("int_thread_get (err.c)"); - int_thread_hash = lh_new(pid_hash, pid_cmp); - CRYPTO_pop_info(); - } - if (int_thread_hash) - { - int_thread_hash_references++; - ret = int_thread_hash; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - return ret; - } - -static void int_thread_release(LHASH **hash) - { - int i; - - if (hash == NULL || *hash == NULL) - return; - - i = CRYPTO_add(&int_thread_hash_references, -1, CRYPTO_LOCK_ERR); - -#ifdef REF_PRINT - fprintf(stderr,"%4d:%s\n",int_thread_hash_references,"ERR"); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"int_thread_release, bad reference count\n"); - abort(); /* ok */ - } -#endif - *hash = NULL; - } - -static ERR_STATE *int_thread_get_item(const ERR_STATE *d) - { - ERR_STATE *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(thread_get)(0); - if (!hash) - return NULL; - - CRYPTO_r_lock(CRYPTO_LOCK_ERR); - p = (ERR_STATE *)lh_retrieve(hash, d); - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - - ERRFN(thread_release)(&hash); - return p; - } - -static ERR_STATE *int_thread_set_item(ERR_STATE *d) - { - ERR_STATE *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(thread_get)(1); - if (!hash) - return NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = (ERR_STATE *)lh_insert(hash, d); - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - ERRFN(thread_release)(&hash); - return p; - } - -static void int_thread_del_item(const ERR_STATE *d) - { - ERR_STATE *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(thread_get)(0); - if (!hash) - return; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = (ERR_STATE *)lh_delete(hash, d); - /* make sure we don't leak memory */ - if (int_thread_hash_references == 1 - && int_thread_hash && (lh_num_items(int_thread_hash) == 0)) - { - lh_free(int_thread_hash); - int_thread_hash = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - ERRFN(thread_release)(&hash); - if (p) - ERR_STATE_free(p); - } - -static int int_err_get_next_lib(void) - { - int ret; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - ret = int_err_library_number++; - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return ret; - } - -static void ERR_STATE_free(ERR_STATE *s) - { - int i; - - if (s == NULL) - return; - - for (i=0; ierror) - { - if (lib) - str->error|=ERR_PACK(lib,0,0); - ERRFN(err_set_item)(str); - str++; - } - } - -void ERR_load_strings(int lib, ERR_STRING_DATA *str) - { - err_fns_check(); - err_load_strings(lib, str); - } - -void ERR_unload_strings(int lib, ERR_STRING_DATA *str) - { - while (str->error) - { - if (lib) - str->error|=ERR_PACK(lib,0,0); - ERRFN(err_del_item)(str); - str++; - } - } - -void ERR_free_strings(void) - { - err_fns_check(); - ERRFN(err_del)(); - } - -LHASH *ERR_get_string_table(void) - { - err_fns_check(); - return ERRFN(err_get)(0); - } - -LHASH *ERR_get_err_state_table(void) - { - err_fns_check(); - return ERRFN(thread_get)(0); - } - -void ERR_release_err_state_table(LHASH **hash) - { - err_fns_check(); - ERRFN(thread_release)(hash); - } - -const char *ERR_lib_error_string(unsigned long e) - { - ERR_STRING_DATA d,*p; - unsigned long l; - - err_fns_check(); - l=ERR_GET_LIB(e); - d.error=ERR_PACK(l,0,0); - p=ERRFN(err_get_item)(&d); - return((p == NULL)?NULL:p->string); - } - -const char *ERR_func_error_string(unsigned long e) - { - ERR_STRING_DATA d,*p; - unsigned long l,f; - - err_fns_check(); - l=ERR_GET_LIB(e); - f=ERR_GET_FUNC(e); - d.error=ERR_PACK(l,f,0); - p=ERRFN(err_get_item)(&d); - return((p == NULL)?NULL:p->string); - } - -const char *ERR_reason_error_string(unsigned long e) - { - ERR_STRING_DATA d,*p=NULL; - unsigned long l,r; - - err_fns_check(); - l=ERR_GET_LIB(e); - r=ERR_GET_REASON(e); - d.error=ERR_PACK(l,0,r); - p=ERRFN(err_get_item)(&d); - if (!p) - { - d.error=ERR_PACK(0,0,r); - p=ERRFN(err_get_item)(&d); - } - return((p == NULL)?NULL:p->string); - } - -/* static unsigned long err_hash(ERR_STRING_DATA *a) */ -static unsigned long err_hash(const void *a_void) - { - unsigned long ret,l; - - l=((const ERR_STRING_DATA *)a_void)->error; - ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); - return(ret^ret%19*13); - } - -/* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b) */ -static int err_cmp(const void *a_void, const void *b_void) - { - return((int)(((const ERR_STRING_DATA *)a_void)->error - - ((const ERR_STRING_DATA *)b_void)->error)); - } - -/* static unsigned long pid_hash(ERR_STATE *a) */ -static unsigned long pid_hash(const void *a_void) - { - return(((const ERR_STATE *)a_void)->pid*13); - } - -/* static int pid_cmp(ERR_STATE *a, ERR_STATE *b) */ -static int pid_cmp(const void *a_void, const void *b_void) - { - return((int)((long)((const ERR_STATE *)a_void)->pid - - (long)((const ERR_STATE *)b_void)->pid)); - } -#ifdef OPENSSL_FIPS -static void int_err_remove_state(unsigned long pid) -#else -void ERR_remove_state(unsigned long pid) -#endif - { - ERR_STATE tmp; - - err_fns_check(); - if (pid == 0) - pid=(unsigned long)CRYPTO_thread_id(); - tmp.pid=pid; - /* thread_del_item automatically destroys the LHASH if the number of - * items reaches zero. */ - ERRFN(thread_del_item)(&tmp); - } - -#ifdef OPENSSL_FIPS - static ERR_STATE *int_err_get_state(void) -#else -ERR_STATE *ERR_get_state(void) -#endif - { - static ERR_STATE fallback; - ERR_STATE *ret,tmp,*tmpp=NULL; - int i; - unsigned long pid; - - err_fns_check(); - pid=(unsigned long)CRYPTO_thread_id(); - tmp.pid=pid; - ret=ERRFN(thread_get_item)(&tmp); - - /* ret == the error state, if NULL, make a new one */ - if (ret == NULL) - { - ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE)); - if (ret == NULL) return(&fallback); - ret->pid=pid; - ret->top=0; - ret->bottom=0; - for (i=0; ierr_data[i]=NULL; - ret->err_data_flags[i]=0; - } - tmpp = ERRFN(thread_set_item)(ret); - /* To check if insertion failed, do a get. */ - if (ERRFN(thread_get_item)(ret) != ret) - { - ERR_STATE_free(ret); /* could not insert it */ - return(&fallback); - } - /* If a race occured in this function and we came second, tmpp - * is the first one that we just replaced. */ - if (tmpp) - ERR_STATE_free(tmpp); - } - return ret; - } - -#ifdef OPENSSL_FIPS -void int_ERR_lib_init(void) - { - int_ERR_set_state_func(int_err_get_state, int_err_remove_state); - } -#endif - -int ERR_get_next_error_library(void) - { - err_fns_check(); - return ERRFN(get_next_lib)(); - } diff --git a/src/lib/libcrypto/err/err_prn.c b/src/lib/libcrypto/err/err_prn.c index 4cdf342fa6..a0168ac8ed 100644 --- a/src/lib/libcrypto/err/err_prn.c +++ b/src/lib/libcrypto/err/err_prn.c @@ -72,21 +72,29 @@ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), const char *file,*data; int line,flags; unsigned long es; + CRYPTO_THREADID cur; - es=CRYPTO_thread_id(); + CRYPTO_THREADID_current(&cur); + es=CRYPTO_THREADID_hash(&cur); while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0) { ERR_error_string_n(l, buf, sizeof buf); BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf, file, line, (flags & ERR_TXT_STRING) ? data : ""); - cb(buf2, strlen(buf2), u); + if (cb(buf2, strlen(buf2), u) <= 0) + break; /* abort outputting the error report */ } } #ifndef OPENSSL_NO_FP_API static int print_fp(const char *str, size_t len, void *fp) { - return fwrite(str, 1, len, fp); + BIO bio; + + BIO_set(&bio,BIO_s_file()); + BIO_set_fp(&bio,fp,BIO_NOCLOSE); + + return BIO_printf(&bio, "%s", str); } void ERR_print_errors_fp(FILE *fp) { @@ -94,64 +102,13 @@ void ERR_print_errors_fp(FILE *fp) } #endif -void ERR_error_string_n(unsigned long e, char *buf, size_t len) +static int print_bio(const char *str, size_t len, void *bp) { - char lsbuf[64], fsbuf[64], rsbuf[64]; - const char *ls,*fs,*rs; - unsigned long l,f,r; - - l=ERR_GET_LIB(e); - f=ERR_GET_FUNC(e); - r=ERR_GET_REASON(e); - - ls=ERR_lib_error_string(e); - fs=ERR_func_error_string(e); - rs=ERR_reason_error_string(e); - - if (ls == NULL) - BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); - if (fs == NULL) - BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); - if (rs == NULL) - BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); - - BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf, - fs?fs:fsbuf, rs?rs:rsbuf); - if (strlen(buf) == len-1) - { - /* output may be truncated; make sure we always have 5 - * colon-separated fields, i.e. 4 colons ... */ -#define NUM_COLONS 4 - if (len > NUM_COLONS) /* ... if possible */ - { - int i; - char *s = buf; - - for (i = 0; i < NUM_COLONS; i++) - { - char *colon = strchr(s, ':'); - if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i) - { - /* set colon no. i at last possible position - * (buf[len-1] is the terminating 0)*/ - colon = &buf[len-1] - NUM_COLONS + i; - *colon = ':'; - } - s = colon + 1; - } - } - } + return BIO_write((BIO *)bp, str, len); } - -/* BAD for multi-threading: uses a local buffer if ret == NULL */ -/* ERR_error_string_n should be used instead for ret != NULL - * as ERR_error_string cannot know how large the buffer is */ -char *ERR_error_string(unsigned long e, char *ret) +void ERR_print_errors(BIO *bp) { - static char buf[256]; - - if (ret == NULL) ret=buf; - ERR_error_string_n(e, ret, 256); - - return ret; + ERR_print_errors_cb(print_bio, bp); } + + diff --git a/src/lib/libcrypto/err/err_str.c b/src/lib/libcrypto/err/err_str.c deleted file mode 100644 index d39040888d..0000000000 --- a/src/lib/libcrypto/err/err_str.c +++ /dev/null @@ -1,295 +0,0 @@ -/* crypto/err/err_str.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA ERR_str_libraries[]= - { -{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"}, -{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"}, -{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"}, -{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"}, -{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"}, -{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"}, -{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"}, -{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"}, -{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"}, -{ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"}, -{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"}, -{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"}, -{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"}, -{ERR_PACK(ERR_LIB_CRYPTO,0,0) ,"common libcrypto routines"}, -{ERR_PACK(ERR_LIB_EC,0,0) ,"elliptic curve routines"}, -{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"}, -{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, -{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"}, -{ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"}, -{ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"}, -{ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"}, -{ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, -{ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, -{ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, -{ERR_PACK(ERR_LIB_FIPS,0,0) ,"FIPS routines"}, -{ERR_PACK(ERR_LIB_CMS,0,0) ,"CMS routines"}, -{ERR_PACK(ERR_LIB_JPAKE,0,0) ,"JPAKE routines"}, -{0,NULL}, - }; - -static ERR_STRING_DATA ERR_str_functs[]= - { - {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"}, - {ERR_PACK(0,SYS_F_CONNECT,0), "connect"}, - {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"}, - {ERR_PACK(0,SYS_F_SOCKET,0), "socket"}, - {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"}, - {ERR_PACK(0,SYS_F_BIND,0), "bind"}, - {ERR_PACK(0,SYS_F_LISTEN,0), "listen"}, - {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"}, -#ifdef OPENSSL_SYS_WINDOWS - {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"}, -#endif - {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, - {ERR_PACK(0,SYS_F_FREAD,0), "fread"}, - {0,NULL}, - }; - -static ERR_STRING_DATA ERR_str_reasons[]= - { -{ERR_R_SYS_LIB ,"system lib"}, -{ERR_R_BN_LIB ,"BN lib"}, -{ERR_R_RSA_LIB ,"RSA lib"}, -{ERR_R_DH_LIB ,"DH lib"}, -{ERR_R_EVP_LIB ,"EVP lib"}, -{ERR_R_BUF_LIB ,"BUF lib"}, -{ERR_R_OBJ_LIB ,"OBJ lib"}, -{ERR_R_PEM_LIB ,"PEM lib"}, -{ERR_R_DSA_LIB ,"DSA lib"}, -{ERR_R_X509_LIB ,"X509 lib"}, -{ERR_R_ASN1_LIB ,"ASN1 lib"}, -{ERR_R_CONF_LIB ,"CONF lib"}, -{ERR_R_CRYPTO_LIB ,"CRYPTO lib"}, -{ERR_R_EC_LIB ,"EC lib"}, -{ERR_R_SSL_LIB ,"SSL lib"}, -{ERR_R_BIO_LIB ,"BIO lib"}, -{ERR_R_PKCS7_LIB ,"PKCS7 lib"}, -{ERR_R_X509V3_LIB ,"X509V3 lib"}, -{ERR_R_PKCS12_LIB ,"PKCS12 lib"}, -{ERR_R_RAND_LIB ,"RAND lib"}, -{ERR_R_DSO_LIB ,"DSO lib"}, -{ERR_R_ENGINE_LIB ,"ENGINE lib"}, -{ERR_R_OCSP_LIB ,"OCSP lib"}, - -{ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"}, -{ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"}, -{ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"}, -{ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"}, -{ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"}, -{ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"}, - -{ERR_R_FATAL ,"fatal"}, -{ERR_R_MALLOC_FAILURE ,"malloc failure"}, -{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, -{ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, -{ERR_R_INTERNAL_ERROR ,"internal error"}, -{ERR_R_DISABLED ,"called a function that was disabled at compile-time"}, - -{0,NULL}, - }; -#endif - -#ifndef OPENSSL_NO_ERR -#define NUM_SYS_STR_REASONS 127 -#define LEN_SYS_STR_REASON 32 - -static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; -/* SYS_str_reasons is filled with copies of strerror() results at - * initialization. - * 'errno' values up to 127 should cover all usual errors, - * others will be displayed numerically by ERR_error_string. - * It is crucial that we have something for each reason code - * that occurs in ERR_str_reasons, or bogus reason strings - * will be returned for SYSerr, which always gets an errno - * value and never one of those 'standard' reason codes. */ - -static void build_SYS_str_reasons(void) - { - /* OPENSSL_malloc cannot be used here, use static storage instead */ - static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; - int i; - static int init = 1; - - CRYPTO_r_lock(CRYPTO_LOCK_ERR); - if (!init) - { - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - return; - } - - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!init) - { - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - return; - } - - for (i = 1; i <= NUM_SYS_STR_REASONS; i++) - { - ERR_STRING_DATA *str = &SYS_str_reasons[i - 1]; - - str->error = (unsigned long)i; - if (str->string == NULL) - { - char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]); - char *src = strerror(i); - if (src != NULL) - { - strncpy(*dest, src, sizeof *dest); - (*dest)[sizeof *dest - 1] = '\0'; - str->string = *dest; - } - } - if (str->string == NULL) - str->string = "unknown"; - } - - /* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, - * as required by ERR_load_strings. */ - - init = 0; - - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - } -#endif - -void ERR_load_ERR_strings(void) - { -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(ERR_str_functs[0].error) == NULL) - { - ERR_load_strings(0,ERR_str_libraries); - ERR_load_strings(0,ERR_str_reasons); - ERR_load_strings(ERR_LIB_SYS,ERR_str_functs); - build_SYS_str_reasons(); - ERR_load_strings(ERR_LIB_SYS,SYS_str_reasons); - } -#endif - } - diff --git a/src/lib/libcrypto/err/openssl.ec b/src/lib/libcrypto/err/openssl.ec index 868826624d..e0554b4342 100644 --- a/src/lib/libcrypto/err/openssl.ec +++ b/src/lib/libcrypto/err/openssl.ec @@ -31,13 +31,15 @@ L COMP crypto/comp/comp.h crypto/comp/comp_err.c L ECDSA crypto/ecdsa/ecdsa.h crypto/ecdsa/ecs_err.c L ECDH crypto/ecdh/ecdh.h crypto/ecdh/ech_err.c L STORE crypto/store/store.h crypto/store/str_err.c -L FIPS fips/fips.h crypto/fips_err.h +L TS crypto/ts/ts.h crypto/ts/ts_err.c +L HMAC crypto/hmac/hmac.h crypto/hmac/hmac_err.c L CMS crypto/cms/cms.h crypto/cms/cms_err.c L JPAKE crypto/jpake/jpake.h crypto/jpake/jpake_err.c # additional header files to be scanned for function names L NONE crypto/x509/x509_vfy.h NONE L NONE crypto/ec/ec_lcl.h NONE +L NONE crypto/asn1/asn_lcl.h NONE L NONE crypto/cms/cms_lcl.h NONE @@ -71,6 +73,11 @@ R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 +R SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 +R SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111 +R SSL_R_TLSV1_UNRECOGNIZED_NAME 1112 +R SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113 +R SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114 R RSAREF_R_CONTENT_ENCODING 0x0400 R RSAREF_R_DATA 0x0401 diff --git a/src/lib/libcrypto/evp/Makefile b/src/lib/libcrypto/evp/Makefile index c204f84c1d..82825e5299 100644 --- a/src/lib/libcrypto/evp/Makefile +++ b/src/lib/libcrypto/evp/Makefile @@ -18,34 +18,34 @@ TESTDATA=evptests.txt APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= encode.c digest.c dig_eng.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \ +LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\ e_rc4.c e_aes.c names.c e_seed.c \ - e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c enc_min.c \ - m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \ + e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ + m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c \ m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \ evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \ - e_old.c + e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c -LIBOBJ= encode.o digest.o dig_eng.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \ +LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \ e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\ e_rc4.o e_aes.o names.o e_seed.o \ - e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o enc_min.o \ - m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \ + e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \ + m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o m_wp.o \ m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\ p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \ bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \ c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \ evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \ - e_old.o + e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o SRC= $(LIBSRC) EXHEADER= evp.h -HEADER= $(EXHEADER) +HEADER= evp_locl.h $(EXHEADER) ALL= $(GENERAL) $(SRC) $(HEADER) @@ -55,7 +55,7 @@ top: all: lib lib: $(LIBOBJ) - $(ARX) $(LIB) $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -101,201 +101,185 @@ bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h -bio_b64.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bio_b64.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -bio_b64.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_b64.o: ../cryptlib.h bio_b64.c +bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h -bio_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bio_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -bio_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_enc.o: ../cryptlib.h bio_enc.c +bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_md.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -bio_md.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -bio_md.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -bio_md.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bio_md.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bio_md.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_md.c +bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bio_md.o: ../cryptlib.h bio_md.c bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -bio_ok.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -bio_ok.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -bio_ok.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_ok.o: ../cryptlib.h bio_ok.c +bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h c_all.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h c_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h -c_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -c_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -c_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -c_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_all.c +c_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +c_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +c_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +c_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +c_all.o: ../cryptlib.h c_all.c c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h c_allc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h -c_allc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -c_allc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_allc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_allc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -c_allc.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c +c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h +c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +c_allc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +c_allc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +c_allc.o: ../cryptlib.h c_allc.c c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h c_alld.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h -c_alld.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -c_alld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_alld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_alld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -c_alld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c -dig_eng.o: ../../e_os.h ../../include/openssl/asn1.h -dig_eng.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -dig_eng.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -dig_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -dig_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -dig_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h -dig_eng.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -dig_eng.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -dig_eng.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dig_eng.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -dig_eng.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -dig_eng.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dig_eng.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -dig_eng.o: ../cryptlib.h dig_eng.c evp_locl.h +c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h +c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +c_alld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +c_alld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +c_alld.o: ../cryptlib.h c_alld.c digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h digest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h digest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h -digest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h digest.c evp_locl.h +digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +digest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +digest.o: ../cryptlib.h digest.c e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_aes.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -e_aes.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -e_aes.o: ../../include/openssl/symhacks.h e_aes.c evp_locl.h +e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_aes.c +e_aes.o: evp_locl.h e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h -e_bf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -e_bf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_bf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -e_bf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -e_bf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_bf.o: ../cryptlib.h e_bf.c evp_locl.h -e_camellia.o: ../../include/openssl/opensslconf.h e_camellia.c +e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h +e_camellia.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_camellia.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h +e_camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +e_camellia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_camellia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_camellia.o: ../../include/openssl/opensslconf.h +e_camellia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +e_camellia.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_camellia.o: ../../include/openssl/symhacks.h e_camellia.c evp_locl.h e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h -e_cast.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -e_cast.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_cast.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -e_cast.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -e_cast.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_cast.o: ../cryptlib.h e_cast.c evp_locl.h +e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_des.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -e_des.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -e_des.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_des.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_des.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -e_des.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_des.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -e_des.o: ../cryptlib.h e_des.c evp_locl.h +e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_des3.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -e_des3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -e_des3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_des3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_des3.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -e_des3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_des3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -e_des3.o: ../cryptlib.h e_des3.c evp_locl.h +e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_idea.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -e_idea.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -e_idea.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_idea.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -e_idea.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -e_idea.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_idea.o: ../cryptlib.h e_idea.c evp_locl.h +e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c evp_locl.h e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_null.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -e_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -e_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -e_null.o: ../../include/openssl/symhacks.h ../cryptlib.h e_null.c +e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +e_null.o: ../cryptlib.h e_null.c e_old.o: e_old.c e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -e_rc2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -e_rc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_rc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h -e_rc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_rc2.o: ../cryptlib.h e_rc2.c evp_locl.h +e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h +e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -e_rc4.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -e_rc4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_rc4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc4.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h -e_rc4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_rc4.o: ../cryptlib.h e_rc4.c evp_locl.h +e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h +e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c e_rc5.o: ../../e_os.h ../../include/openssl/bio.h e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -306,256 +290,221 @@ e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h -e_seed.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -e_seed.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_seed.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -e_seed.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +e_seed.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +e_seed.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +e_seed.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +e_seed.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h e_seed.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_seed.o: e_seed.c +e_seed.o: e_seed.c evp_locl.h e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h -e_xcbc_d.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_xcbc_d.o: ../../include/openssl/opensslconf.h +e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c -enc_min.o: ../../e_os.h ../../include/openssl/asn1.h -enc_min.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -enc_min.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -enc_min.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -enc_min.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -enc_min.o: ../../include/openssl/err.h ../../include/openssl/evp.h -enc_min.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -enc_min.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -enc_min.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -enc_min.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -enc_min.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -enc_min.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -enc_min.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -enc_min.o: ../../include/openssl/x509_vfy.h ../cryptlib.h enc_min.c evp_locl.h +e_xcbc_d.o: evp_locl.h encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -encode.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -encode.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -encode.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -encode.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -encode.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -encode.o: ../../include/openssl/symhacks.h ../cryptlib.h encode.c +encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +encode.o: ../cryptlib.h encode.c evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -evp_acnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -evp_acnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +evp_acnf.o: ../../include/openssl/opensslconf.h evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c -evp_cnf.o: ../../e_os.h ../../include/openssl/asn1.h -evp_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -evp_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -evp_cnf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -evp_cnf.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -evp_cnf.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -evp_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -evp_cnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -evp_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_cnf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -evp_cnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -evp_cnf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -evp_cnf.o: ../cryptlib.h evp_cnf.c evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_enc.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h evp_enc.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -evp_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -evp_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_enc.c evp_locl.h +evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +evp_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h +evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_err.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -evp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_err.o: evp_err.c +evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +evp_err.o: ../../include/openssl/symhacks.h evp_err.c evp_key.o: ../../e_os.h ../../include/openssl/asn1.h evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h evp_key.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -evp_key.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -evp_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -evp_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -evp_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -evp_key.o: ../cryptlib.h evp_key.c +evp_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_key.o: ../../include/openssl/ui.h ../../include/openssl/x509.h +evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -evp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_lib.o: ../cryptlib.h evp_lib.c +evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_pbe.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h evp_pbe.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -evp_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -evp_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -evp_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h -evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -evp_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h evp_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -evp_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -evp_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +evp_pkey.o: ../../include/openssl/opensslconf.h evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pkey.c +evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +evp_pkey.o: ../asn1/asn1_locl.h ../cryptlib.h evp_pkey.c m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h m_dss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h m_dss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -m_dss.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -m_dss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_dss.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_dss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_dss.c +m_dss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_dss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_dss.o: ../cryptlib.h m_dss.c m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h m_dss1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h m_dss1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -m_dss1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_dss1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_dss1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_dss1.c +m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_dss1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_dss1.o: ../cryptlib.h m_dss1.c m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h m_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h m_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -m_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -m_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -m_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ecdsa.c -m_md2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_ecdsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_ecdsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_ecdsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_ecdsa.o: ../cryptlib.h m_ecdsa.c +m_md2.o: ../../e_os.h ../../include/openssl/bio.h m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -m_md2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -m_md2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -m_md2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -m_md2.o: ../../include/openssl/md2.h ../../include/openssl/obj_mac.h -m_md2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h -m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md2.o: ../cryptlib.h evp_locl.h m_md2.c +m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +m_md2.o: ../../include/openssl/symhacks.h ../cryptlib.h m_md2.c m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h m_md4.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h -m_md4.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -m_md4.o: ../../include/openssl/md4.h ../../include/openssl/obj_mac.h -m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h -m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md4.o: ../cryptlib.h evp_locl.h m_md4.c +m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md4.h +m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md4.c m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h m_md5.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h -m_md5.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -m_md5.o: ../../include/openssl/md5.h ../../include/openssl/obj_mac.h -m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h -m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md5.o: ../cryptlib.h evp_locl.h m_md5.c -m_mdc2.o: ../../e_os.h ../../include/openssl/bio.h +m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md5.h +m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md5.c +m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -m_mdc2.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h m_mdc2.c +m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_mdc2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_mdc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h +m_mdc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_mdc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_mdc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +m_mdc2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_mdc2.c m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h m_null.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h -m_null.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -m_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -m_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -m_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_null.o: ../cryptlib.h m_null.c +m_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +m_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_null.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_null.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_null.c m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h m_ripemd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h m_ripemd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -m_ripemd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -m_ripemd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_ripemd.o: ../../include/openssl/opensslconf.h m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h @@ -567,62 +516,87 @@ m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h -m_sha.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -m_sha.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -m_sha.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -m_sha.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -m_sha.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_sha.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_sha.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_sha.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_sha.c +m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h +m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_sha.o: ../cryptlib.h m_sha.c m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h m_sha1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h -m_sha1.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -m_sha1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -m_sha1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -m_sha1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -m_sha1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_sha1.c +m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h +m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_sha1.o: ../cryptlib.h m_sha1.c +m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h +m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +m_sigver.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +m_sigver.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +m_sigver.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +m_sigver.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_sigver.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_sigver.o: ../../include/openssl/opensslconf.h +m_sigver.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +m_sigver.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +m_sigver.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_sigver.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_sigver.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h +m_sigver.o: m_sigver.c +m_wp.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_wp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_wp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_wp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_wp.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_wp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +m_wp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +m_wp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +m_wp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +m_wp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_wp.o: ../../include/openssl/symhacks.h ../../include/openssl/whrlpool.h +m_wp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_wp.o: ../cryptlib.h m_wp.c names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h names.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h names.o: ../../include/openssl/err.h ../../include/openssl/evp.h -names.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -names.o: ../cryptlib.h names.c +names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +names.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +names.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +names.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +names.o: ../../include/openssl/x509_vfy.h ../cryptlib.h names.c p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h p5_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h p5_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -p5_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -p5_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p5_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p5_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c +p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_crpt.o: ../cryptlib.h p5_crpt.c p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h p5_crpt2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h p5_crpt2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h -p5_crpt2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p5_crpt2.o: ../../include/openssl/opensslconf.h +p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h +p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -633,37 +607,35 @@ p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h p_dec.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_dec.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -p_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p_dec.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p_dec.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p_dec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -p_dec.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_dec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_dec.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_dec.o: ../cryptlib.h p_dec.c +p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h +p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h p_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -p_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p_enc.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -p_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_enc.o: ../cryptlib.h p_enc.c +p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h +p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c p_lib.o: ../../e_os.h ../../include/openssl/asn1.h p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h p_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -p_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h +p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h +p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h @@ -671,57 +643,91 @@ p_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h p_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h p_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_lib.o: ../cryptlib.h p_lib.c +p_lib.o: ../asn1/asn1_locl.h ../cryptlib.h p_lib.c p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h p_open.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_open.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -p_open.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p_open.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p_open.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p_open.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p_open.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_open.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p_open.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_open.c +p_open.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h +p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p_open.o: ../cryptlib.h p_open.c p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h p_seal.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_seal.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -p_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p_seal.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p_seal.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p_seal.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -p_seal.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_seal.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_seal.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_seal.o: ../cryptlib.h p_seal.c +p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h +p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h p_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -p_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_sign.o: ../cryptlib.h p_sign.c +p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_sign.c p_verify.o: ../../e_os.h ../../include/openssl/asn1.h p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h p_verify.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h p_verify.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -p_verify.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -p_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -p_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +p_verify.o: ../../include/openssl/opensslconf.h p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_verify.c +pmeth_fn.o: ../../e_os.h ../../include/openssl/asn1.h +pmeth_fn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pmeth_fn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pmeth_fn.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pmeth_fn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pmeth_fn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pmeth_fn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pmeth_fn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +pmeth_fn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h +pmeth_fn.o: pmeth_fn.c +pmeth_gn.o: ../../e_os.h ../../include/openssl/asn1.h +pmeth_gn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +pmeth_gn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +pmeth_gn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +pmeth_gn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +pmeth_gn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +pmeth_gn.o: ../../include/openssl/opensslconf.h +pmeth_gn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pmeth_gn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +pmeth_gn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h +pmeth_gn.o: pmeth_gn.c +pmeth_lib.o: ../../e_os.h ../../include/openssl/asn1.h +pmeth_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pmeth_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pmeth_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pmeth_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h +pmeth_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pmeth_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pmeth_lib.o: ../../include/openssl/objects.h +pmeth_lib.o: ../../include/openssl/opensslconf.h +pmeth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pmeth_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pmeth_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pmeth_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pmeth_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h +pmeth_lib.o: evp_locl.h pmeth_lib.c diff --git a/src/lib/libcrypto/evp/Makefile.ssl b/src/lib/libcrypto/evp/Makefile.ssl deleted file mode 100644 index f33aebd33a..0000000000 --- a/src/lib/libcrypto/evp/Makefile.ssl +++ /dev/null @@ -1,1059 +0,0 @@ -# -# SSLeay/crypto/evp/Makefile -# - -DIR= evp -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=evp_test.c -TESTDATA=evptests.txt -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ - e_des.c e_bf.c e_idea.c e_des3.c \ - e_rc4.c e_aes.c names.c \ - e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ - m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \ - m_dss.c m_dss1.c m_mdc2.c m_ripemd.c \ - p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ - bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ - c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \ - evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c - -LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \ - e_des.o e_bf.o e_idea.o e_des3.o \ - e_rc4.o e_aes.o names.o \ - e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \ - m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \ - m_dss.o m_dss1.o m_mdc2.o m_ripemd.o \ - p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \ - bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \ - c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \ - evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o - -SRC= $(LIBSRC) - -EXHEADER= evp.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - cp $(TESTDATA) ../../test - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -bio_b64.o: ../../e_os.h ../../include/openssl/aes.h -bio_b64.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -bio_b64.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -bio_b64.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -bio_b64.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -bio_b64.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h -bio_b64.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -bio_b64.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -bio_b64.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bio_b64.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -bio_b64.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_b64.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -bio_b64.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_b64.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -bio_b64.o: ../cryptlib.h bio_b64.c -bio_enc.o: ../../e_os.h ../../include/openssl/aes.h -bio_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -bio_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -bio_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -bio_enc.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -bio_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h -bio_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -bio_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -bio_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bio_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -bio_enc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_enc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -bio_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -bio_enc.o: ../cryptlib.h bio_enc.c -bio_md.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -bio_md.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -bio_md.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -bio_md.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -bio_md.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -bio_md.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_md.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -bio_md.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -bio_md.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -bio_md.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -bio_md.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -bio_md.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bio_md.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -bio_md.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -bio_md.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -bio_md.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -bio_md.o: ../../include/openssl/ui_compat.h ../cryptlib.h bio_md.c -bio_ok.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -bio_ok.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -bio_ok.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -bio_ok.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -bio_ok.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -bio_ok.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -bio_ok.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -bio_ok.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -bio_ok.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -bio_ok.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -bio_ok.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -bio_ok.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_ok.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_ok.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -bio_ok.o: ../cryptlib.h bio_ok.c -c_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -c_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -c_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -c_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -c_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -c_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h -c_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -c_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -c_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -c_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -c_all.o: ../../include/openssl/ui_compat.h ../cryptlib.h c_all.c -c_allc.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -c_allc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -c_allc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -c_allc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -c_allc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -c_allc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -c_allc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -c_allc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -c_allc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -c_allc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -c_allc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -c_allc.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c -c_alld.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -c_alld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -c_alld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -c_alld.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -c_alld.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -c_alld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -c_alld.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -c_alld.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -c_alld.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -c_alld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -c_alld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -c_alld.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c -digest.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -digest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -digest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -digest.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -digest.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h -digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -digest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -digest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -digest.o: ../../include/openssl/ui_compat.h ../cryptlib.h digest.c -e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_aes.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_aes.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -e_aes.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -e_aes.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -e_aes.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -e_aes.o: ../../include/openssl/err.h ../../include/openssl/evp.h -e_aes.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -e_aes.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -e_aes.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -e_aes.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -e_aes.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_aes.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h e_aes.c -e_aes.o: evp_locl.h -e_bf.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_bf.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_bf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_bf.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_bf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_bf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_bf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_bf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_bf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_bf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_bf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_bf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_bf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_bf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_bf.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_bf.c evp_locl.h -e_cast.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_cast.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_cast.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_cast.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_cast.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_cast.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_cast.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_cast.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_cast.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_cast.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_cast.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_cast.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_cast.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_cast.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_cast.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_cast.c evp_locl.h -e_des.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_des.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_des.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_des.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_des.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_des.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_des.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_des.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_des.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_des.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_des.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_des.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_des.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_des.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_des.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h -e_des3.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_des3.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_des3.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_des3.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_des3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_des3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_des3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_des3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_des3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_des3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_des3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_des3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_des3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_des3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h -e_idea.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_idea.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_idea.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_idea.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_idea.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_idea.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_idea.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_idea.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_idea.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_idea.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_idea.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_idea.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_idea.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_idea.c evp_locl.h -e_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_null.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_null.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_null.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_null.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_null.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_null.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_null.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_null.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_null.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_null.c -e_rc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_rc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_rc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_rc2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_rc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_rc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_rc2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_rc2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_rc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_rc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_rc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_rc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_rc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_rc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_rc2.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc2.c evp_locl.h -e_rc4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_rc4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_rc4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_rc4.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_rc4.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_rc4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_rc4.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_rc4.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_rc4.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_rc4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_rc4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc4.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_rc4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_rc4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_rc4.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_rc4.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc4.c -e_rc5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_rc5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_rc5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_rc5.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_rc5.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_rc5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc5.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_rc5.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_rc5.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_rc5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_rc5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_rc5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_rc5.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_rc5.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc5.c evp_locl.h -e_xcbc_d.o: ../../e_os.h ../../include/openssl/aes.h -e_xcbc_d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -e_xcbc_d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -e_xcbc_d.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h -e_xcbc_d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -e_xcbc_d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -e_xcbc_d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_xcbc_d.o: ../../include/openssl/opensslconf.h -e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_xcbc_d.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_xcbc_d.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_xcbc_d.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_xcbc_d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c -encode.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -encode.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -encode.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -encode.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -encode.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -encode.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -encode.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -encode.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -encode.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -encode.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -encode.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -encode.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -encode.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -encode.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -encode.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -encode.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -encode.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -encode.o: ../../include/openssl/ui_compat.h ../cryptlib.h encode.c -evp_acnf.o: ../../e_os.h ../../include/openssl/aes.h -evp_acnf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_acnf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_acnf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -evp_acnf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -evp_acnf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -evp_acnf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -evp_acnf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -evp_acnf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -evp_acnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_acnf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_acnf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -evp_acnf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_acnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_acnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_acnf.o: ../../include/openssl/ui_compat.h ../cryptlib.h evp_acnf.c -evp_enc.o: ../../e_os.h ../../include/openssl/aes.h -evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_enc.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_enc.o: ../../include/openssl/engine.h ../../include/openssl/err.h -evp_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -evp_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -evp_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -evp_enc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_enc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h -evp_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -evp_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -evp_err.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -evp_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -evp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -evp_err.o: evp_err.c -evp_key.o: ../../e_os.h ../../include/openssl/aes.h -evp_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_key.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -evp_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_key.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -evp_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_key.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c -evp_lib.o: ../../e_os.h ../../include/openssl/aes.h -evp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -evp_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -evp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -evp_lib.o: ../cryptlib.h evp_lib.c -evp_pbe.o: ../../e_os.h ../../include/openssl/aes.h -evp_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_pbe.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -evp_pbe.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_pbe.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -evp_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_pbe.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c -evp_pkey.o: ../../e_os.h ../../include/openssl/aes.h -evp_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_pkey.o: ../../include/openssl/opensslconf.h -evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -evp_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_pkey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pkey.c -m_dss.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_dss.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_dss.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_dss.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_dss.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_dss.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_dss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_dss.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_dss.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_dss.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_dss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_dss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_dss.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_dss.o: ../cryptlib.h m_dss.c -m_dss1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_dss1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_dss1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_dss1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_dss1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_dss1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_dss1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_dss1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_dss1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_dss1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_dss1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_dss1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_dss1.o: ../cryptlib.h m_dss1.c -m_md2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_md2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_md2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_md2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_md2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_md2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_md2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_md2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_md2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_md2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_md2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md2.o: ../cryptlib.h m_md2.c -m_md4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_md4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_md4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_md4.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_md4.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_md4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_md4.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_md4.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_md4.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_md4.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md4.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md4.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md4.o: ../cryptlib.h m_md4.c -m_md5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_md5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_md5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_md5.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_md5.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_md5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_md5.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_md5.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_md5.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_md5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md5.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md5.o: ../cryptlib.h m_md5.c -m_mdc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_mdc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_mdc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_mdc2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_mdc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_mdc2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_mdc2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_mdc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_mdc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_mdc2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_mdc2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_mdc2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_mdc2.o: ../cryptlib.h m_mdc2.c -m_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_null.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_null.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_null.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_null.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_null.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_null.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_null.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_null.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_null.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_null.o: ../cryptlib.h m_null.c -m_ripemd.o: ../../e_os.h ../../include/openssl/aes.h -m_ripemd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -m_ripemd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -m_ripemd.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -m_ripemd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -m_ripemd.o: ../../include/openssl/err.h ../../include/openssl/evp.h -m_ripemd.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -m_ripemd.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -m_ripemd.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -m_ripemd.o: ../../include/openssl/opensslconf.h -m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_ripemd.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_ripemd.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_ripemd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_ripemd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_ripemd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_ripemd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_ripemd.o: ../cryptlib.h m_ripemd.c -m_sha.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_sha.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_sha.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_sha.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_sha.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_sha.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_sha.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_sha.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_sha.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_sha.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_sha.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_sha.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_sha.o: ../cryptlib.h m_sha.c -m_sha1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_sha1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_sha1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_sha1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_sha1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_sha1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_sha1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_sha1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_sha1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_sha1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_sha1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_sha1.o: ../cryptlib.h m_sha1.c -names.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -names.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -names.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -names.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -names.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -names.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -names.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -names.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -names.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -names.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -names.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -names.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -names.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -names.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -names.o: ../cryptlib.h names.c -p5_crpt.o: ../../e_os.h ../../include/openssl/aes.h -p5_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p5_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p5_crpt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p5_crpt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p5_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p5_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p5_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p5_crpt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p5_crpt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p5_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p5_crpt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c -p5_crpt2.o: ../../e_os.h ../../include/openssl/aes.h -p5_crpt2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p5_crpt2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p5_crpt2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p5_crpt2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p5_crpt2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h -p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p5_crpt2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p5_crpt2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p5_crpt2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_crpt2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p5_crpt2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p5_crpt2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p5_crpt2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p5_crpt2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p5_crpt2.o: ../cryptlib.h p5_crpt2.c -p_dec.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_dec.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_dec.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_dec.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_dec.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_dec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_dec.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_dec.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_dec.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p_dec.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_dec.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c -p_enc.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_enc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_enc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_enc.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c -p_lib.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -p_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_lib.c -p_open.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_open.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_open.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_open.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_open.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_open.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_open.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_open.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_open.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_open.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p_open.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_open.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_open.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_open.o: ../cryptlib.h p_open.c -p_seal.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_seal.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_seal.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_seal.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_seal.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_seal.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_seal.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_seal.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_seal.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_seal.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c -p_sign.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_sign.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_sign.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_sign.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_sign.o: ../cryptlib.h p_sign.c -p_verify.o: ../../e_os.h ../../include/openssl/aes.h -p_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p_verify.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p_verify.o: ../../include/openssl/opensslconf.h -p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p_verify.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_verify.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_verify.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_verify.o: ../cryptlib.h p_verify.c diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c index fa5cbc7eb1..72a2a67277 100644 --- a/src/lib/libcrypto/evp/bio_b64.c +++ b/src/lib/libcrypto/evp/bio_b64.c @@ -64,7 +64,7 @@ static int b64_write(BIO *h, const char *buf, int num); static int b64_read(BIO *h, char *buf, int size); -/*static int b64_puts(BIO *h, const char *str); */ +static int b64_puts(BIO *h, const char *str); /*static int b64_gets(BIO *h, char *str, int size); */ static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2); static int b64_new(BIO *h); @@ -96,7 +96,7 @@ static BIO_METHOD methods_b64= BIO_TYPE_BASE64,"base64 encoding", b64_write, b64_read, - NULL, /* b64_puts, */ + b64_puts, NULL, /* b64_gets, */ b64_ctrl, b64_new, @@ -127,6 +127,7 @@ static int b64_new(BIO *bi) bi->init=1; bi->ptr=(char *)ctx; bi->flags=0; + bi->num = 0; return(1); } @@ -151,6 +152,8 @@ static int b64_read(BIO *b, char *out, int outl) if ((ctx == NULL) || (b->next_bio == NULL)) return(0); + BIO_clear_retry_flags(b); + if (ctx->encode != B64_DECODE) { ctx->encode=B64_DECODE; @@ -163,6 +166,7 @@ static int b64_read(BIO *b, char *out, int outl) /* First check if there are bytes decoded/encoded */ if (ctx->buf_len > 0) { + OPENSSL_assert(ctx->buf_len >= ctx->buf_off); i=ctx->buf_len-ctx->buf_off; if (i > outl) i=outl; OPENSSL_assert(ctx->buf_off+i < (int)sizeof(ctx->buf)); @@ -184,7 +188,6 @@ static int b64_read(BIO *b, char *out, int outl) ret_code=0; while (outl > 0) { - if (ctx->cont <= 0) break; @@ -195,7 +198,7 @@ static int b64_read(BIO *b, char *out, int outl) { ret_code=i; - /* Should be continue next time we are called? */ + /* Should we continue next time we are called? */ if (!BIO_should_retry(b->next_bio)) { ctx->cont=i; @@ -285,19 +288,27 @@ static int b64_read(BIO *b, char *out, int outl) continue; } else + { ctx->tmp_len=0; } - /* If buffer isn't full and we can retry then - * restart to read in more data. - */ + } else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0)) + { + /* If buffer isn't full and we can retry then + * restart to read in more data. + */ continue; + } if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { int z,jj; +#if 0 jj=(i>>2)<<2; +#else + jj = i & ~3; /* process per 4 */ +#endif z=EVP_DecodeBlock((unsigned char *)ctx->buf, (unsigned char *)ctx->tmp,jj); if (jj > 2) @@ -313,18 +324,15 @@ static int b64_read(BIO *b, char *out, int outl) * number consumed */ if (jj != i) { - memcpy((unsigned char *)ctx->tmp, - (unsigned char *)&(ctx->tmp[jj]),i-jj); + memmove(ctx->tmp, &ctx->tmp[jj], i-jj); ctx->tmp_len=i-jj; } ctx->buf_len=0; if (z > 0) { ctx->buf_len=z; - i=1; } - else - i=z; + i=z; } else { @@ -357,14 +365,16 @@ static int b64_read(BIO *b, char *out, int outl) outl-=i; out+=i; } - BIO_clear_retry_flags(b); + /* BIO_clear_retry_flags(b); */ BIO_copy_next_retry(b); return((ret == 0)?ret_code:ret); } static int b64_write(BIO *b, const char *in, int inl) { - int ret=inl,n,i; + int ret=0; + int n; + int i; BIO_B64_CTX *ctx; ctx=(BIO_B64_CTX *)b->ptr; @@ -379,6 +389,9 @@ static int b64_write(BIO *b, const char *in, int inl) EVP_EncodeInit(&(ctx->base64)); } + OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf)); + OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); + OPENSSL_assert(ctx->buf_len >= ctx->buf_off); n=ctx->buf_len-ctx->buf_off; while (n > 0) { @@ -388,7 +401,10 @@ static int b64_write(BIO *b, const char *in, int inl) BIO_copy_next_retry(b); return(i); } + OPENSSL_assert(i <= n); ctx->buf_off+=i; + OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf)); + OPENSSL_assert(ctx->buf_len >= ctx->buf_off); n-=i; } /* at this point all pending data has been written */ @@ -405,18 +421,19 @@ static int b64_write(BIO *b, const char *in, int inl) { if (ctx->tmp_len > 0) { + OPENSSL_assert(ctx->tmp_len <= 3); n=3-ctx->tmp_len; - /* There's a teoretical possibility for this */ + /* There's a theoretical possibility for this */ if (n > inl) n=inl; memcpy(&(ctx->tmp[ctx->tmp_len]),in,n); ctx->tmp_len+=n; + ret += n; if (ctx->tmp_len < 3) break; - ctx->buf_len=EVP_EncodeBlock( - (unsigned char *)ctx->buf, - (unsigned char *)ctx->tmp, - ctx->tmp_len); + ctx->buf_len=EVP_EncodeBlock((unsigned char *)ctx->buf,(unsigned char *)ctx->tmp,ctx->tmp_len); + OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); + OPENSSL_assert(ctx->buf_len >= ctx->buf_off); /* Since we're now done using the temporary buffer, the length should be 0'd */ ctx->tmp_len=0; @@ -425,14 +442,16 @@ static int b64_write(BIO *b, const char *in, int inl) { if (n < 3) { - memcpy(&(ctx->tmp[0]),in,n); + memcpy(ctx->tmp,in,n); ctx->tmp_len=n; + ret += n; break; } n-=n%3; - ctx->buf_len=EVP_EncodeBlock( - (unsigned char *)ctx->buf, - (unsigned char *)in,n); + ctx->buf_len=EVP_EncodeBlock((unsigned char *)ctx->buf,(const unsigned char *)in,n); + OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); + OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + ret += n; } } else @@ -440,6 +459,9 @@ static int b64_write(BIO *b, const char *in, int inl) EVP_EncodeUpdate(&(ctx->base64), (unsigned char *)ctx->buf,&ctx->buf_len, (unsigned char *)in,n); + OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); + OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + ret += n; } inl-=n; in+=n; @@ -454,8 +476,11 @@ static int b64_write(BIO *b, const char *in, int inl) BIO_copy_next_retry(b); return((ret == 0)?i:ret); } + OPENSSL_assert(i <= n); n-=i; ctx->buf_off+=i; + OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf)); + OPENSSL_assert(ctx->buf_len >= ctx->buf_off); } ctx->buf_len=0; ctx->buf_off=0; @@ -486,6 +511,7 @@ static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) ret=BIO_ctrl(b->next_bio,cmd,num,ptr); break; case BIO_CTRL_WPENDING: /* More to write in buffer */ + OPENSSL_assert(ctx->buf_len >= ctx->buf_off); ret=ctx->buf_len-ctx->buf_off; if ((ret == 0) && (ctx->encode != B64_NONE) && (ctx->base64.num != 0)) @@ -494,6 +520,7 @@ static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) ret=BIO_ctrl(b->next_bio,cmd,num,ptr); break; case BIO_CTRL_PENDING: /* More to read in buffer */ + OPENSSL_assert(ctx->buf_len >= ctx->buf_off); ret=ctx->buf_len-ctx->buf_off; if (ret <= 0) ret=BIO_ctrl(b->next_bio,cmd,num,ptr); @@ -565,3 +592,7 @@ static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) return(ret); } +static int b64_puts(BIO *b, const char *str) + { + return b64_write(b,str,strlen(str)); + } diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c index f6ac94c6e1..b6efb5fbc4 100644 --- a/src/lib/libcrypto/evp/bio_enc.c +++ b/src/lib/libcrypto/evp/bio_enc.c @@ -361,8 +361,10 @@ again: case BIO_CTRL_DUP: dbio=(BIO *)ptr; dctx=(BIO_ENC_CTX *)dbio->ptr; - memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher)); - dbio->init=1; + EVP_CIPHER_CTX_init(&dctx->cipher); + ret = EVP_CIPHER_CTX_copy(&dctx->cipher,&ctx->cipher); + if (ret) + dbio->init=1; break; default: ret=BIO_ctrl(b->next_bio,cmd,num,ptr); diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c index ed5c1135fd..9841e32e1a 100644 --- a/src/lib/libcrypto/evp/bio_md.c +++ b/src/lib/libcrypto/evp/bio_md.c @@ -130,8 +130,8 @@ static int md_read(BIO *b, char *out, int outl) { if (ret > 0) { - EVP_DigestUpdate(ctx,(unsigned char *)out, - (unsigned int)ret); + if (EVP_DigestUpdate(ctx,(unsigned char *)out, + (unsigned int)ret)<=0) return (-1); } } BIO_clear_retry_flags(b); @@ -157,8 +157,11 @@ static int md_write(BIO *b, const char *in, int inl) (unsigned int)ret); } } - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); + if(b->next_bio != NULL) + { + BIO_clear_retry_flags(b); + BIO_copy_next_retry(b); + } return(ret); } @@ -194,6 +197,7 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_C_GET_MD_CTX: pctx=ptr; *pctx=ctx; + b->init = 1; break; case BIO_C_SET_MD_CTX: if (b->init) @@ -249,7 +253,9 @@ static int md_gets(BIO *bp, char *buf, int size) ctx=bp->ptr; if (size < ctx->digest->md_size) return(0); - EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret); + if (EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret)<=0) + return -1; + return((int)ret); } diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c index a5da52e62d..766c4cecdf 100644 --- a/src/lib/libcrypto/evp/c_all.c +++ b/src/lib/libcrypto/evp/c_all.c @@ -83,7 +83,7 @@ void OPENSSL_add_all_algorithms_noconf(void) OpenSSL_add_all_ciphers(); OpenSSL_add_all_digests(); #ifndef OPENSSL_NO_ENGINE -# if defined(__OpenBSD__) || defined(__FreeBSD__) +# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) ENGINE_setup_bsd_cryptodev(); # endif #endif diff --git a/src/lib/libcrypto/evp/c_allc.c b/src/lib/libcrypto/evp/c_allc.c index 7054d8125d..c5f9268378 100644 --- a/src/lib/libcrypto/evp/c_allc.c +++ b/src/lib/libcrypto/evp/c_allc.c @@ -71,6 +71,8 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_des_cfb8()); EVP_add_cipher(EVP_des_ede_cfb()); EVP_add_cipher(EVP_des_ede3_cfb()); + EVP_add_cipher(EVP_des_ede3_cfb1()); + EVP_add_cipher(EVP_des_ede3_cfb8()); EVP_add_cipher(EVP_des_ofb()); EVP_add_cipher(EVP_des_ede_ofb()); @@ -219,7 +221,4 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256"); EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256"); #endif - - PKCS12_PBE_add(); - PKCS5_PBE_add(); } diff --git a/src/lib/libcrypto/evp/c_alld.c b/src/lib/libcrypto/evp/c_alld.c index d270b0ee03..311e1fe2f8 100644 --- a/src/lib/libcrypto/evp/c_alld.c +++ b/src/lib/libcrypto/evp/c_alld.c @@ -64,9 +64,6 @@ void OpenSSL_add_all_digests(void) { -#ifndef OPENSSL_NO_MD2 - EVP_add_digest(EVP_md2()); -#endif #ifndef OPENSSL_NO_MD4 EVP_add_digest(EVP_md4()); #endif @@ -81,7 +78,7 @@ void OpenSSL_add_all_digests(void) EVP_add_digest(EVP_dss()); #endif #endif -#ifndef OPENSSL_NO_SHA +#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_digest(EVP_sha1()); EVP_add_digest_alias(SN_sha1,"ssl3-sha1"); EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA); @@ -110,5 +107,8 @@ void OpenSSL_add_all_digests(void) #ifndef OPENSSL_NO_SHA512 EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); +#endif +#ifndef OPENSSL_NO_WHIRLPOOL + EVP_add_digest(EVP_whirlpool()); #endif } diff --git a/src/lib/libcrypto/evp/dig_eng.c b/src/lib/libcrypto/evp/dig_eng.c deleted file mode 100644 index 64cdf9366c..0000000000 --- a/src/lib/libcrypto/evp/dig_eng.c +++ /dev/null @@ -1,180 +0,0 @@ -/* crypto/evp/digest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#ifndef OPENSSL_NO_ENGINE -#include -#endif -#include "evp_locl.h" - -#ifndef OPENSSL_NO_ENGINE - -#ifdef OPENSSL_FIPS - -static int do_evp_md_engine_full(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) - { - if (*ptype) - { - /* Ensure an ENGINE left lying around from last time is cleared - * (the previous check attempted to avoid this if the same - * ENGINE and EVP_MD could be used). */ - if(ctx->engine) - ENGINE_finish(ctx->engine); - if(impl) - { - if (!ENGINE_init(impl)) - { - EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_INITIALIZATION_ERROR); - return 0; - } - } - else - /* Ask if an ENGINE is reserved for this job */ - impl = ENGINE_get_digest_engine((*ptype)->type); - if(impl) - { - /* There's an ENGINE for this job ... (apparently) */ - const EVP_MD *d = ENGINE_get_digest(impl, (*ptype)->type); - if(!d) - { - /* Same comment from evp_enc.c */ - EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_INITIALIZATION_ERROR); - return 0; - } - /* We'll use the ENGINE's private digest definition */ - *ptype = d; - /* Store the ENGINE functional reference so we know - * 'type' came from an ENGINE and we need to release - * it when done. */ - ctx->engine = impl; - } - else - ctx->engine = NULL; - } - else - if(!ctx->digest) - { - EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_NO_DIGEST_SET); - return 0; - } - return 1; - } - -void int_EVP_MD_init_engine_callbacks(void) - { - int_EVP_MD_set_engine_callbacks( - ENGINE_init, ENGINE_finish, do_evp_md_engine_full); - } -#endif -#endif diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c index 3bc2d1295c..982ba2b136 100644 --- a/src/lib/libcrypto/evp/digest.c +++ b/src/lib/libcrypto/evp/digest.c @@ -116,7 +116,6 @@ #ifndef OPENSSL_NO_ENGINE #include #endif -#include "evp_locl.h" void EVP_MD_CTX_init(EVP_MD_CTX *ctx) { @@ -127,7 +126,8 @@ EVP_MD_CTX *EVP_MD_CTX_create(void) { EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx); - EVP_MD_CTX_init(ctx); + if (ctx) + EVP_MD_CTX_init(ctx); return ctx; } @@ -138,77 +138,18 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) return EVP_DigestInit_ex(ctx, type, NULL); } -#ifdef OPENSSL_FIPS - -/* The purpose of these is to trap programs that attempt to use non FIPS - * algorithms in FIPS mode and ignore the errors. - */ - -static int bad_init(EVP_MD_CTX *ctx) - { FIPS_ERROR_IGNORED("Digest init"); return 0;} - -static int bad_update(EVP_MD_CTX *ctx,const void *data,size_t count) - { FIPS_ERROR_IGNORED("Digest update"); return 0;} - -static int bad_final(EVP_MD_CTX *ctx,unsigned char *md) - { FIPS_ERROR_IGNORED("Digest Final"); return 0;} - -static const EVP_MD bad_md = +int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) { - 0, - 0, - 0, - 0, - bad_init, - bad_update, - bad_final, - NULL, - NULL, - NULL, - 0, - {0,0,0,0}, - }; - -#endif - + EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); #ifndef OPENSSL_NO_ENGINE - -#ifdef OPENSSL_FIPS - -static int do_engine_null(ENGINE *impl) { return 0;} -static int do_evp_md_engine_null(EVP_MD_CTX *ctx, - const EVP_MD **ptype, ENGINE *impl) - { return 1; } - -static int (*do_engine_init)(ENGINE *impl) - = do_engine_null; - -static int (*do_engine_finish)(ENGINE *impl) - = do_engine_null; - -static int (*do_evp_md_engine) - (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) - = do_evp_md_engine_null; - -void int_EVP_MD_set_engine_callbacks( - int (*eng_md_init)(ENGINE *impl), - int (*eng_md_fin)(ENGINE *impl), - int (*eng_md_evp) - (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl)) - { - do_engine_init = eng_md_init; - do_engine_finish = eng_md_fin; - do_evp_md_engine = eng_md_evp; - } - -#else - -#define do_engine_init ENGINE_init -#define do_engine_finish ENGINE_finish - -static int do_evp_md_engine(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) - { - if (*ptype) + /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts + * so this context may already have an ENGINE! Try to avoid releasing + * the previous handle, re-querying for an ENGINE, and having a + * reinitialisation, when it may all be unecessary. */ + if (ctx->engine && ctx->digest && (!type || + (type && (type->type == ctx->digest->type)))) + goto skip_to_init; + if (type) { /* Ensure an ENGINE left lying around from last time is cleared * (the previous check attempted to avoid this if the same @@ -219,25 +160,26 @@ static int do_evp_md_engine(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) { if (!ENGINE_init(impl)) { - EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); return 0; } } else /* Ask if an ENGINE is reserved for this job */ - impl = ENGINE_get_digest_engine((*ptype)->type); + impl = ENGINE_get_digest_engine(type->type); if(impl) { /* There's an ENGINE for this job ... (apparently) */ - const EVP_MD *d = ENGINE_get_digest(impl, (*ptype)->type); + const EVP_MD *d = ENGINE_get_digest(impl, type->type); if(!d) { /* Same comment from evp_enc.c */ - EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); + ENGINE_finish(impl); return 0; } /* We'll use the ENGINE's private digest definition */ - *ptype = d; + type = d; /* Store the ENGINE functional reference so we know * 'type' came from an ENGINE and we need to release * it when done. */ @@ -249,71 +191,46 @@ static int do_evp_md_engine(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) else if(!ctx->digest) { - EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_NO_DIGEST_SET); + EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET); return 0; } - return 1; - } - -#endif - -#endif - -int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) - { - M_EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); -#ifdef OPENSSL_FIPS - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_EVP_DIGESTINIT_EX,FIPS_R_FIPS_SELFTEST_FAILED); - ctx->digest = &bad_md; - return 0; - } -#endif -#ifndef OPENSSL_NO_ENGINE - /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts - * so this context may already have an ENGINE! Try to avoid releasing - * the previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unecessary. */ - if (ctx->engine && ctx->digest && (!type || - (type && (type->type == ctx->digest->type)))) - goto skip_to_init; - if (!do_evp_md_engine(ctx, &type, impl)) - return 0; #endif if (ctx->digest != type) { -#ifdef OPENSSL_FIPS - if (FIPS_mode()) + if (ctx->digest && ctx->digest->ctx_size) + OPENSSL_free(ctx->md_data); + ctx->digest=type; + if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { - if (!(type->flags & EVP_MD_FLAG_FIPS) - && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) + ctx->update = type->update; + ctx->md_data=OPENSSL_malloc(type->ctx_size); + if (ctx->md_data == NULL) { - EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_FOR_FIPS); - ctx->digest = &bad_md; + EVPerr(EVP_F_EVP_DIGESTINIT_EX, + ERR_R_MALLOC_FAILURE); return 0; } } -#endif - if (ctx->digest && ctx->digest->ctx_size) - OPENSSL_free(ctx->md_data); - ctx->digest=type; - if (type->ctx_size) - ctx->md_data=OPENSSL_malloc(type->ctx_size); } #ifndef OPENSSL_NO_ENGINE - skip_to_init: +skip_to_init: #endif + if (ctx->pctx) + { + int r; + r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, + EVP_PKEY_CTRL_DIGESTINIT, 0, ctx); + if (r <= 0 && (r != -2)) + return 0; + } + if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) + return 1; return ctx->digest->init(ctx); } -int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, - size_t count) +int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) { -#ifdef OPENSSL_FIPS - FIPS_selftest_check(); -#endif - return ctx->digest->update(ctx,data,count); + return ctx->update(ctx,data,count); } /* The caller can assume that this removes any secret data from the context */ @@ -329,9 +246,6 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) { int ret; -#ifdef OPENSSL_FIPS - FIPS_selftest_check(); -#endif OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); ret=ctx->digest->final(ctx,md); @@ -340,7 +254,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) if (ctx->digest->cleanup) { ctx->digest->cleanup(ctx); - M_EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); + EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); } memset(ctx->md_data,0,ctx->digest->ctx_size); return ret; @@ -362,7 +276,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) } #ifndef OPENSSL_NO_ENGINE /* Make sure it's safe to copy a digest context using an ENGINE */ - if (in->engine && !do_engine_init(in->engine)) + if (in->engine && !ENGINE_init(in->engine)) { EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB); return 0; @@ -372,19 +286,40 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) if (out->digest == in->digest) { tmp_buf = out->md_data; - M_EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE); + EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE); } else tmp_buf = NULL; EVP_MD_CTX_cleanup(out); memcpy(out,in,sizeof *out); - if (out->digest->ctx_size) + if (in->md_data && out->digest->ctx_size) { - if (tmp_buf) out->md_data = tmp_buf; - else out->md_data=OPENSSL_malloc(out->digest->ctx_size); + if (tmp_buf) + out->md_data = tmp_buf; + else + { + out->md_data=OPENSSL_malloc(out->digest->ctx_size); + if (!out->md_data) + { + EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAILURE); + return 0; + } + } memcpy(out->md_data,in->md_data,out->digest->ctx_size); } + out->update = in->update; + + if (in->pctx) + { + out->pctx = EVP_PKEY_CTX_dup(in->pctx); + if (!out->pctx) + { + EVP_MD_CTX_cleanup(out); + return 0; + } + } + if (out->digest->copy) return out->digest->copy(out,in); @@ -398,7 +333,7 @@ int EVP_Digest(const void *data, size_t count, int ret; EVP_MD_CTX_init(&ctx); - M_EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); + EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); ret=EVP_DigestInit_ex(&ctx, type, impl) && EVP_DigestUpdate(&ctx, data, count) && EVP_DigestFinal_ex(&ctx, md, size); @@ -420,19 +355,21 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) * because sometimes only copies of the context are ever finalised. */ if (ctx->digest && ctx->digest->cleanup - && !M_EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED)) + && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED)) ctx->digest->cleanup(ctx); if (ctx->digest && ctx->digest->ctx_size && ctx->md_data - && !M_EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) + && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); OPENSSL_free(ctx->md_data); } + if (ctx->pctx) + EVP_PKEY_CTX_free(ctx->pctx); #ifndef OPENSSL_NO_ENGINE if(ctx->engine) /* The EVP_MD we used belongs to an ENGINE, release the * functional reference we held for this reason. */ - do_engine_finish(ctx->engine); + ENGINE_finish(ctx->engine); #endif memset(ctx,'\0',sizeof *ctx); diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c index c9a5ee8d75..bd6c0a3a62 100644 --- a/src/lib/libcrypto/evp/e_aes.c +++ b/src/lib/libcrypto/evp/e_aes.c @@ -69,29 +69,32 @@ typedef struct IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY, NID_aes_128, 16, 16, 16, 128, - EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, - aes_init_key, - NULL, NULL, NULL, NULL) + 0, aes_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY, NID_aes_192, 16, 24, 16, 128, - EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, - aes_init_key, - NULL, NULL, NULL, NULL) + 0, aes_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, NID_aes_256, 16, 32, 16, 128, - EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, - aes_init_key, - NULL, NULL, NULL, NULL) + 0, aes_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) -#define IMPLEMENT_AES_CFBR(ksize,cbits,flags) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags) +#define IMPLEMENT_AES_CFBR(ksize,cbits) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16) -IMPLEMENT_AES_CFBR(128,1,EVP_CIPH_FLAG_FIPS) -IMPLEMENT_AES_CFBR(192,1,EVP_CIPH_FLAG_FIPS) -IMPLEMENT_AES_CFBR(256,1,EVP_CIPH_FLAG_FIPS) +IMPLEMENT_AES_CFBR(128,1) +IMPLEMENT_AES_CFBR(192,1) +IMPLEMENT_AES_CFBR(256,1) -IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS) -IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS) -IMPLEMENT_AES_CFBR(256,8,EVP_CIPH_FLAG_FIPS) +IMPLEMENT_AES_CFBR(128,8) +IMPLEMENT_AES_CFBR(192,8) +IMPLEMENT_AES_CFBR(256,8) static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c index 04376df232..ca009f2c52 100644 --- a/src/lib/libcrypto/evp/e_des.c +++ b/src/lib/libcrypto/evp/e_des.c @@ -72,7 +72,7 @@ static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); /* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */ static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { BLOCK_CIPHER_ecb_loop() DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), ctx->cipher_data, ctx->encrypt); @@ -80,24 +80,52 @@ static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { - DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data, (DES_cblock *)ctx->iv, &ctx->num); + while(inl>=EVP_MAXCHUNK) + { + DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data, + (DES_cblock *)ctx->iv, &ctx->num); + inl-=EVP_MAXCHUNK; + in +=EVP_MAXCHUNK; + out+=EVP_MAXCHUNK; + } + if (inl) + DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data, + (DES_cblock *)ctx->iv, &ctx->num); return 1; } static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { - DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data, - (DES_cblock *)ctx->iv, ctx->encrypt); + while(inl>=EVP_MAXCHUNK) + { + DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data, + (DES_cblock *)ctx->iv, ctx->encrypt); + inl-=EVP_MAXCHUNK; + in +=EVP_MAXCHUNK; + out+=EVP_MAXCHUNK; + } + if (inl) + DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data, + (DES_cblock *)ctx->iv, ctx->encrypt); return 1; } static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { - DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data, + while(inl>=EVP_MAXCHUNK) + { + DES_cfb64_encrypt(in,out, (long)EVP_MAXCHUNK, ctx->cipher_data, + (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); + inl-=EVP_MAXCHUNK; + in +=EVP_MAXCHUNK; + out+=EVP_MAXCHUNK; + } + if (inl) + DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data, (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); return 1; } @@ -105,45 +133,62 @@ static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, /* Although we have a CFB-r implementation for DES, it doesn't pack the right way, so wrap it here */ static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { - unsigned int n; + size_t n,chunk=EVP_MAXCHUNK/8; unsigned char c[1],d[1]; - for(n=0 ; n < inl ; ++n) + if (inl=chunk) { - c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0; - DES_cfb_encrypt(c,d,1,1,ctx->cipher_data,(DES_cblock *)ctx->iv, + for(n=0 ; n < chunk*8; ++n) + { + c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0; + DES_cfb_encrypt(c,d,1,1,ctx->cipher_data,(DES_cblock *)ctx->iv, ctx->encrypt); - out[n/8]=(out[n/8]&~(0x80 >> (n%8)))|((d[0]&0x80) >> (n%8)); + out[n/8]=(out[n/8]&~(0x80 >> (unsigned int)(n%8))) | + ((d[0]&0x80) >> (unsigned int)(n%8)); + } + inl-=chunk; + in +=chunk; + out+=chunk; + if (inlcipher_data,(DES_cblock *)ctx->iv, - ctx->encrypt); + while (inl>=EVP_MAXCHUNK) + { + DES_cfb_encrypt(in,out,8,(long)EVP_MAXCHUNK,ctx->cipher_data, + (DES_cblock *)ctx->iv,ctx->encrypt); + inl-=EVP_MAXCHUNK; + in +=EVP_MAXCHUNK; + out+=EVP_MAXCHUNK; + } + if (inl) + DES_cfb_encrypt(in,out,8,(long)inl,ctx->cipher_data, + (DES_cblock *)ctx->iv,ctx->encrypt); return 1; } BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64, - EVP_CIPH_RAND_KEY, - des_init_key, NULL, + EVP_CIPH_RAND_KEY, des_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl) BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1, - EVP_CIPH_RAND_KEY, - des_init_key, NULL, + EVP_CIPH_RAND_KEY, des_init_key,NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv,des_ctrl) BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8, - EVP_CIPH_RAND_KEY, - des_init_key,NULL, + EVP_CIPH_RAND_KEY,des_init_key,NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv,des_ctrl) diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c index f910af19b1..3232cfe024 100644 --- a/src/lib/libcrypto/evp/e_des3.c +++ b/src/lib/libcrypto/evp/e_des3.c @@ -85,7 +85,7 @@ typedef struct /* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { BLOCK_CIPHER_ecb_loop() DES_ecb3_encrypt((const_DES_cblock *)(in + i), @@ -97,48 +97,80 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { - DES_ede3_ofb64_encrypt(in, out, (long)inl, + if (inl>=EVP_MAXCHUNK) + { + DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, (DES_cblock *)ctx->iv, &ctx->num); + inl-=EVP_MAXCHUNK; + in +=EVP_MAXCHUNK; + out+=EVP_MAXCHUNK; + } + if (inl) + DES_ede3_ofb64_encrypt(in, out, (long)inl, + &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, + (DES_cblock *)ctx->iv, &ctx->num); + return 1; } static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { #ifdef KSSL_DEBUG { int i; - printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", (unsigned long)ctx, ctx->buf_len); + char *cp; + printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len); printf("\t iv= "); for(i=0;i<8;i++) printf("%02X",ctx->iv[i]); printf("\n"); } #endif /* KSSL_DEBUG */ - DES_ede3_cbc_encrypt(in, out, (long)inl, + if (inl>=EVP_MAXCHUNK) + { + DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, (DES_cblock *)ctx->iv, ctx->encrypt); + inl-=EVP_MAXCHUNK; + in +=EVP_MAXCHUNK; + out+=EVP_MAXCHUNK; + } + if (inl) + DES_ede3_cbc_encrypt(in, out, (long)inl, + &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, + (DES_cblock *)ctx->iv, ctx->encrypt); return 1; } static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { - DES_ede3_cfb64_encrypt(in, out, (long)inl, + if (inl>=EVP_MAXCHUNK) + { + DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); + inl-=EVP_MAXCHUNK; + in +=EVP_MAXCHUNK; + out+=EVP_MAXCHUNK; + } + if (inl) + DES_ede3_cfb64_encrypt(in, out, (long)inl, + &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, + (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); return 1; } /* Although we have a CFB-r implementation for 3-DES, it doesn't pack the right way, so wrap it here */ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { - unsigned int n; + size_t n; unsigned char c[1],d[1]; for(n=0 ; n < inl ; ++n) @@ -147,25 +179,36 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, DES_ede3_cfb_encrypt(c,d,1,1, &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3, (DES_cblock *)ctx->iv,ctx->encrypt); - out[n/8]=(out[n/8]&~(0x80 >> (n%8)))|((d[0]&0x80) >> (n%8)); + out[n/8]=(out[n/8]&~(0x80 >> (unsigned int)(n%8))) | + ((d[0]&0x80) >> (unsigned int)(n%8)); } return 1; } static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { - DES_ede3_cfb_encrypt(in,out,8,inl, + while (inl>=EVP_MAXCHUNK) + { + DES_ede3_cfb_encrypt(in,out,8,(long)EVP_MAXCHUNK, &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3, (DES_cblock *)ctx->iv,ctx->encrypt); + inl-=EVP_MAXCHUNK; + in +=EVP_MAXCHUNK; + out+=EVP_MAXCHUNK; + } + if (inl) + DES_ede3_cfb_encrypt(in,out,8,(long)inl, + &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3, + (DES_cblock *)ctx->iv,ctx->encrypt); return 1; } BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, - EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede_init_key, - NULL, NULL, NULL, + EVP_CIPH_RAND_KEY, des_ede_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, des3_ctrl) #define des_ede3_cfb64_cipher des_ede_cfb64_cipher @@ -174,21 +217,21 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, #define des_ede3_ecb_cipher des_ede_ecb_cipher BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, - EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, - NULL, NULL, NULL, + EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, des3_ctrl) BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1, - EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, - NULL, NULL, NULL, + EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, des3_ctrl) BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8, - EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, - NULL, NULL, NULL, + EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, des3_ctrl) static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, @@ -215,7 +258,7 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, #ifdef KSSL_DEBUG { int i; - printf("des_ede3_init_key(ctx=%lx)\n", (unsigned long)ctx); + printf("des_ede3_init_key(ctx=%lx)\n", ctx); printf("\tKEY= "); for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n"); printf("\t IV= "); diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c index 48c33a774a..806b080360 100644 --- a/src/lib/libcrypto/evp/e_idea.c +++ b/src/lib/libcrypto/evp/e_idea.c @@ -73,7 +73,7 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, */ static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { BLOCK_CIPHER_ecb_loop() idea_ecb_encrypt(in + i, out + i, ctx->cipher_data); diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c index 0872d733e4..7cf50e1416 100644 --- a/src/lib/libcrypto/evp/e_null.c +++ b/src/lib/libcrypto/evp/e_null.c @@ -64,12 +64,12 @@ static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv,int enc); static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl); + const unsigned char *in, size_t inl); static const EVP_CIPHER n_cipher= { NID_undef, 1,0,0, - EVP_CIPH_FLAG_FIPS, + 0, null_init_key, null_cipher, NULL, @@ -93,10 +93,10 @@ static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, } static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { if (in != out) - memcpy((char *)out,(const char *)in,(size_t)inl); + memcpy((char *)out,(const char *)in,inl); return 1; } diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c index d37726ffae..f78d781129 100644 --- a/src/lib/libcrypto/evp/e_rc2.c +++ b/src/lib/libcrypto/evp/e_rc2.c @@ -223,6 +223,11 @@ static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) return 1; } return 0; +#ifdef PBE_PRF_TEST + case EVP_CTRL_PBE_PRF_NID: + *(int *)ptr = NID_hmacWithMD5; + return 1; +#endif default: return -1; diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c index 55baad7446..8b5175e0fd 100644 --- a/src/lib/libcrypto/evp/e_rc4.c +++ b/src/lib/libcrypto/evp/e_rc4.c @@ -64,7 +64,6 @@ #include #include #include -#include "evp_locl.h" /* FIXME: surely this is available elsewhere? */ #define EVP_RC4_KEY_SIZE 16 @@ -79,7 +78,7 @@ typedef struct static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv,int enc); static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl); + const unsigned char *in, size_t inl); static const EVP_CIPHER r4_cipher= { NID_rc4, @@ -129,7 +128,7 @@ static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, } static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { RC4(&data(ctx)->ks,inl,in,out); return 1; diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c index 8832da2433..250e88c8c5 100644 --- a/src/lib/libcrypto/evp/e_xcbc_d.c +++ b/src/lib/libcrypto/evp/e_xcbc_d.c @@ -63,12 +63,13 @@ #include #include +#include "evp_locl.h" #include static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv,int enc); static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl); + const unsigned char *in, size_t inl); typedef struct @@ -113,13 +114,25 @@ static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, } static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) + const unsigned char *in, size_t inl) { - DES_xcbc_encrypt(in,out,inl,&data(ctx)->ks, + while (inl>=EVP_MAXCHUNK) + { + DES_xcbc_encrypt(in,out,(long)EVP_MAXCHUNK,&data(ctx)->ks, (DES_cblock *)&(ctx->iv[0]), &data(ctx)->inw, &data(ctx)->outw, ctx->encrypt); + inl-=EVP_MAXCHUNK; + in +=EVP_MAXCHUNK; + out+=EVP_MAXCHUNK; + } + if (inl) + DES_xcbc_encrypt(in,out,(long)inl,&data(ctx)->ks, + (DES_cblock *)&(ctx->iv[0]), + &data(ctx)->inw, + &data(ctx)->outw, + ctx->encrypt); return 1; } #endif diff --git a/src/lib/libcrypto/evp/enc_min.c b/src/lib/libcrypto/evp/enc_min.c deleted file mode 100644 index 7fba38ee24..0000000000 --- a/src/lib/libcrypto/evp/enc_min.c +++ /dev/null @@ -1,390 +0,0 @@ -/* crypto/evp/enc_min.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#ifndef OPENSSL_NO_ENGINE -#include -#endif -#include "evp_locl.h" - -void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) - { -#ifdef OPENSSL_FIPS - FIPS_selftest_check(); -#endif - memset(ctx,0,sizeof(EVP_CIPHER_CTX)); - /* ctx->cipher=NULL; */ - } - -#ifdef OPENSSL_FIPS - -/* The purpose of these is to trap programs that attempt to use non FIPS - * algorithms in FIPS mode and ignore the errors. - */ - -static int bad_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { FIPS_ERROR_IGNORED("Cipher init"); return 0;} - -static int bad_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) - { FIPS_ERROR_IGNORED("Cipher update"); return 0;} - -/* NB: no cleanup because it is allowed after failed init */ - -static int bad_set_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ) - { FIPS_ERROR_IGNORED("Cipher set_asn1"); return 0;} -static int bad_get_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ) - { FIPS_ERROR_IGNORED("Cipher get_asn1"); return 0;} -static int bad_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) - { FIPS_ERROR_IGNORED("Cipher ctrl"); return 0;} - -static const EVP_CIPHER bad_cipher = - { - 0, - 0, - 0, - 0, - 0, - bad_init, - bad_do_cipher, - NULL, - 0, - bad_set_asn1, - bad_get_asn1, - bad_ctrl, - NULL - }; - -#endif - -#ifndef OPENSSL_NO_ENGINE - -#ifdef OPENSSL_FIPS - -static int do_engine_null(ENGINE *impl) { return 0;} -static int do_evp_enc_engine_null(EVP_CIPHER_CTX *ctx, - const EVP_CIPHER **pciph, ENGINE *impl) - { return 1; } - -static int (*do_engine_finish)(ENGINE *impl) - = do_engine_null; - -static int (*do_evp_enc_engine) - (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl) - = do_evp_enc_engine_null; - -void int_EVP_CIPHER_set_engine_callbacks( - int (*eng_ciph_fin)(ENGINE *impl), - int (*eng_ciph_evp) - (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl)) - { - do_engine_finish = eng_ciph_fin; - do_evp_enc_engine = eng_ciph_evp; - } - -#else - -#define do_engine_finish ENGINE_finish - -static int do_evp_enc_engine(EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pcipher, ENGINE *impl) - { - if(impl) - { - if (!ENGINE_init(impl)) - { - EVPerr(EVP_F_DO_EVP_ENC_ENGINE, EVP_R_INITIALIZATION_ERROR); - return 0; - } - } - else - /* Ask if an ENGINE is reserved for this job */ - impl = ENGINE_get_cipher_engine((*pcipher)->nid); - if(impl) - { - /* There's an ENGINE for this job ... (apparently) */ - const EVP_CIPHER *c = ENGINE_get_cipher(impl, (*pcipher)->nid); - if(!c) - { - /* One positive side-effect of US's export - * control history, is that we should at least - * be able to avoid using US mispellings of - * "initialisation"? */ - EVPerr(EVP_F_DO_EVP_ENC_ENGINE, EVP_R_INITIALIZATION_ERROR); - return 0; - } - /* We'll use the ENGINE's private cipher definition */ - *pcipher = c; - /* Store the ENGINE functional reference so we know - * 'cipher' came from an ENGINE and we need to release - * it when done. */ - ctx->engine = impl; - } - else - ctx->engine = NULL; - return 1; - } - -#endif - -#endif - -int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, - const unsigned char *key, const unsigned char *iv, int enc) - { - if (enc == -1) - enc = ctx->encrypt; - else - { - if (enc) - enc = 1; - ctx->encrypt = enc; - } -#ifdef OPENSSL_FIPS - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_EVP_CIPHERINIT_EX,FIPS_R_FIPS_SELFTEST_FAILED); - ctx->cipher = &bad_cipher; - return 0; - } -#endif -#ifndef OPENSSL_NO_ENGINE - /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts - * so this context may already have an ENGINE! Try to avoid releasing - * the previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unecessary. */ - if (ctx->engine && ctx->cipher && (!cipher || - (cipher && (cipher->nid == ctx->cipher->nid)))) - goto skip_to_init; -#endif - if (cipher) - { - /* Ensure a context left lying around from last time is cleared - * (the previous check attempted to avoid this if the same - * ENGINE and EVP_CIPHER could be used). */ - EVP_CIPHER_CTX_cleanup(ctx); - - /* Restore encrypt field: it is zeroed by cleanup */ - ctx->encrypt = enc; -#ifndef OPENSSL_NO_ENGINE - if (!do_evp_enc_engine(ctx, &cipher, impl)) - return 0; -#endif - - ctx->cipher=cipher; - if (ctx->cipher->ctx_size) - { - ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); - if (!ctx->cipher_data) - { - EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE); - return 0; - } - } - else - { - ctx->cipher_data = NULL; - } - ctx->key_len = cipher->key_len; - ctx->flags = 0; - if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) - { - if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) - { - EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); - return 0; - } - } - } - else if(!ctx->cipher) - { - EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); - return 0; - } -#ifndef OPENSSL_NO_ENGINE -skip_to_init: -#endif - /* we assume block size is a power of 2 in *cryptUpdate */ - OPENSSL_assert(ctx->cipher->block_size == 1 - || ctx->cipher->block_size == 8 - || ctx->cipher->block_size == 16); - - if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { - switch(EVP_CIPHER_CTX_mode(ctx)) { - - case EVP_CIPH_STREAM_CIPHER: - case EVP_CIPH_ECB_MODE: - break; - - case EVP_CIPH_CFB_MODE: - case EVP_CIPH_OFB_MODE: - - ctx->num = 0; - - case EVP_CIPH_CBC_MODE: - - OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= - (int)sizeof(ctx->iv)); - if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); - memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); - break; - - default: - return 0; - break; - } - } - -#ifdef OPENSSL_FIPS - /* After 'key' is set no further parameters changes are permissible. - * So only check for non FIPS enabling at this point. - */ - if (key && FIPS_mode()) - { - if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS) - & !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) - { - EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_DISABLED_FOR_FIPS); -#if 0 - ERR_add_error_data(2, "cipher=", - EVP_CIPHER_name(ctx->cipher)); -#endif - ctx->cipher = &bad_cipher; - return 0; - } - } -#endif - - if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { - if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; - } - ctx->buf_len=0; - ctx->final_used=0; - ctx->block_mask=ctx->cipher->block_size-1; - return 1; - } - -int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) - { - if (c->cipher != NULL) - { - if(c->cipher->cleanup && !c->cipher->cleanup(c)) - return 0; - /* Cleanse cipher context data */ - if (c->cipher_data) - OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); - } - if (c->cipher_data) - OPENSSL_free(c->cipher_data); -#ifndef OPENSSL_NO_ENGINE - if (c->engine) - /* The EVP_CIPHER we used belongs to an ENGINE, release the - * functional reference we held for this reason. */ - do_engine_finish(c->engine); -#endif - memset(c,0,sizeof(EVP_CIPHER_CTX)); - return 1; - } - -int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) - { -#ifdef OPENSSL_FIPS - FIPS_selftest_check(); -#endif - return ctx->cipher->do_cipher(ctx,out,in,inl); - } - -int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - int ret; - if(!ctx->cipher) { - EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); - return 0; - } - - if(!ctx->cipher->ctrl) { - EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); - return 0; - } - - ret = ctx->cipher->ctrl(ctx, type, arg, ptr); - if(ret == -1) { - EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); - return 0; - } - return ret; -} - -unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) - { - return ctx->cipher->flags; - } - -int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) - { - return ctx->cipher->iv_len; - } - -int EVP_CIPHER_nid(const EVP_CIPHER *cipher) - { - return cipher->nid; - } diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c index 5921f0d710..b42c747249 100644 --- a/src/lib/libcrypto/evp/encode.c +++ b/src/lib/libcrypto/evp/encode.c @@ -85,7 +85,7 @@ #define CHUNKS_PER_LINE (64/4) #define CHAR_PER_LINE (64+1) -static unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\ +static const unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\ abcdefghijklmnopqrstuvwxyz0123456789+/"; /* 0xF0 is a EOLN @@ -102,7 +102,7 @@ abcdefghijklmnopqrstuvwxyz0123456789+/"; #define B64_ERROR 0xFF #define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3) -static unsigned char data_ascii2bin[128]={ +static const unsigned char data_ascii2bin[128]={ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, 0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h index 82b5862ce7..da93e945f5 100644 --- a/src/lib/libcrypto/evp/evp.h +++ b/src/lib/libcrypto/evp/evp.h @@ -75,10 +75,6 @@ #include #endif -#ifdef OPENSSL_FIPS -#include -#endif - /* #define EVP_RC2_KEY_SIZE 16 #define EVP_RC4_KEY_SIZE 16 @@ -119,6 +115,7 @@ #define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 #define EVP_PKEY_DH NID_dhKeyAgreement #define EVP_PKEY_EC NID_X9_62_id_ecPublicKey +#define EVP_PKEY_HMAC NID_hmac #ifdef __cplusplus extern "C" { @@ -132,6 +129,8 @@ struct evp_pkey_st int type; int save_type; int references; + const EVP_PKEY_ASN1_METHOD *ameth; + ENGINE *engine; union { char *ptr; #ifndef OPENSSL_NO_RSA @@ -156,73 +155,6 @@ struct evp_pkey_st #define EVP_PKEY_MO_ENCRYPT 0x0004 #define EVP_PKEY_MO_DECRYPT 0x0008 -#if 0 -/* This structure is required to tie the message digest and signing together. - * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or - * oid, md and pkey. - * This is required because for various smart-card perform the digest and - * signing/verification on-board. To handle this case, the specific - * EVP_MD and EVP_PKEY_METHODs need to be closely associated. - * When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it. - * This can either be software or a token to provide the required low level - * routines. - */ -typedef struct evp_pkey_md_st - { - int oid; - EVP_MD *md; - EVP_PKEY_METHOD *pkey; - } EVP_PKEY_MD; - -#define EVP_rsa_md2() \ - EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\ - EVP_rsa_pkcs1(),EVP_md2()) -#define EVP_rsa_md5() \ - EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\ - EVP_rsa_pkcs1(),EVP_md5()) -#define EVP_rsa_sha0() \ - EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\ - EVP_rsa_pkcs1(),EVP_sha()) -#define EVP_rsa_sha1() \ - EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\ - EVP_rsa_pkcs1(),EVP_sha1()) -#define EVP_rsa_ripemd160() \ - EVP_PKEY_MD_add(NID_ripemd160WithRSA,\ - EVP_rsa_pkcs1(),EVP_ripemd160()) -#define EVP_rsa_mdc2() \ - EVP_PKEY_MD_add(NID_mdc2WithRSA,\ - EVP_rsa_octet_string(),EVP_mdc2()) -#define EVP_dsa_sha() \ - EVP_PKEY_MD_add(NID_dsaWithSHA,\ - EVP_dsa(),EVP_sha()) -#define EVP_dsa_sha1() \ - EVP_PKEY_MD_add(NID_dsaWithSHA1,\ - EVP_dsa(),EVP_sha1()) - -typedef struct evp_pkey_method_st - { - char *name; - int flags; - int type; /* RSA, DSA, an SSLeay specific constant */ - int oid; /* For the pub-key type */ - int encrypt_oid; /* pub/priv key encryption */ - - int (*sign)(); - int (*verify)(); - struct { - int (*set)(); /* get and/or set the underlying type */ - int (*get)(); - int (*encrypt)(); - int (*decrypt)(); - int (*i2d)(); - int (*d2i)(); - int (*dup)(); - } pub,priv; - int (*set_asn1_parameters)(); - int (*get_asn1_parameters)(); - } EVP_PKEY_METHOD; -#endif - #ifndef EVP_MD struct env_md_st { @@ -245,6 +177,8 @@ struct env_md_st int required_pkey_type[5]; /*EVP_PKEY_xxx */ int block_size; int ctx_size; /* how big does the ctx->md_data need to be */ + /* control function */ + int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2); } /* EVP_MD */; typedef int evp_sign_method(int type,const unsigned char *m, @@ -254,18 +188,42 @@ typedef int evp_verify_method(int type,const unsigned char *m, unsigned int m_length,const unsigned char *sigbuf, unsigned int siglen, void *key); -typedef struct - { - EVP_MD_CTX *mctx; - void *key; - } EVP_MD_SVCTX; - #define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single * block */ -#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */ +#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used + * which is a copy of an existing + * one for a specific public key type. + * EVP_dss1() etc */ + +/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */ + +#define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004 + +/* DigestAlgorithmIdentifier flags... */ + +#define EVP_MD_FLAG_DIGALGID_MASK 0x0018 -#define EVP_MD_FLAG_SVCTX 0x0800 /* pass EVP_MD_SVCTX to sign/verify */ +/* NULL or absent parameter accepted. Use NULL */ + +#define EVP_MD_FLAG_DIGALGID_NULL 0x0000 + +/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */ + +#define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008 + +/* Custom handling via ctrl */ + +#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018 + +/* Digest ctrls */ + +#define EVP_MD_CTRL_DIGALGID 0x1 +#define EVP_MD_CTRL_MICALG 0x2 + +/* Minimum Algorithm specific ctrl value */ + +#define EVP_MD_CTRL_ALG_CTRL 0x1000 #define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} @@ -307,6 +265,10 @@ struct env_md_ctx_st ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */ unsigned long flags; void *md_data; + /* Public key context for sign/verify */ + EVP_PKEY_CTX *pctx; + /* Update function: usually copied from EVP_MD */ + int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count); } /* EVP_MD_CTX */; /* values for EVP_MD_CTX flags */ @@ -317,17 +279,23 @@ struct env_md_ctx_st * cleaned */ #define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data * in EVP_MD_CTX_cleanup */ +/* FIPS and pad options are ignored in 1.0.0, definitions are here + * so we don't accidentally reuse the values for other purposes. + */ + #define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest * in FIPS mode */ +/* The following PAD options are also currently ignored in 1.0.0, digest + * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*() + * instead. + */ #define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */ #define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */ #define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */ #define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */ -#define M_EVP_MD_CTX_FLAG_PSS_SALT(ctx) \ - ((ctx->flags>>16) &0xFFFF) /* seed length */ -#define EVP_MD_CTX_FLAG_PSS_MDLEN 0xFFFF /* salt len same as digest */ -#define EVP_MD_CTX_FLAG_PSS_MREC 0xFFFE /* salt max or auto recovered */ + +#define EVP_MD_CTX_FLAG_NO_INIT 0x0100 /* Don't initialize md_data */ struct evp_cipher_st { @@ -339,7 +307,7 @@ struct evp_cipher_st int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); /* init key */ int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */ + const unsigned char *in, size_t inl);/* encrypt/decrypt data */ int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */ int ctx_size; /* how big ctx->cipher_data needs to be */ int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */ @@ -357,7 +325,7 @@ struct evp_cipher_st #define EVP_CIPH_CBC_MODE 0x2 #define EVP_CIPH_CFB_MODE 0x3 #define EVP_CIPH_OFB_MODE 0x4 -#define EVP_CIPH_MODE 0x7 +#define EVP_CIPH_MODE 0xF0007 /* Set if variable length cipher */ #define EVP_CIPH_VARIABLE_LENGTH 0x8 /* Set if the iv handling should be done by the cipher itself */ @@ -372,10 +340,8 @@ struct evp_cipher_st #define EVP_CIPH_NO_PADDING 0x100 /* cipher handles random key generation */ #define EVP_CIPH_RAND_KEY 0x200 -/* Note if suitable for use in FIPS mode */ -#define EVP_CIPH_FLAG_FIPS 0x400 -/* Allow non FIPS cipher in FIPS mode */ -#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x800 +/* cipher has its own additional copying logic */ +#define EVP_CIPH_CUSTOM_COPY 0x400 /* Allow use default ASN1 get/set iv */ #define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000 /* Buffer length in bits not bytes: CFB1 mode only */ @@ -389,8 +355,10 @@ struct evp_cipher_st #define EVP_CTRL_SET_RC2_KEY_BITS 0x3 #define EVP_CTRL_GET_RC5_ROUNDS 0x4 #define EVP_CTRL_SET_RC5_ROUNDS 0x5 -#define EVP_CTRL_SET_ACSS_MODE 0x6 -#define EVP_CTRL_RAND_KEY 0x7 +#define EVP_CTRL_RAND_KEY 0x6 +#define EVP_CTRL_PBE_PRF_NID 0x7 +#define EVP_CTRL_COPY 0x8 +#define EVP_CTRL_SET_ACSS_MODE 0x9 typedef struct evp_cipher_info_st { @@ -463,26 +431,15 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) -/* Macros to reduce FIPS dependencies: do NOT use in applications */ -#define M_EVP_MD_size(e) ((e)->md_size) -#define M_EVP_MD_block_size(e) ((e)->block_size) -#define M_EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) -#define M_EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) -#define M_EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) -#define M_EVP_MD_type(e) ((e)->type) -#define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e)) -#define M_EVP_MD_CTX_md(e) ((e)->digest) - -#define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) - int EVP_MD_type(const EVP_MD *md); #define EVP_MD_nid(e) EVP_MD_type(e) #define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) int EVP_MD_pkey_type(const EVP_MD *md); int EVP_MD_size(const EVP_MD *md); int EVP_MD_block_size(const EVP_MD *md); +unsigned long EVP_MD_flags(const EVP_MD *md); -const EVP_MD * EVP_MD_CTX_md(const EVP_MD_CTX *ctx); +const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); #define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e)) #define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e)) #define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e)) @@ -500,6 +457,7 @@ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx); int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx); int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx); int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx); +int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in); void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx); void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data); #define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) @@ -517,6 +475,8 @@ unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx); #define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) #define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) #define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e) +#define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) +#define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) #ifdef CONST_STRICT void BIO_set_md(BIO *,const EVP_MD *md); @@ -563,6 +523,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); +int EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify); void EVP_set_pw_prompt(const char *prompt); char * EVP_get_pw_prompt(void); @@ -609,6 +570,16 @@ int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, int EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey); +int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); +int EVP_DigestSignFinal(EVP_MD_CTX *ctx, + unsigned char *sigret, size_t *siglen); + +int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); +int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, + unsigned char *sig, size_t siglen); + int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv); @@ -681,6 +652,9 @@ const EVP_MD *EVP_mdc2(void); #ifndef OPENSSL_NO_RIPEMD const EVP_MD *EVP_ripemd160(void); #endif +#ifndef OPENSSL_NO_WHIRLPOOL +const EVP_MD *EVP_whirlpool(void); +#endif const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */ #ifndef OPENSSL_NO_DES const EVP_CIPHER *EVP_des_ecb(void); @@ -851,16 +825,31 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name); const EVP_MD *EVP_get_digestbyname(const char *name); void EVP_cleanup(void); -int EVP_PKEY_decrypt(unsigned char *dec_key, +void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, + const char *from, const char *to, void *x), void *arg); +void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph, + const char *from, const char *to, void *x), void *arg); + +void EVP_MD_do_all(void (*fn)(const EVP_MD *ciph, + const char *from, const char *to, void *x), void *arg); +void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph, + const char *from, const char *to, void *x), void *arg); + +int EVP_PKEY_decrypt_old(unsigned char *dec_key, const unsigned char *enc_key,int enc_key_len, EVP_PKEY *private_key); -int EVP_PKEY_encrypt(unsigned char *enc_key, +int EVP_PKEY_encrypt_old(unsigned char *enc_key, const unsigned char *key,int key_len, EVP_PKEY *pub_key); int EVP_PKEY_type(int type); +int EVP_PKEY_id(const EVP_PKEY *pkey); +int EVP_PKEY_base_id(const EVP_PKEY *pkey); int EVP_PKEY_bits(EVP_PKEY *pkey); int EVP_PKEY_size(EVP_PKEY *pkey); -int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key); +int EVP_PKEY_set_type(EVP_PKEY *pkey,int type); +int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len); +int EVP_PKEY_assign(EVP_PKEY *pkey,int type,void *key); +void * EVP_PKEY_get0(EVP_PKEY *pkey); #ifndef OPENSSL_NO_RSA struct rsa_st; @@ -903,6 +892,15 @@ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b); int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b); +int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx); +int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx); +int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx); + +int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid); + int EVP_CIPHER_type(const EVP_CIPHER *ctx); /* calls methods */ @@ -920,6 +918,10 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, int keylen, unsigned char *out); +int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, + const unsigned char *salt, int saltlen, int iter, + const EVP_MD *digest, + int keylen, unsigned char *out); int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); @@ -928,27 +930,260 @@ void PKCS5_PBE_add(void); int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen, ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de); + +/* PBE type */ + +/* Can appear as the outermost AlgorithmIdentifier */ +#define EVP_PBE_TYPE_OUTER 0x0 +/* Is an PRF type OID */ +#define EVP_PBE_TYPE_PRF 0x1 + +int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, + EVP_PBE_KEYGEN *keygen); int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, EVP_PBE_KEYGEN *keygen); +int EVP_PBE_find(int type, int pbe_nid, + int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen); void EVP_PBE_cleanup(void); -#ifdef OPENSSL_FIPS -#ifndef OPENSSL_NO_ENGINE -void int_EVP_MD_set_engine_callbacks( - int (*eng_md_init)(ENGINE *impl), - int (*eng_md_fin)(ENGINE *impl), - int (*eng_md_evp) - (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl)); -void int_EVP_MD_init_engine_callbacks(void); -void int_EVP_CIPHER_set_engine_callbacks( - int (*eng_ciph_fin)(ENGINE *impl), - int (*eng_ciph_evp) - (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl)); -void int_EVP_CIPHER_init_engine_callbacks(void); -#endif -#endif +#define ASN1_PKEY_ALIAS 0x1 +#define ASN1_PKEY_DYNAMIC 0x2 +#define ASN1_PKEY_SIGPARAM_NULL 0x4 + +#define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1 +#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2 +#define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3 +#define ASN1_PKEY_CTRL_CMS_SIGN 0x5 +#define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7 + +int EVP_PKEY_asn1_get_count(void); +const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); +const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type); +const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe, + const char *str, int len); +int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth); +int EVP_PKEY_asn1_add_alias(int to, int from); +int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags, + const char **pinfo, const char **ppem_str, + const EVP_PKEY_ASN1_METHOD *ameth); + +const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(EVP_PKEY *pkey); +EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, + const char *pem_str, const char *info); +void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, + const EVP_PKEY_ASN1_METHOD *src); +void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth); +void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, + int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub), + int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk), + int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), + int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent, + ASN1_PCTX *pctx), + int (*pkey_size)(const EVP_PKEY *pk), + int (*pkey_bits)(const EVP_PKEY *pk)); +void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, + int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf), + int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk), + int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent, + ASN1_PCTX *pctx)); +void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, + int (*param_decode)(EVP_PKEY *pkey, + const unsigned char **pder, int derlen), + int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder), + int (*param_missing)(const EVP_PKEY *pk), + int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from), + int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), + int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent, + ASN1_PCTX *pctx)); + +void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, + void (*pkey_free)(EVP_PKEY *pkey)); +void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, + int (*pkey_ctrl)(EVP_PKEY *pkey, int op, + long arg1, void *arg2)); + + +#define EVP_PKEY_OP_UNDEFINED 0 +#define EVP_PKEY_OP_PARAMGEN (1<<1) +#define EVP_PKEY_OP_KEYGEN (1<<2) +#define EVP_PKEY_OP_SIGN (1<<3) +#define EVP_PKEY_OP_VERIFY (1<<4) +#define EVP_PKEY_OP_VERIFYRECOVER (1<<5) +#define EVP_PKEY_OP_SIGNCTX (1<<6) +#define EVP_PKEY_OP_VERIFYCTX (1<<7) +#define EVP_PKEY_OP_ENCRYPT (1<<8) +#define EVP_PKEY_OP_DECRYPT (1<<9) +#define EVP_PKEY_OP_DERIVE (1<<10) + +#define EVP_PKEY_OP_TYPE_SIG \ + (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \ + | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX) + +#define EVP_PKEY_OP_TYPE_CRYPT \ + (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT) + +#define EVP_PKEY_OP_TYPE_NOGEN \ + (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE) + +#define EVP_PKEY_OP_TYPE_GEN \ + (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN) + +#define EVP_PKEY_CTX_set_signature_md(ctx, md) \ + EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \ + EVP_PKEY_CTRL_MD, 0, (void *)md) + +#define EVP_PKEY_CTRL_MD 1 +#define EVP_PKEY_CTRL_PEER_KEY 2 + +#define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3 +#define EVP_PKEY_CTRL_PKCS7_DECRYPT 4 + +#define EVP_PKEY_CTRL_PKCS7_SIGN 5 + +#define EVP_PKEY_CTRL_SET_MAC_KEY 6 + +#define EVP_PKEY_CTRL_DIGESTINIT 7 + +/* Used by GOST key encryption in TLS */ +#define EVP_PKEY_CTRL_SET_IV 8 + +#define EVP_PKEY_CTRL_CMS_ENCRYPT 9 +#define EVP_PKEY_CTRL_CMS_DECRYPT 10 +#define EVP_PKEY_CTRL_CMS_SIGN 11 + +#define EVP_PKEY_ALG_CTRL 0x1000 + + +#define EVP_PKEY_FLAG_AUTOARGLEN 2 + +const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); +EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags); +void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth); +int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth); + +EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); +EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); +EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx); +void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); + +int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, + int cmd, int p1, void *p2); +int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, + const char *value); + +int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx); +void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen); + +EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, + unsigned char *key, int keylen); + +void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data); +void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx); +EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx); + +EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx); + +void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data); +void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx); + +int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, + unsigned char *sig, size_t *siglen, + const unsigned char *tbs, size_t tbslen); +int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, + const unsigned char *sig, size_t siglen, + const unsigned char *tbs, size_t tbslen); +int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, + unsigned char *rout, size_t *routlen, + const unsigned char *sig, size_t siglen); +int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, + unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen); +int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, + unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen); + +int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer); +int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); + +typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); + +int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); +int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); + +void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb); +EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx); + +int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx); + +void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, + int (*init)(EVP_PKEY_CTX *ctx)); + +void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, + int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)); + +void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, + void (*cleanup)(EVP_PKEY_CTX *ctx)); + +void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, + int (*paramgen_init)(EVP_PKEY_CTX *ctx), + int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); + +void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, + int (*keygen_init)(EVP_PKEY_CTX *ctx), + int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); -void EVP_add_alg_module(void); +void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, + int (*sign_init)(EVP_PKEY_CTX *ctx), + int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + const unsigned char *tbs, size_t tbslen)); + +void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, + int (*verify_init)(EVP_PKEY_CTX *ctx), + int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, + const unsigned char *tbs, size_t tbslen)); + +void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, + int (*verify_recover_init)(EVP_PKEY_CTX *ctx), + int (*verify_recover)(EVP_PKEY_CTX *ctx, + unsigned char *sig, size_t *siglen, + const unsigned char *tbs, size_t tbslen)); + +void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, + int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), + int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + EVP_MD_CTX *mctx)); + +void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, + int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), + int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen, + EVP_MD_CTX *mctx)); + +void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, + int (*encrypt_init)(EVP_PKEY_CTX *ctx), + int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen)); + +void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, + int (*decrypt_init)(EVP_PKEY_CTX *ctx), + int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen)); + +void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, + int (*derive_init)(EVP_PKEY_CTX *ctx), + int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)); + +void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, + int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), + int (*ctrl_str)(EVP_PKEY_CTX *ctx, + const char *type, const char *value)); /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -961,46 +1196,66 @@ void ERR_load_EVP_strings(void); /* Function codes. */ #define EVP_F_AESNI_INIT_KEY 165 #define EVP_F_AES_INIT_KEY 133 -#define EVP_F_ALG_MODULE_INIT 138 #define EVP_F_CAMELLIA_INIT_KEY 159 #define EVP_F_D2I_PKEY 100 -#define EVP_F_DO_EVP_ENC_ENGINE 140 -#define EVP_F_DO_EVP_ENC_ENGINE_FULL 141 -#define EVP_F_DO_EVP_MD_ENGINE 139 -#define EVP_F_DO_EVP_MD_ENGINE_FULL 142 +#define EVP_F_DO_SIGVER_INIT 161 #define EVP_F_DSAPKEY2PKCS8 134 #define EVP_F_DSA_PKEY2PKCS8 135 #define EVP_F_ECDSA_PKEY2PKCS8 129 #define EVP_F_ECKEY_PKEY2PKCS8 132 -#define EVP_F_EVP_CIPHERINIT 137 #define EVP_F_EVP_CIPHERINIT_EX 123 +#define EVP_F_EVP_CIPHER_CTX_COPY 163 #define EVP_F_EVP_CIPHER_CTX_CTRL 124 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 #define EVP_F_EVP_DECRYPTFINAL_EX 101 -#define EVP_F_EVP_DIGESTINIT 136 #define EVP_F_EVP_DIGESTINIT_EX 128 #define EVP_F_EVP_ENCRYPTFINAL_EX 127 #define EVP_F_EVP_MD_CTX_COPY_EX 110 +#define EVP_F_EVP_MD_SIZE 162 #define EVP_F_EVP_OPENINIT 102 #define EVP_F_EVP_PBE_ALG_ADD 115 +#define EVP_F_EVP_PBE_ALG_ADD_TYPE 160 #define EVP_F_EVP_PBE_CIPHERINIT 116 #define EVP_F_EVP_PKCS82PKEY 111 +#define EVP_F_EVP_PKCS82PKEY_BROKEN 136 #define EVP_F_EVP_PKEY2PKCS8_BROKEN 113 #define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 +#define EVP_F_EVP_PKEY_CTX_CTRL 137 +#define EVP_F_EVP_PKEY_CTX_CTRL_STR 150 +#define EVP_F_EVP_PKEY_CTX_DUP 156 #define EVP_F_EVP_PKEY_DECRYPT 104 +#define EVP_F_EVP_PKEY_DECRYPT_INIT 138 +#define EVP_F_EVP_PKEY_DECRYPT_OLD 151 +#define EVP_F_EVP_PKEY_DERIVE 153 +#define EVP_F_EVP_PKEY_DERIVE_INIT 154 +#define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155 #define EVP_F_EVP_PKEY_ENCRYPT 105 +#define EVP_F_EVP_PKEY_ENCRYPT_INIT 139 +#define EVP_F_EVP_PKEY_ENCRYPT_OLD 152 #define EVP_F_EVP_PKEY_GET1_DH 119 #define EVP_F_EVP_PKEY_GET1_DSA 120 #define EVP_F_EVP_PKEY_GET1_ECDSA 130 #define EVP_F_EVP_PKEY_GET1_EC_KEY 131 #define EVP_F_EVP_PKEY_GET1_RSA 121 +#define EVP_F_EVP_PKEY_KEYGEN 146 +#define EVP_F_EVP_PKEY_KEYGEN_INIT 147 #define EVP_F_EVP_PKEY_NEW 106 +#define EVP_F_EVP_PKEY_PARAMGEN 148 +#define EVP_F_EVP_PKEY_PARAMGEN_INIT 149 +#define EVP_F_EVP_PKEY_SIGN 140 +#define EVP_F_EVP_PKEY_SIGN_INIT 141 +#define EVP_F_EVP_PKEY_VERIFY 142 +#define EVP_F_EVP_PKEY_VERIFY_INIT 143 +#define EVP_F_EVP_PKEY_VERIFY_RECOVER 144 +#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145 #define EVP_F_EVP_RIJNDAEL 126 #define EVP_F_EVP_SIGNFINAL 107 #define EVP_F_EVP_VERIFYFINAL 108 +#define EVP_F_INT_CTX_NEW 157 #define EVP_F_PKCS5_PBE_KEYIVGEN 117 #define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 #define EVP_F_PKCS8_SET_BROKEN 112 +#define EVP_F_PKEY_SET_TYPE 158 #define EVP_F_RC2_MAGIC_TO_METH 109 #define EVP_F_RC5_CTRL 125 @@ -1012,41 +1267,52 @@ void ERR_load_EVP_strings(void); #define EVP_R_BAD_KEY_LENGTH 137 #define EVP_R_BN_DECODE_ERROR 112 #define EVP_R_BN_PUBKEY_ERROR 113 +#define EVP_R_BUFFER_TOO_SMALL 155 #define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157 #define EVP_R_CIPHER_PARAMETER_ERROR 122 +#define EVP_R_COMMAND_NOT_SUPPORTED 147 #define EVP_R_CTRL_NOT_IMPLEMENTED 132 #define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 #define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 #define EVP_R_DECODE_ERROR 114 #define EVP_R_DIFFERENT_KEY_TYPES 101 -#define EVP_R_DISABLED_FOR_FIPS 144 +#define EVP_R_DIFFERENT_PARAMETERS 153 #define EVP_R_ENCODE_ERROR 115 -#define EVP_R_ERROR_LOADING_SECTION 145 -#define EVP_R_ERROR_SETTING_FIPS_MODE 146 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 #define EVP_R_EXPECTING_AN_RSA_KEY 127 #define EVP_R_EXPECTING_A_DH_KEY 128 #define EVP_R_EXPECTING_A_DSA_KEY 129 #define EVP_R_EXPECTING_A_ECDSA_KEY 141 #define EVP_R_EXPECTING_A_EC_KEY 142 -#define EVP_R_FIPS_MODE_NOT_SUPPORTED 147 #define EVP_R_INITIALIZATION_ERROR 134 #define EVP_R_INPUT_NOT_INITIALIZED 111 -#define EVP_R_INVALID_FIPS_MODE 148 +#define EVP_R_INVALID_DIGEST 152 #define EVP_R_INVALID_KEY_LENGTH 130 +#define EVP_R_INVALID_OPERATION 148 #define EVP_R_IV_TOO_LARGE 102 #define EVP_R_KEYGEN_FAILURE 120 +#define EVP_R_MESSAGE_DIGEST_IS_NULL 159 +#define EVP_R_METHOD_NOT_SUPPORTED 144 #define EVP_R_MISSING_PARAMETERS 103 #define EVP_R_NO_CIPHER_SET 131 +#define EVP_R_NO_DEFAULT_DIGEST 158 #define EVP_R_NO_DIGEST_SET 139 #define EVP_R_NO_DSA_PARAMETERS 116 +#define EVP_R_NO_KEY_SET 154 +#define EVP_R_NO_OPERATION_SET 149 #define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104 #define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 +#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 +#define EVP_R_OPERATON_NOT_INITIALIZED 151 #define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117 +#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 +#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 #define EVP_R_PUBLIC_KEY_NOT_RSA 106 -#define EVP_R_UNKNOWN_OPTION 149 +#define EVP_R_UNKNOWN_CIPHER 160 +#define EVP_R_UNKNOWN_DIGEST 161 #define EVP_R_UNKNOWN_PBE_ALGORITHM 121 #define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 +#define EVP_R_UNSUPPORTED_ALGORITHM 156 #define EVP_R_UNSUPPORTED_CIPHER 107 #define EVP_R_UNSUPPORTED_KEYLENGTH 123 #define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124 @@ -1056,7 +1322,6 @@ void ERR_load_EVP_strings(void); #define EVP_R_UNSUPPORTED_SALT_TYPE 126 #define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 #define EVP_R_WRONG_PUBLIC_KEY_TYPE 110 -#define EVP_R_SEED_KEY_SETUP_FAILED 162 #ifdef __cplusplus } diff --git a/src/lib/libcrypto/evp/evp_cnf.c b/src/lib/libcrypto/evp/evp_cnf.c deleted file mode 100644 index 2e4db30235..0000000000 --- a/src/lib/libcrypto/evp/evp_cnf.c +++ /dev/null @@ -1,125 +0,0 @@ -/* evp_cnf.c */ -/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL - * project 2007. - */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include -#ifdef OPENSSL_FIPS -#include -#endif - - -/* Algorithm configuration module. */ - -static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) - { - int i; - const char *oid_section; - STACK_OF(CONF_VALUE) *sktmp; - CONF_VALUE *oval; - oid_section = CONF_imodule_get_value(md); - if(!(sktmp = NCONF_get_section(cnf, oid_section))) - { - EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION); - return 0; - } - for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) - { - oval = sk_CONF_VALUE_value(sktmp, i); - if (!strcmp(oval->name, "fips_mode")) - { - int m; - if (!X509V3_get_value_bool(oval, &m)) - { - EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE); - return 0; - } - if (m > 0) - { -#ifdef OPENSSL_FIPS - if (!FIPS_mode() && !FIPS_mode_set(1)) - { - EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_SETTING_FIPS_MODE); - return 0; - } -#else - EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED); - return 0; -#endif - } - } - else - { - EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION); - ERR_add_error_data(4, "name=", oval->name, - ", value=", oval->value); - } - - } - return 1; - } - -void EVP_add_alg_module(void) - { - CONF_module_add("alg_section", alg_module_init, 0); - } diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c index 30e0ca4d9f..bead6a2170 100644 --- a/src/lib/libcrypto/evp/evp_enc.c +++ b/src/lib/libcrypto/evp/evp_enc.c @@ -66,16 +66,14 @@ #endif #include "evp_locl.h" -#ifdef OPENSSL_FIPS - #define M_do_cipher(ctx, out, in, inl) \ - EVP_Cipher(ctx,out,in,inl) -#else - #define M_do_cipher(ctx, out, in, inl) \ - ctx->cipher->do_cipher(ctx,out,in,inl) -#endif - const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; +void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) + { + memset(ctx,0,sizeof(EVP_CIPHER_CTX)); + /* ctx->cipher=NULL; */ + } + EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) { EVP_CIPHER_CTX *ctx=OPENSSL_malloc(sizeof *ctx); @@ -92,6 +90,144 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); } +int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, + const unsigned char *key, const unsigned char *iv, int enc) + { + if (enc == -1) + enc = ctx->encrypt; + else + { + if (enc) + enc = 1; + ctx->encrypt = enc; + } +#ifndef OPENSSL_NO_ENGINE + /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts + * so this context may already have an ENGINE! Try to avoid releasing + * the previous handle, re-querying for an ENGINE, and having a + * reinitialisation, when it may all be unecessary. */ + if (ctx->engine && ctx->cipher && (!cipher || + (cipher && (cipher->nid == ctx->cipher->nid)))) + goto skip_to_init; +#endif + if (cipher) + { + /* Ensure a context left lying around from last time is cleared + * (the previous check attempted to avoid this if the same + * ENGINE and EVP_CIPHER could be used). */ + EVP_CIPHER_CTX_cleanup(ctx); + + /* Restore encrypt field: it is zeroed by cleanup */ + ctx->encrypt = enc; +#ifndef OPENSSL_NO_ENGINE + if(impl) + { + if (!ENGINE_init(impl)) + { + EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); + return 0; + } + } + else + /* Ask if an ENGINE is reserved for this job */ + impl = ENGINE_get_cipher_engine(cipher->nid); + if(impl) + { + /* There's an ENGINE for this job ... (apparently) */ + const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid); + if(!c) + { + /* One positive side-effect of US's export + * control history, is that we should at least + * be able to avoid using US mispellings of + * "initialisation"? */ + EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); + return 0; + } + /* We'll use the ENGINE's private cipher definition */ + cipher = c; + /* Store the ENGINE functional reference so we know + * 'cipher' came from an ENGINE and we need to release + * it when done. */ + ctx->engine = impl; + } + else + ctx->engine = NULL; +#endif + + ctx->cipher=cipher; + if (ctx->cipher->ctx_size) + { + ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); + if (!ctx->cipher_data) + { + EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE); + return 0; + } + } + else + { + ctx->cipher_data = NULL; + } + ctx->key_len = cipher->key_len; + ctx->flags = 0; + if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) + { + if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) + { + EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); + return 0; + } + } + } + else if(!ctx->cipher) + { + EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); + return 0; + } +#ifndef OPENSSL_NO_ENGINE +skip_to_init: +#endif + /* we assume block size is a power of 2 in *cryptUpdate */ + OPENSSL_assert(ctx->cipher->block_size == 1 + || ctx->cipher->block_size == 8 + || ctx->cipher->block_size == 16); + + if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { + switch(EVP_CIPHER_CTX_mode(ctx)) { + + case EVP_CIPH_STREAM_CIPHER: + case EVP_CIPH_ECB_MODE: + break; + + case EVP_CIPH_CFB_MODE: + case EVP_CIPH_OFB_MODE: + + ctx->num = 0; + + case EVP_CIPH_CBC_MODE: + + OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= + (int)sizeof(ctx->iv)); + if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); + memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); + break; + + default: + return 0; + break; + } + } + + if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { + if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; + } + ctx->buf_len=0; + ctx->final_used=0; + ctx->block_mask=ctx->cipher->block_size-1; + return 1; + } + int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) { @@ -151,7 +287,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) { - if(M_do_cipher(ctx,out,in,inl)) + if(ctx->cipher->do_cipher(ctx,out,in,inl)) { *outl=inl; return 1; @@ -178,7 +314,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, { j=bl-i; memcpy(&(ctx->buf[i]),in,j); - if(!M_do_cipher(ctx,out,ctx->buf,bl)) return 0; + if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0; inl-=j; in+=j; out+=bl; @@ -191,7 +327,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, inl-=i; if (inl > 0) { - if(!M_do_cipher(ctx,out,in,inl)) return 0; + if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0; *outl+=inl; } @@ -235,7 +371,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) n=b-bl; for (i=bl; ibuf[i]=n; - ret=M_do_cipher(ctx,out,ctx->buf,b); + ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b); if(ret) @@ -357,6 +493,28 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) } } +int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) + { + if (c->cipher != NULL) + { + if(c->cipher->cleanup && !c->cipher->cleanup(c)) + return 0; + /* Cleanse cipher context data */ + if (c->cipher_data) + OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); + } + if (c->cipher_data) + OPENSSL_free(c->cipher_data); +#ifndef OPENSSL_NO_ENGINE + if (c->engine) + /* The EVP_CIPHER we used belongs to an ENGINE, release the + * functional reference we held for this reason. */ + ENGINE_finish(c->engine); +#endif + memset(c,0,sizeof(EVP_CIPHER_CTX)); + return 1; + } + int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) { if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) @@ -378,6 +536,27 @@ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) return 1; } +int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) +{ + int ret; + if(!ctx->cipher) { + EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); + return 0; + } + + if(!ctx->cipher->ctrl) { + EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); + return 0; + } + + ret = ctx->cipher->ctrl(ctx, type, arg, ptr); + if(ret == -1) { + EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); + return 0; + } + return ret; +} + int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) { if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) @@ -387,54 +566,38 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) return 1; } -#ifndef OPENSSL_NO_ENGINE - -#ifdef OPENSSL_FIPS - -static int do_evp_enc_engine_full(EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pcipher, ENGINE *impl) +int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) { - if(impl) + if ((in == NULL) || (in->cipher == NULL)) { - if (!ENGINE_init(impl)) - { - EVPerr(EVP_F_DO_EVP_ENC_ENGINE_FULL, EVP_R_INITIALIZATION_ERROR); - return 0; - } + EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); + return 0; } - else - /* Ask if an ENGINE is reserved for this job */ - impl = ENGINE_get_cipher_engine((*pcipher)->nid); - if(impl) +#ifndef OPENSSL_NO_ENGINE + /* Make sure it's safe to copy a cipher context using an ENGINE */ + if (in->engine && !ENGINE_init(in->engine)) + { + EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_ENGINE_LIB); + return 0; + } +#endif + + EVP_CIPHER_CTX_cleanup(out); + memcpy(out,in,sizeof *out); + + if (in->cipher_data && in->cipher->ctx_size) { - /* There's an ENGINE for this job ... (apparently) */ - const EVP_CIPHER *c = ENGINE_get_cipher(impl, (*pcipher)->nid); - if(!c) + out->cipher_data=OPENSSL_malloc(in->cipher->ctx_size); + if (!out->cipher_data) { - /* One positive side-effect of US's export - * control history, is that we should at least - * be able to avoid using US mispellings of - * "initialisation"? */ - EVPerr(EVP_F_DO_EVP_ENC_ENGINE_FULL, EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_MALLOC_FAILURE); return 0; } - /* We'll use the ENGINE's private cipher definition */ - *pcipher = c; - /* Store the ENGINE functional reference so we know - * 'cipher' came from an ENGINE and we need to release - * it when done. */ - ctx->engine = impl; + memcpy(out->cipher_data,in->cipher_data,in->cipher->ctx_size); } - else - ctx->engine = NULL; - return 1; - } -void int_EVP_CIPHER_init_engine_callbacks(void) - { - int_EVP_CIPHER_set_engine_callbacks( - ENGINE_finish, do_evp_enc_engine_full); + if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) + return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out); + return 1; } -#endif - -#endif diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c index ec2d127cd8..6b585c7483 100644 --- a/src/lib/libcrypto/evp/evp_err.c +++ b/src/lib/libcrypto/evp/evp_err.c @@ -1,6 +1,6 @@ /* crypto/evp/evp_err.c */ /* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -72,46 +72,66 @@ static ERR_STRING_DATA EVP_str_functs[]= { {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"}, {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, -{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"}, {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"}, {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, -{ERR_FUNC(EVP_F_DO_EVP_ENC_ENGINE), "DO_EVP_ENC_ENGINE"}, -{ERR_FUNC(EVP_F_DO_EVP_ENC_ENGINE_FULL), "DO_EVP_ENC_ENGINE_FULL"}, -{ERR_FUNC(EVP_F_DO_EVP_MD_ENGINE), "DO_EVP_MD_ENGINE"}, -{ERR_FUNC(EVP_F_DO_EVP_MD_ENGINE_FULL), "DO_EVP_MD_ENGINE_FULL"}, +{ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"}, {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"}, {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"}, {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"}, {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"}, -{ERR_FUNC(EVP_F_EVP_CIPHERINIT), "EVP_CipherInit"}, {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, +{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"}, {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"}, {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"}, {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"}, -{ERR_FUNC(EVP_F_EVP_DIGESTINIT), "EVP_DigestInit"}, {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"}, {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"}, +{ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_SIZE"}, {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"}, {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"}, +{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"}, {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"}, {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"}, +{ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"}, {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"}, {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"}, +{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"}, +{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"}, +{ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"}, {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"}, +{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"}, +{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"}, +{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"}, +{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"}, +{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"}, {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"}, +{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"}, +{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"}, {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"}, {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"}, {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"}, {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"}, {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"}, +{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"}, +{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"}, {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"}, +{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"}, +{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"}, +{ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"}, +{ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"}, +{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"}, +{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"}, +{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"}, +{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"}, {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"}, {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"}, {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"}, +{ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"}, {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"}, {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"}, {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"}, +{ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"}, {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"}, {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"}, {0,NULL} @@ -126,42 +146,52 @@ static ERR_STRING_DATA EVP_str_reasons[]= {ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"}, {ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"}, {ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"}, +{ERR_REASON(EVP_R_BUFFER_TOO_SMALL) ,"buffer too small"}, {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),"camellia key setup failed"}, {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"}, +{ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) ,"command not supported"}, {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"}, {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"}, {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"}, {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, -{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"}, +{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"}, {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, -{ERR_REASON(EVP_R_ERROR_LOADING_SECTION) ,"error loading section"}, -{ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE),"error setting fips mode"}, {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"}, {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"}, -{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"}, {ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"}, {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"}, -{ERR_REASON(EVP_R_INVALID_FIPS_MODE) ,"invalid fips mode"}, +{ERR_REASON(EVP_R_INVALID_DIGEST) ,"invalid digest"}, {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"}, +{ERR_REASON(EVP_R_INVALID_OPERATION) ,"invalid operation"}, {ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"}, {ERR_REASON(EVP_R_KEYGEN_FAILURE) ,"keygen failure"}, +{ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL),"message digest is null"}, +{ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED) ,"method not supported"}, {ERR_REASON(EVP_R_MISSING_PARAMETERS) ,"missing parameters"}, {ERR_REASON(EVP_R_NO_CIPHER_SET) ,"no cipher set"}, +{ERR_REASON(EVP_R_NO_DEFAULT_DIGEST) ,"no default digest"}, {ERR_REASON(EVP_R_NO_DIGEST_SET) ,"no digest set"}, {ERR_REASON(EVP_R_NO_DSA_PARAMETERS) ,"no dsa parameters"}, +{ERR_REASON(EVP_R_NO_KEY_SET) ,"no key set"}, +{ERR_REASON(EVP_R_NO_OPERATION_SET) ,"no operation set"}, {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),"no sign function configured"}, {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"}, +{ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"}, +{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED),"operaton not initialized"}, {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"}, +{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR),"private key decode error"}, +{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR),"private key encode error"}, {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"}, -{ERR_REASON(EVP_R_SEED_KEY_SETUP_FAILED) ,"seed key setup failed"}, -{ERR_REASON(EVP_R_UNKNOWN_OPTION) ,"unknown option"}, +{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"}, +{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"}, {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"}, {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"}, +{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"}, {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, {ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) ,"unsupported keylength"}, {ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),"unsupported key derivation function"}, diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c index 361ea69ab6..839d6a3a16 100644 --- a/src/lib/libcrypto/evp/evp_key.c +++ b/src/lib/libcrypto/evp/evp_key.c @@ -89,6 +89,11 @@ char *EVP_get_pw_prompt(void) * in the DES library -- if someone ever wants to disable DES, * this function will fail */ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) + { + return EVP_read_pw_string_min(buf, 0, len, prompt, verify); + } + +int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify) { int ret; char buff[BUFSIZ]; @@ -97,10 +102,10 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) if ((prompt == NULL) && (prompt_string[0] != '\0')) prompt=prompt_string; ui = UI_new(); - UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len); + UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len); if (verify) UI_add_verify_string(ui,prompt,0, - buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); + buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf); ret = UI_process(ui); UI_free(ui); OPENSSL_cleanse(buff,BUFSIZ); diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c index 174cf6c594..40951a04f0 100644 --- a/src/lib/libcrypto/evp/evp_lib.c +++ b/src/lib/libcrypto/evp/evp_lib.c @@ -67,8 +67,6 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (c->cipher->set_asn1_parameters != NULL) ret=c->cipher->set_asn1_parameters(c,type); - else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) - ret=EVP_CIPHER_set_asn1_iv(c, type); else ret=-1; return(ret); @@ -80,8 +78,6 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (c->cipher->get_asn1_parameters != NULL) ret=c->cipher->get_asn1_parameters(c,type); - else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) - ret=EVP_CIPHER_get_asn1_iv(c, type); else ret=-1; return(ret); @@ -163,6 +159,12 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx) return NID_des_cfb64; + case NID_des_ede3_cfb64: + case NID_des_ede3_cfb8: + case NID_des_ede3_cfb1: + + return NID_des_cfb64; + default: /* Check it has an OID and it is valid */ otmp = OBJ_nid2obj(nid); @@ -182,6 +184,11 @@ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) return ctx->cipher->block_size; } +int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) + { + return ctx->cipher->do_cipher(ctx,out,in,inl); + } + const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) { return ctx->cipher; @@ -192,6 +199,11 @@ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher) return cipher->flags; } +unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher->flags; + } + void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) { return ctx->app_data; @@ -207,6 +219,11 @@ int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) return cipher->iv_len; } +int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher->iv_len; + } + int EVP_CIPHER_key_length(const EVP_CIPHER *cipher) { return cipher->key_len; @@ -217,6 +234,11 @@ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) return ctx->key_len; } +int EVP_CIPHER_nid(const EVP_CIPHER *cipher) + { + return cipher->nid; + } + int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx) { return ctx->cipher->nid; @@ -239,11 +261,23 @@ int EVP_MD_pkey_type(const EVP_MD *md) int EVP_MD_size(const EVP_MD *md) { + if (!md) + { + EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL); + return -1; + } return md->md_size; } -const EVP_MD * EVP_MD_CTX_md(const EVP_MD_CTX *ctx) +unsigned long EVP_MD_flags(const EVP_MD *md) + { + return md->flags; + } + +const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx) { + if (!ctx) + return NULL; return ctx->digest; } diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h index eabcc96f30..292d74c188 100644 --- a/src/lib/libcrypto/evp/evp_locl.h +++ b/src/lib/libcrypto/evp/evp_locl.h @@ -61,38 +61,66 @@ /* Wrapper functions for each cipher mode */ #define BLOCK_CIPHER_ecb_loop() \ - unsigned int i, bl; \ + size_t i, bl; \ bl = ctx->cipher->block_size;\ if(inl < bl) return 1;\ inl -= bl; \ for(i=0; i <= inl; i+=bl) #define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ -static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ +static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ {\ BLOCK_CIPHER_ecb_loop() \ cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\ return 1;\ } +#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2)) + #define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \ -static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ +static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ {\ - cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\ + while(inl>=EVP_MAXCHUNK)\ + {\ + cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\ + inl-=EVP_MAXCHUNK;\ + in +=EVP_MAXCHUNK;\ + out+=EVP_MAXCHUNK;\ + }\ + if (inl)\ + cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\ return 1;\ } #define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ -static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ +static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ {\ - cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\ + while(inl>=EVP_MAXCHUNK) \ + {\ + cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\ + inl-=EVP_MAXCHUNK;\ + in +=EVP_MAXCHUNK;\ + out+=EVP_MAXCHUNK;\ + }\ + if (inl)\ + cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\ return 1;\ } #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ -static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ +static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ {\ - cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ + size_t chunk=EVP_MAXCHUNK;\ + if (cbits==1) chunk>>=3;\ + if (inl=chunk)\ + {\ + cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ + inl-=chunk;\ + in +=chunk;\ + out+=chunk;\ + if(inlcipher_data) -#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \ +#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \ BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ - (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \ - cipher##_init_key, NULL, NULL, NULL, NULL) - -#ifdef OPENSSL_FIPS -#define RC2_set_key private_RC2_set_key -#define RC4_set_key private_RC4_set_key -#define CAST_set_key private_CAST_set_key -#define RC5_32_set_key private_RC5_32_set_key -#define BF_set_key private_BF_set_key -#define Camellia_set_key private_Camellia_set_key -#define idea_set_encrypt_key private_idea_set_encrypt_key - -#define MD5_Init private_MD5_Init -#define MD4_Init private_MD4_Init -#define MD2_Init private_MD2_Init -#define MDC2_Init private_MDC2_Init -#define SHA_Init private_SHA_Init - -#endif + 0, cipher##_init_key, NULL, \ + EVP_CIPHER_set_asn1_iv, \ + EVP_CIPHER_get_asn1_iv, \ + NULL) + +struct evp_pkey_ctx_st + { + /* Method associated with this operation */ + const EVP_PKEY_METHOD *pmeth; + /* Engine that implements this method or NULL if builtin */ + ENGINE *engine; + /* Key: may be NULL */ + EVP_PKEY *pkey; + /* Peer key for key agreement, may be NULL */ + EVP_PKEY *peerkey; + /* Actual operation */ + int operation; + /* Algorithm specific data */ + void *data; + /* Application specific data */ + void *app_data; + /* Keygen callback */ + EVP_PKEY_gen_cb *pkey_gencb; + /* implementation specific keygen data */ + int *keygen_info; + int keygen_info_count; + } /* EVP_PKEY_CTX */; + +#define EVP_PKEY_FLAG_DYNAMIC 1 + +struct evp_pkey_method_st + { + int pkey_id; + int flags; + + int (*init)(EVP_PKEY_CTX *ctx); + int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src); + void (*cleanup)(EVP_PKEY_CTX *ctx); + + int (*paramgen_init)(EVP_PKEY_CTX *ctx); + int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); + + int (*keygen_init)(EVP_PKEY_CTX *ctx); + int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); + + int (*sign_init)(EVP_PKEY_CTX *ctx); + int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + const unsigned char *tbs, size_t tbslen); + + int (*verify_init)(EVP_PKEY_CTX *ctx); + int (*verify)(EVP_PKEY_CTX *ctx, + const unsigned char *sig, size_t siglen, + const unsigned char *tbs, size_t tbslen); + + int (*verify_recover_init)(EVP_PKEY_CTX *ctx); + int (*verify_recover)(EVP_PKEY_CTX *ctx, + unsigned char *rout, size_t *routlen, + const unsigned char *sig, size_t siglen); + + int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); + int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + EVP_MD_CTX *mctx); + + int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); + int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen, + EVP_MD_CTX *mctx); + + int (*encrypt_init)(EVP_PKEY_CTX *ctx); + int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen); + + int (*decrypt_init)(EVP_PKEY_CTX *ctx); + int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen); + + int (*derive_init)(EVP_PKEY_CTX *ctx); + int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); + + int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); + int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value); + + + } /* EVP_PKEY_METHOD */; +void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx); diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c index 5e830be65f..c9d932d205 100644 --- a/src/lib/libcrypto/evp/evp_pbe.c +++ b/src/lib/libcrypto/evp/evp_pbe.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -59,79 +59,253 @@ #include #include "cryptlib.h" #include +#include #include /* Password based encryption (PBE) functions */ -static STACK *pbe_algs; +DECLARE_STACK_OF(EVP_PBE_CTL) +static STACK_OF(EVP_PBE_CTL) *pbe_algs; /* Setup a cipher context from a PBE algorithm */ -typedef struct { -int pbe_nid; -const EVP_CIPHER *cipher; -const EVP_MD *md; -EVP_PBE_KEYGEN *keygen; -} EVP_PBE_CTL; +typedef struct + { + int pbe_type; + int pbe_nid; + int cipher_nid; + int md_nid; + EVP_PBE_KEYGEN *keygen; + } EVP_PBE_CTL; -int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) -{ +static const EVP_PBE_CTL builtin_pbe[] = + { + {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, + NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen}, + {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC, + NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen}, + {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC, + NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen}, - EVP_PBE_CTL *pbetmp, pbelu; - int i; - pbelu.pbe_nid = OBJ_obj2nid(pbe_obj); - if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu); - else i = -1; + {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, + NID_rc4, NID_sha1, PKCS12_PBE_keyivgen}, + {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, + NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen}, + {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, + NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen}, + {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC, + NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen}, + {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC, + NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen}, + {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC, + NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen}, + +#ifndef OPENSSL_NO_HMAC + {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen}, +#endif + {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, + NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen}, + {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, + NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen}, + {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC, + NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen}, + + + {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0}, + {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0}, + {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0}, + {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0}, + {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0}, + {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0}, + {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0}, + }; + +#ifdef TEST +int main(int argc, char **argv) + { + int i, nid_md, nid_cipher; + EVP_PBE_CTL *tpbe, *tpbe2; + /*OpenSSL_add_all_algorithms();*/ + + for (i = 0; i < sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL); i++) + { + tpbe = builtin_pbe + i; + fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid, + OBJ_nid2sn(tpbe->pbe_nid)); + if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid, + &nid_cipher ,&nid_md,0)) + fprintf(stderr, "Found %s %s\n", + OBJ_nid2sn(nid_cipher), + OBJ_nid2sn(nid_md)); + else + fprintf(stderr, "Find ERROR!!\n"); + } + + return 0; + } +#endif + + + +int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, + ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) + { + const EVP_CIPHER *cipher; + const EVP_MD *md; + int cipher_nid, md_nid; + EVP_PBE_KEYGEN *keygen; - if (i == -1) { + if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj), + &cipher_nid, &md_nid, &keygen)) + { char obj_tmp[80]; EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM); if (!pbe_obj) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp); else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); ERR_add_error_data(2, "TYPE=", obj_tmp); return 0; - } - if(!pass) passlen = 0; - else if (passlen == -1) passlen = strlen(pass); - pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i); - i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher, - pbetmp->md, en_de); - if (!i) { + } + + if(!pass) + passlen = 0; + else if (passlen == -1) + passlen = strlen(pass); + + if (cipher_nid == -1) + cipher = NULL; + else + { + cipher = EVP_get_cipherbynid(cipher_nid); + if (!cipher) + { + EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_CIPHER); + return 0; + } + } + + if (md_nid == -1) + md = NULL; + else + { + md = EVP_get_digestbynid(md_nid); + if (!md) + { + EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_DIGEST); + return 0; + } + } + + if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) + { EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE); return 0; - } + } return 1; } -static int pbe_cmp(const char * const *a, const char * const *b) -{ - const EVP_PBE_CTL * const *pbe1 = (const EVP_PBE_CTL * const *) a, - * const *pbe2 = (const EVP_PBE_CTL * const *)b; - return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid); -} +DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2); + +static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2) + { + int ret = pbe1->pbe_type - pbe2->pbe_type; + if (ret) + return ret; + else + return pbe1->pbe_nid - pbe2->pbe_nid; + } + +IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2); + +static int pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b) + { + int ret = (*a)->pbe_type - (*b)->pbe_type; + if (ret) + return ret; + else + return (*a)->pbe_nid - (*b)->pbe_nid; + } /* Add a PBE algorithm */ -int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, - EVP_PBE_KEYGEN *keygen) -{ +int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, + EVP_PBE_KEYGEN *keygen) + { EVP_PBE_CTL *pbe_tmp; - if (!pbe_algs) pbe_algs = sk_new(pbe_cmp); - if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) { - EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE); + if (!pbe_algs) + pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp); + if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) + { + EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE,ERR_R_MALLOC_FAILURE); return 0; - } - pbe_tmp->pbe_nid = nid; - pbe_tmp->cipher = cipher; - pbe_tmp->md = md; + } + pbe_tmp->pbe_type = pbe_type; + pbe_tmp->pbe_nid = pbe_nid; + pbe_tmp->cipher_nid = cipher_nid; + pbe_tmp->md_nid = md_nid; pbe_tmp->keygen = keygen; - sk_push (pbe_algs, (char *)pbe_tmp); + + + sk_EVP_PBE_CTL_push (pbe_algs, pbe_tmp); return 1; -} + } + +int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, + EVP_PBE_KEYGEN *keygen) + { + int cipher_nid, md_nid; + if (cipher) + cipher_nid = EVP_CIPHER_type(cipher); + else + cipher_nid = -1; + if (md) + md_nid = EVP_MD_type(md); + else + md_nid = -1; + + return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid, + cipher_nid, md_nid, keygen); + } + +int EVP_PBE_find(int type, int pbe_nid, + int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen) + { + EVP_PBE_CTL *pbetmp = NULL, pbelu; + int i; + if (pbe_nid == NID_undef) + return 0; + + pbelu.pbe_type = type; + pbelu.pbe_nid = pbe_nid; + + if (pbe_algs) + { + i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu); + if (i != -1) + pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i); + } + if (pbetmp == NULL) + { + pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe, + sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL)); + } + if (pbetmp == NULL) + return 0; + if (pcnid) + *pcnid = pbetmp->cipher_nid; + if (pmnid) + *pmnid = pbetmp->md_nid; + if (pkeygen) + *pkeygen = pbetmp->keygen; + return 1; + } + +static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe) + { + OPENSSL_freeFunc(pbe); + } void EVP_PBE_cleanup(void) -{ - sk_pop_free(pbe_algs, OPENSSL_freeFunc); + { + sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl); pbe_algs = NULL; -} + } diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c index 10d9e9e772..ceebf69284 100644 --- a/src/lib/libcrypto/evp/evp_pkey.c +++ b/src/lib/libcrypto/evp/evp_pkey.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -61,287 +61,52 @@ #include "cryptlib.h" #include #include -#ifndef OPENSSL_NO_RSA -#include -#endif -#ifndef OPENSSL_NO_DSA -#include -#endif -#include - -#ifndef OPENSSL_NO_DSA -static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); -#endif -#ifndef OPENSSL_NO_EC -static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); -#endif +#include "asn1_locl.h" /* Extract a private key from a PKCS8 structure */ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { EVP_PKEY *pkey = NULL; -#ifndef OPENSSL_NO_RSA - RSA *rsa = NULL; -#endif -#ifndef OPENSSL_NO_DSA - DSA *dsa = NULL; - ASN1_TYPE *t1, *t2; - ASN1_INTEGER *privkey; - STACK_OF(ASN1_TYPE) *ndsa = NULL; -#endif -#ifndef OPENSSL_NO_EC - EC_KEY *eckey = NULL; - const unsigned char *p_tmp; -#endif -#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) - ASN1_TYPE *param = NULL; - BN_CTX *ctx = NULL; - int plen; -#endif - X509_ALGOR *a; - const unsigned char *p; - const unsigned char *cp; - int pkeylen; - int nid; + ASN1_OBJECT *algoid; char obj_tmp[80]; - if(p8->pkey->type == V_ASN1_OCTET_STRING) { - p8->broken = PKCS8_OK; - p = p8->pkey->value.octet_string->data; - pkeylen = p8->pkey->value.octet_string->length; - } else { - p8->broken = PKCS8_NO_OCTET; - p = p8->pkey->value.sequence->data; - pkeylen = p8->pkey->value.sequence->length; - } + if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8)) + return NULL; + if (!(pkey = EVP_PKEY_new())) { EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); return NULL; } - a = p8->pkeyalg; - nid = OBJ_obj2nid(a->algorithm); - switch(nid) - { -#ifndef OPENSSL_NO_RSA - case NID_rsaEncryption: - cp = p; - if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - return NULL; - } - EVP_PKEY_assign_RSA (pkey, rsa); - break; -#endif -#ifndef OPENSSL_NO_DSA - case NID_dsa: - /* PKCS#8 DSA is weird: you just get a private key integer - * and parameters in the AlgorithmIdentifier the pubkey must - * be recalculated. - */ - - /* Check for broken DSA PKCS#8, UGH! */ - if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) { - if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, - d2i_ASN1_TYPE, - ASN1_TYPE_free))) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - if(sk_ASN1_TYPE_num(ndsa) != 2 ) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - /* Handle Two broken types: - * SEQUENCE {parameters, priv_key} - * SEQUENCE {pub_key, priv_key} - */ - - t1 = sk_ASN1_TYPE_value(ndsa, 0); - t2 = sk_ASN1_TYPE_value(ndsa, 1); - if(t1->type == V_ASN1_SEQUENCE) { - p8->broken = PKCS8_EMBEDDED_PARAM; - param = t1; - } else if(a->parameter->type == V_ASN1_SEQUENCE) { - p8->broken = PKCS8_NS_DB; - param = a->parameter; - } else { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - - if(t2->type != V_ASN1_INTEGER) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - privkey = t2->value.integer; - } else { - if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - param = p8->pkeyalg->parameter; - } - if (!param || (param->type != V_ASN1_SEQUENCE)) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - cp = p = param->value.sequence->data; - plen = param->value.sequence->length; - if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - /* We have parameters now set private key */ - if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) { - EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR); - goto dsaerr; - } - /* Calculate public key (ouch!) */ - if (!(dsa->pub_key = BN_new())) { - EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); - goto dsaerr; - } - if (!(ctx = BN_CTX_new())) { - EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); - goto dsaerr; - } - - if (!BN_mod_exp(dsa->pub_key, dsa->g, - dsa->priv_key, dsa->p, ctx)) { - - EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR); - goto dsaerr; - } - EVP_PKEY_assign_DSA(pkey, dsa); - BN_CTX_free (ctx); - if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - else ASN1_INTEGER_free(privkey); - break; - dsaerr: - BN_CTX_free (ctx); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - DSA_free(dsa); - EVP_PKEY_free(pkey); - return NULL; - break; -#endif -#ifndef OPENSSL_NO_EC - case NID_X9_62_id_ecPublicKey: - p_tmp = p; - /* extract the ec parameters */ - param = p8->pkeyalg->parameter; - - if (!param || ((param->type != V_ASN1_SEQUENCE) && - (param->type != V_ASN1_OBJECT))) + if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto ecerr; + EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + i2t_ASN1_OBJECT(obj_tmp, 80, algoid); + ERR_add_error_data(2, "TYPE=", obj_tmp); + goto error; } - if (param->type == V_ASN1_SEQUENCE) + if (pkey->ameth->priv_decode) { - cp = p = param->value.sequence->data; - plen = param->value.sequence->length; - - if (!(eckey = d2i_ECParameters(NULL, &cp, plen))) + if (!pkey->ameth->priv_decode(pkey, p8)) { - EVPerr(EVP_F_EVP_PKCS82PKEY, - EVP_R_DECODE_ERROR); - goto ecerr; + EVPerr(EVP_F_EVP_PKCS82PKEY, + EVP_R_PRIVATE_KEY_DECODE_ERROR); + goto error; } } - else + else { - EC_GROUP *group; - cp = p = param->value.object->data; - plen = param->value.object->length; - - /* type == V_ASN1_OBJECT => the parameters are given - * by an asn1 OID - */ - if ((eckey = EC_KEY_new()) == NULL) - { - EVPerr(EVP_F_EVP_PKCS82PKEY, - ERR_R_MALLOC_FAILURE); - goto ecerr; - } - group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); - if (group == NULL) - goto ecerr; - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); - if (EC_KEY_set_group(eckey, group) == 0) - goto ecerr; - EC_GROUP_free(group); - } - - /* We have parameters now set private key */ - if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen)) - { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto ecerr; - } - - /* calculate public key (if necessary) */ - if (EC_KEY_get0_public_key(eckey) == NULL) - { - const BIGNUM *priv_key; - const EC_GROUP *group; - EC_POINT *pub_key; - /* the public key was not included in the SEC1 private - * key => calculate the public key */ - group = EC_KEY_get0_group(eckey); - pub_key = EC_POINT_new(group); - if (pub_key == NULL) - { - EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); - goto ecerr; - } - if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) - { - EC_POINT_free(pub_key); - EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); - goto ecerr; - } - priv_key = EC_KEY_get0_private_key(eckey); - if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) - { - EC_POINT_free(pub_key); - EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); - goto ecerr; - } - if (EC_KEY_set_public_key(eckey, pub_key) == 0) - { - EC_POINT_free(pub_key); - EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); - goto ecerr; - } - EC_POINT_free(pub_key); + EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED); + goto error; } - EVP_PKEY_assign_EC_KEY(pkey, eckey); - if (ctx) - BN_CTX_free(ctx); - break; -ecerr: - if (ctx) - BN_CTX_free(ctx); - if (eckey) - EC_KEY_free(eckey); - if (pkey) - EVP_PKEY_free(pkey); - return NULL; -#endif - default: - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); - if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp); - else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm); - ERR_add_error_data(2, "TYPE=", obj_tmp); - EVP_PKEY_free (pkey); - return NULL; - } return pkey; + + error: + EVP_PKEY_free (pkey); + return NULL; } PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) @@ -360,59 +125,37 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) return NULL; } p8->broken = broken; - if (!ASN1_INTEGER_set(p8->version, 0)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); - PKCS8_PRIV_KEY_INFO_free (p8); - return NULL; - } - if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); - PKCS8_PRIV_KEY_INFO_free (p8); - return NULL; - } - p8->pkey->type = V_ASN1_OCTET_STRING; - switch (EVP_PKEY_type(pkey->type)) { -#ifndef OPENSSL_NO_RSA - case EVP_PKEY_RSA: - if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE; - - p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); - p8->pkeyalg->parameter->type = V_ASN1_NULL; - if (!ASN1_pack_string_of (EVP_PKEY,pkey, i2d_PrivateKey, - &p8->pkey->value.octet_string)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); - PKCS8_PRIV_KEY_INFO_free (p8); - return NULL; - } - break; -#endif -#ifndef OPENSSL_NO_DSA - case EVP_PKEY_DSA: - if(!dsa_pkey2pkcs8(p8, pkey)) { - PKCS8_PRIV_KEY_INFO_free (p8); - return NULL; + if (pkey->ameth) + { + if (pkey->ameth->priv_encode) + { + if (!pkey->ameth->priv_encode(p8, pkey)) + { + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, + EVP_R_PRIVATE_KEY_ENCODE_ERROR); + goto error; + } + } + else + { + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, + EVP_R_METHOD_NOT_SUPPORTED); + goto error; + } } - - break; -#endif -#ifndef OPENSSL_NO_EC - case EVP_PKEY_EC: - if (!eckey_pkey2pkcs8(p8, pkey)) + else { - PKCS8_PRIV_KEY_INFO_free(p8); - return(NULL); + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, + EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + goto error; } - break; -#endif - default: - EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); - PKCS8_PRIV_KEY_INFO_free (p8); - return NULL; - } RAND_add(p8->pkey->value.octet_string->data, p8->pkey->value.octet_string->length, 0.0); return p8; + error: + PKCS8_PRIV_KEY_INFO_free(p8); + return NULL; } PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) @@ -436,301 +179,6 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) } } -#ifndef OPENSSL_NO_DSA -static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) -{ - ASN1_STRING *params = NULL; - ASN1_INTEGER *prkey = NULL; - ASN1_TYPE *ttmp = NULL; - STACK_OF(ASN1_TYPE) *ndsa = NULL; - unsigned char *p = NULL, *q; - int len; - - p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); - len = i2d_DSAparams (pkey->pkey.dsa, NULL); - if (!(p = OPENSSL_malloc(len))) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - q = p; - i2d_DSAparams (pkey->pkey.dsa, &q); - if (!(params = ASN1_STRING_new())) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - if (!ASN1_STRING_set(params, p, len)) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - OPENSSL_free(p); - p = NULL; - /* Get private key into integer */ - if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); - goto err; - } - - switch(p8->broken) { - - case PKCS8_OK: - case PKCS8_NO_OCTET: - - if (!ASN1_pack_string_of(ASN1_INTEGER,prkey, i2d_ASN1_INTEGER, - &p8->pkey->value.octet_string)) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - - M_ASN1_INTEGER_free (prkey); - prkey = NULL; - p8->pkeyalg->parameter->value.sequence = params; - params = NULL; - p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; - - break; - - case PKCS8_NS_DB: - - p8->pkeyalg->parameter->value.sequence = params; - params = NULL; - p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; - if (!(ndsa = sk_ASN1_TYPE_new_null())) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - if (!(ttmp = ASN1_TYPE_new())) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - if (!(ttmp->value.integer = - BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); - goto err; - } - ttmp->type = V_ASN1_INTEGER; - if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!(ttmp = ASN1_TYPE_new())) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - ttmp->value.integer = prkey; - prkey = NULL; - ttmp->type = V_ASN1_INTEGER; - if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - ttmp = NULL; - - if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, - &p8->pkey->value.octet_string->data, - &p8->pkey->value.octet_string->length)) { - - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - break; - - case PKCS8_EMBEDDED_PARAM: - - p8->pkeyalg->parameter->type = V_ASN1_NULL; - if (!(ndsa = sk_ASN1_TYPE_new_null())) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - if (!(ttmp = ASN1_TYPE_new())) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - ttmp->value.sequence = params; - params = NULL; - ttmp->type = V_ASN1_SEQUENCE; - if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!(ttmp = ASN1_TYPE_new())) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - ttmp->value.integer = prkey; - prkey = NULL; - ttmp->type = V_ASN1_INTEGER; - if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - ttmp = NULL; - - if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, - &p8->pkey->value.octet_string->data, - &p8->pkey->value.octet_string->length)) { - - EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - goto err; - } - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - break; - } - return 1; -err: - if (p != NULL) OPENSSL_free(p); - if (params != NULL) ASN1_STRING_free(params); - if (prkey != NULL) M_ASN1_INTEGER_free(prkey); - if (ttmp != NULL) ASN1_TYPE_free(ttmp); - if (ndsa != NULL) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - return 0; -} -#endif - -#ifndef OPENSSL_NO_EC -static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) -{ - EC_KEY *ec_key; - const EC_GROUP *group; - unsigned char *p, *pp; - int nid, i, ret = 0; - unsigned int tmp_flags, old_flags; - - ec_key = pkey->pkey.ec; - if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) - { - EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS); - return 0; - } - - /* set the ec parameters OID */ - if (p8->pkeyalg->algorithm) - ASN1_OBJECT_free(p8->pkeyalg->algorithm); - - p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey); - - /* set the ec parameters */ - - if (p8->pkeyalg->parameter) - { - ASN1_TYPE_free(p8->pkeyalg->parameter); - p8->pkeyalg->parameter = NULL; - } - - if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL) - { - EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - return 0; - } - - if (EC_GROUP_get_asn1_flag(group) - && (nid = EC_GROUP_get_curve_name(group))) - { - /* we have a 'named curve' => just set the OID */ - p8->pkeyalg->parameter->type = V_ASN1_OBJECT; - p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid); - } - else /* explicit parameters */ - { - if ((i = i2d_ECParameters(ec_key, NULL)) == 0) - { - EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); - return 0; - } - if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) - { - EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - return 0; - } - pp = p; - if (!i2d_ECParameters(ec_key, &pp)) - { - EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); - OPENSSL_free(p); - return 0; - } - p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; - if ((p8->pkeyalg->parameter->value.sequence - = ASN1_STRING_new()) == NULL) - { - EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_ASN1_LIB); - OPENSSL_free(p); - return 0; - } - ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i); - OPENSSL_free(p); - } - - /* set the private key */ - - /* do not include the parameters in the SEC1 private key - * see PKCS#11 12.11 */ - old_flags = EC_KEY_get_enc_flags(pkey->pkey.ec); - tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS; - EC_KEY_set_enc_flags(pkey->pkey.ec, tmp_flags); - i = i2d_ECPrivateKey(pkey->pkey.ec, NULL); - if (!i) - { - EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); - EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); - return 0; - } - p = (unsigned char *) OPENSSL_malloc(i); - if (!p) - { - EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); - EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - return 0; - } - pp = p; - if (!i2d_ECPrivateKey(pkey->pkey.ec, &pp)) - { - EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); - EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); - OPENSSL_free(p); - return 0; - } - /* restore old encoding flags */ - EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); - - switch(p8->broken) { - - case PKCS8_OK: - p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); - if (!p8->pkey->value.octet_string || - !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string, - (const void *)p, i)) - - { - EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - } - else - ret = 1; - break; - case PKCS8_NO_OCTET: /* RSA specific */ - case PKCS8_NS_DB: /* DSA specific */ - case PKCS8_EMBEDDED_PARAM: /* DSA specific */ - default: - EVPerr(EVP_F_ECKEY_PKEY2PKCS8,EVP_R_ENCODE_ERROR); - } - OPENSSL_cleanse(p, (size_t)i); - OPENSSL_free(p); - return ret; -} -#endif - /* EVP_PKEY attribute functions */ int EVP_PKEY_get_attr_count(const EVP_PKEY *key) diff --git a/src/lib/libcrypto/evp/evp_test.c b/src/lib/libcrypto/evp/evp_test.c index 436be20bf1..902efac975 100644 --- a/src/lib/libcrypto/evp/evp_test.c +++ b/src/lib/libcrypto/evp/evp_test.c @@ -153,8 +153,8 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, if(kn != c->key_len) { - fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn, - c->key_len); + fprintf(stderr,"Key length doesn't match, got %d expected %lu\n",kn, + (unsigned long)c->key_len); test1_exit(5); } EVP_CIPHER_CTX_init(&ctx); @@ -441,7 +441,7 @@ int main(int argc,char **argv) #endif EVP_cleanup(); CRYPTO_cleanup_all_ex_data(); - ERR_remove_state(0); + ERR_remove_thread_state(NULL); ERR_free_strings(); CRYPTO_mem_leaks_fp(stderr); diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c index 6b0c0aa7a3..48c2689504 100644 --- a/src/lib/libcrypto/evp/m_dss.c +++ b/src/lib/libcrypto/evp/m_dss.c @@ -81,7 +81,7 @@ static const EVP_MD dsa_md= NID_dsaWithSHA, NID_dsaWithSHA, SHA_DIGEST_LENGTH, - EVP_MD_FLAG_FIPS, + EVP_MD_FLAG_PKEY_DIGEST, init, update, final, diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c index da8babc147..4f03fb70e0 100644 --- a/src/lib/libcrypto/evp/m_dss1.c +++ b/src/lib/libcrypto/evp/m_dss1.c @@ -68,8 +68,6 @@ #include #endif -#ifndef OPENSSL_FIPS - static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } @@ -84,7 +82,7 @@ static const EVP_MD dss1_md= NID_dsa, NID_dsaWithSHA1, SHA_DIGEST_LENGTH, - 0, + EVP_MD_FLAG_PKEY_DIGEST, init, update, final, @@ -100,4 +98,3 @@ const EVP_MD *EVP_dss1(void) return(&dss1_md); } #endif -#endif diff --git a/src/lib/libcrypto/evp/m_md2.c b/src/lib/libcrypto/evp/m_md2.c index 8eee6236ba..5ce849f161 100644 --- a/src/lib/libcrypto/evp/m_md2.c +++ b/src/lib/libcrypto/evp/m_md2.c @@ -58,7 +58,6 @@ #include #include "cryptlib.h" -#include "evp_locl.h" #ifndef OPENSSL_NO_MD2 diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c index 5cd2ab5ade..1e0b7c5b42 100644 --- a/src/lib/libcrypto/evp/m_md4.c +++ b/src/lib/libcrypto/evp/m_md4.c @@ -58,7 +58,6 @@ #include #include "cryptlib.h" -#include "evp_locl.h" #ifndef OPENSSL_NO_MD4 diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c index 6455829671..63c142119e 100644 --- a/src/lib/libcrypto/evp/m_md5.c +++ b/src/lib/libcrypto/evp/m_md5.c @@ -62,7 +62,6 @@ #ifndef OPENSSL_NO_MD5 #include -#include "evp_locl.h" #include #include #include diff --git a/src/lib/libcrypto/evp/m_mdc2.c b/src/lib/libcrypto/evp/m_mdc2.c index 9f9bcf06ed..b08d559803 100644 --- a/src/lib/libcrypto/evp/m_mdc2.c +++ b/src/lib/libcrypto/evp/m_mdc2.c @@ -58,7 +58,6 @@ #include #include "cryptlib.h" -#include "evp_locl.h" #ifndef OPENSSL_NO_MDC2 @@ -66,7 +65,9 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif static int init(EVP_MD_CTX *ctx) { return MDC2_Init(ctx->md_data); } diff --git a/src/lib/libcrypto/evp/m_sha.c b/src/lib/libcrypto/evp/m_sha.c index 3f30dfc579..acccc8f92d 100644 --- a/src/lib/libcrypto/evp/m_sha.c +++ b/src/lib/libcrypto/evp/m_sha.c @@ -58,7 +58,6 @@ #include #include "cryptlib.h" -#include "evp_locl.h" #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c index 471ec30be0..9a2790fdea 100644 --- a/src/lib/libcrypto/evp/m_sha1.c +++ b/src/lib/libcrypto/evp/m_sha1.c @@ -68,8 +68,6 @@ #include #endif -#ifndef OPENSSL_FIPS - static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } @@ -84,7 +82,7 @@ static const EVP_MD sha1_md= NID_sha1, NID_sha1WithRSAEncryption, SHA_DIGEST_LENGTH, - 0, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, init, update, final, @@ -99,6 +97,7 @@ const EVP_MD *EVP_sha1(void) { return(&sha1_md); } +#endif #ifndef OPENSSL_NO_SHA256 static int init224(EVP_MD_CTX *ctx) @@ -120,7 +119,7 @@ static const EVP_MD sha224_md= NID_sha224, NID_sha224WithRSAEncryption, SHA224_DIGEST_LENGTH, - 0, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, init224, update256, final256, @@ -139,7 +138,7 @@ static const EVP_MD sha256_md= NID_sha256, NID_sha256WithRSAEncryption, SHA256_DIGEST_LENGTH, - 0, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, init256, update256, final256, @@ -170,7 +169,7 @@ static const EVP_MD sha384_md= NID_sha384, NID_sha384WithRSAEncryption, SHA384_DIGEST_LENGTH, - 0, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, init384, update512, final512, @@ -189,7 +188,7 @@ static const EVP_MD sha512_md= NID_sha512, NID_sha512WithRSAEncryption, SHA512_DIGEST_LENGTH, - 0, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, init512, update512, final512, @@ -203,7 +202,3 @@ static const EVP_MD sha512_md= const EVP_MD *EVP_sha512(void) { return(&sha512_md); } #endif /* ifndef OPENSSL_NO_SHA512 */ - -#endif - -#endif diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c index e2e04c3570..f2869f5c78 100644 --- a/src/lib/libcrypto/evp/names.c +++ b/src/lib/libcrypto/evp/names.c @@ -66,35 +66,32 @@ int EVP_add_cipher(const EVP_CIPHER *c) { int r; -#ifdef OPENSSL_FIPS - OPENSSL_init(); -#endif - r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); if (r == 0) return(0); + check_defer(c->nid); r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); return(r); } + int EVP_add_digest(const EVP_MD *md) { int r; const char *name; -#ifdef OPENSSL_FIPS - OPENSSL_init(); -#endif name=OBJ_nid2sn(md->type); r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(const char *)md); if (r == 0) return(0); + check_defer(md->type); r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(const char *)md); if (r == 0) return(0); - if (md->type != md->pkey_type) + if (md->pkey_type && md->type != md->pkey_type) { r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type), OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name); if (r == 0) return(0); + check_defer(md->pkey_type); r=OBJ_NAME_add(OBJ_nid2ln(md->pkey_type), OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name); } @@ -127,4 +124,78 @@ void EVP_cleanup(void) OBJ_NAME_cleanup(-1); EVP_PBE_cleanup(); + if (obj_cleanup_defer == 2) + { + obj_cleanup_defer = 0; + OBJ_cleanup(); + } + OBJ_sigid_free(); + } + +struct doall_cipher + { + void *arg; + void (*fn)(const EVP_CIPHER *ciph, + const char *from, const char *to, void *arg); + }; + +static void do_all_cipher_fn(const OBJ_NAME *nm, void *arg) + { + struct doall_cipher *dc = arg; + if (nm->alias) + dc->fn(NULL, nm->name, nm->data, dc->arg); + else + dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg); + } + +void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, + const char *from, const char *to, void *x), void *arg) + { + struct doall_cipher dc; + dc.fn = fn; + dc.arg = arg; + OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc); + } + +void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph, + const char *from, const char *to, void *x), void *arg) + { + struct doall_cipher dc; + dc.fn = fn; + dc.arg = arg; + OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn,&dc); + } + +struct doall_md + { + void *arg; + void (*fn)(const EVP_MD *ciph, + const char *from, const char *to, void *arg); + }; + +static void do_all_md_fn(const OBJ_NAME *nm, void *arg) + { + struct doall_md *dc = arg; + if (nm->alias) + dc->fn(NULL, nm->name, nm->data, dc->arg); + else + dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg); + } + +void EVP_MD_do_all(void (*fn)(const EVP_MD *md, + const char *from, const char *to, void *x), void *arg) + { + struct doall_md dc; + dc.fn = fn; + dc.arg = arg; + OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc); + } + +void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *md, + const char *from, const char *to, void *x), void *arg) + { + struct doall_md dc; + dc.fn = fn; + dc.arg = arg; + OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc); } diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c index 2a265fdee2..7ecfa8dad9 100644 --- a/src/lib/libcrypto/evp/p5_crpt.c +++ b/src/lib/libcrypto/evp/p5_crpt.c @@ -62,42 +62,11 @@ #include #include -/* PKCS#5 v1.5 compatible PBE functions: see PKCS#5 v2.0 for more info. +/* Doesn't do anything now: Builtin PBE algorithms in static table. */ void PKCS5_PBE_add(void) { -#ifndef OPENSSL_NO_DES -# ifndef OPENSSL_NO_MD5 -EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(), - PKCS5_PBE_keyivgen); -# endif -# ifndef OPENSSL_NO_MD2 -EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(), - PKCS5_PBE_keyivgen); -# endif -# ifndef OPENSSL_NO_SHA -EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(), - PKCS5_PBE_keyivgen); -# endif -#endif -#ifndef OPENSSL_NO_RC2 -# ifndef OPENSSL_NO_MD5 -EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(), - PKCS5_PBE_keyivgen); -# endif -# ifndef OPENSSL_NO_MD2 -EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(), - PKCS5_PBE_keyivgen); -# endif -# ifndef OPENSSL_NO_SHA -EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(), - PKCS5_PBE_keyivgen); -# endif -#endif -#ifndef OPENSSL_NO_HMAC -EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen); -#endif } int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, @@ -112,6 +81,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, int saltlen, iter; unsigned char *salt; const unsigned char *pbuf; + int mdsize; /* Extract useful info from parameter */ if (param == NULL || param->type != V_ASN1_SEQUENCE || @@ -140,9 +110,12 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, EVP_DigestUpdate(&ctx, salt, saltlen); PBEPARAM_free(pbe); EVP_DigestFinal_ex(&ctx, md_tmp, NULL); + mdsize = EVP_MD_size(md); + if (mdsize < 0) + return 0; for (i = 1; i < iter; i++) { EVP_DigestInit_ex(&ctx, md, NULL); - EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md)); + EVP_DigestUpdate(&ctx, md_tmp, mdsize); EVP_DigestFinal_ex (&ctx, md_tmp, NULL); } EVP_MD_CTX_cleanup(&ctx); diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c index 6bec77baf9..334379f310 100644 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ b/src/lib/libcrypto/evp/p5_crpt2.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -71,28 +71,38 @@ #endif /* This is an implementation of PKCS#5 v2.0 password based encryption key - * derivation function PBKDF2 using the only currently defined function HMAC - * with SHA1. Verified against test vectors posted by Peter Gutmann + * derivation function PBKDF2. + * SHA1 version verified against test vectors posted by Peter Gutmann * to the PKCS-TNG mailing list. */ -int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, +int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, + const EVP_MD *digest, int keylen, unsigned char *out) -{ - unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4]; - int cplen, j, k, tkeylen; + { + unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; + int cplen, j, k, tkeylen, mdlen; unsigned long i = 1; HMAC_CTX hctx; + mdlen = EVP_MD_size(digest); + if (mdlen < 0) + return 0; + HMAC_CTX_init(&hctx); p = out; tkeylen = keylen; - if(!pass) passlen = 0; - else if(passlen == -1) passlen = strlen(pass); - while(tkeylen) { - if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH; - else cplen = tkeylen; + if(!pass) + passlen = 0; + else if(passlen == -1) + passlen = strlen(pass); + while(tkeylen) + { + if(tkeylen > mdlen) + cplen = mdlen; + else + cplen = tkeylen; /* We are unlikely to ever use more than 256 blocks (5120 bits!) * but just in case... */ @@ -100,20 +110,22 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, itmp[1] = (unsigned char)((i >> 16) & 0xff); itmp[2] = (unsigned char)((i >> 8) & 0xff); itmp[3] = (unsigned char)(i & 0xff); - HMAC_Init_ex(&hctx, pass, passlen, EVP_sha1(), NULL); + HMAC_Init_ex(&hctx, pass, passlen, digest, NULL); HMAC_Update(&hctx, salt, saltlen); HMAC_Update(&hctx, itmp, 4); HMAC_Final(&hctx, digtmp, NULL); memcpy(p, digtmp, cplen); - for(j = 1; j < iter; j++) { - HMAC(EVP_sha1(), pass, passlen, - digtmp, SHA_DIGEST_LENGTH, digtmp, NULL); - for(k = 0; k < cplen; k++) p[k] ^= digtmp[k]; - } + for(j = 1; j < iter; j++) + { + HMAC(digest, pass, passlen, + digtmp, mdlen, digtmp, NULL); + for(k = 0; k < cplen; k++) + p[k] ^= digtmp[k]; + } tkeylen-= cplen; i++; p+= cplen; - } + } HMAC_CTX_cleanup(&hctx); #ifdef DEBUG_PKCS5V2 fprintf(stderr, "Password:\n"); @@ -125,7 +137,15 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, h__dump (out, keylen); #endif return 1; -} + } + +int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, + const unsigned char *salt, int saltlen, int iter, + int keylen, unsigned char *out) + { + return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, EVP_sha1(), + keylen, out); + } #ifdef DO_TEST main() @@ -155,6 +175,8 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, PBE2PARAM *pbe2 = NULL; const EVP_CIPHER *cipher; PBKDF2PARAM *kdf = NULL; + const EVP_MD *prfmd; + int prf_nid, hmac_md_nid; if (param == NULL || param->type != V_ASN1_SEQUENCE || param->value.sequence == NULL) { @@ -180,8 +202,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, /* lets see if we recognise the encryption algorithm. */ - cipher = EVP_get_cipherbyname( - OBJ_nid2sn(OBJ_obj2nid(pbe2->encryption->algorithm))); + cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm); if(!cipher) { EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, @@ -226,10 +247,23 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, goto err; } - if(kdf->prf && (OBJ_obj2nid(kdf->prf->algorithm) != NID_hmacWithSHA1)) { + if (kdf->prf) + prf_nid = OBJ_obj2nid(kdf->prf->algorithm); + else + prf_nid = NID_hmacWithSHA1; + + if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) + { EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); goto err; - } + } + + prfmd = EVP_get_digestbynid(hmac_md_nid); + if (prfmd == NULL) + { + EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); + goto err; + } if(kdf->salt->type != V_ASN1_OCTET_STRING) { EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, @@ -241,7 +275,9 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, salt = kdf->salt->value.octet_string->data; saltlen = kdf->salt->value.octet_string->length; iter = ASN1_INTEGER_get(kdf->iter); - PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); + if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, + keylen, key)) + goto err; EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); OPENSSL_cleanse(key, keylen); PBKDF2PARAM_free(kdf); diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c index f64901f653..4201dcbad9 100644 --- a/src/lib/libcrypto/evp/p_dec.c +++ b/src/lib/libcrypto/evp/p_dec.c @@ -66,7 +66,7 @@ #include #include -int EVP_PKEY_decrypt(unsigned char *key, const unsigned char *ek, int ekl, +int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, EVP_PKEY *priv) { int ret= -1; @@ -75,7 +75,7 @@ int EVP_PKEY_decrypt(unsigned char *key, const unsigned char *ek, int ekl, if (priv->type != EVP_PKEY_RSA) { #endif - EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA); + EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA); #ifndef OPENSSL_NO_RSA goto err; } diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c index c2dfdc52ad..b5a3a84c41 100644 --- a/src/lib/libcrypto/evp/p_enc.c +++ b/src/lib/libcrypto/evp/p_enc.c @@ -66,7 +66,7 @@ #include #include -int EVP_PKEY_encrypt(unsigned char *ek, const unsigned char *key, int key_len, +int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len, EVP_PKEY *pubk) { int ret=0; @@ -75,7 +75,7 @@ int EVP_PKEY_encrypt(unsigned char *ek, const unsigned char *key, int key_len, if (pubk->type != EVP_PKEY_RSA) { #endif - EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA); + EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA); #ifndef OPENSSL_NO_RSA goto err; } diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c index 22155ecf62..1916c61699 100644 --- a/src/lib/libcrypto/evp/p_lib.c +++ b/src/lib/libcrypto/evp/p_lib.c @@ -74,66 +74,26 @@ #include #endif +#ifndef OPENSSL_NO_ENGINE +#include +#endif + +#include "asn1_locl.h" + static void EVP_PKEY_free_it(EVP_PKEY *x); int EVP_PKEY_bits(EVP_PKEY *pkey) { - if (0) - return 0; -#ifndef OPENSSL_NO_RSA - else if (pkey->type == EVP_PKEY_RSA) - return(BN_num_bits(pkey->pkey.rsa->n)); -#endif -#ifndef OPENSSL_NO_DSA - else if (pkey->type == EVP_PKEY_DSA) - return(BN_num_bits(pkey->pkey.dsa->p)); -#endif -#ifndef OPENSSL_NO_EC - else if (pkey->type == EVP_PKEY_EC) - { - BIGNUM *order = BN_new(); - const EC_GROUP *group; - int ret; - - if (!order) - { - ERR_clear_error(); - return 0; - } - group = EC_KEY_get0_group(pkey->pkey.ec); - if (!EC_GROUP_get_order(group, order, NULL)) - { - ERR_clear_error(); - return 0; - } - - ret = BN_num_bits(order); - BN_free(order); - return ret; - } -#endif - return(0); + if (pkey && pkey->ameth && pkey->ameth->pkey_bits) + return pkey->ameth->pkey_bits(pkey); + return 0; } int EVP_PKEY_size(EVP_PKEY *pkey) { - if (pkey == NULL) - return(0); -#ifndef OPENSSL_NO_RSA - if (pkey->type == EVP_PKEY_RSA) - return(RSA_size(pkey->pkey.rsa)); - else -#endif -#ifndef OPENSSL_NO_DSA - if (pkey->type == EVP_PKEY_DSA) - return(DSA_size(pkey->pkey.dsa)); -#endif -#ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_EC) - return(ECDSA_size(pkey->pkey.ec)); -#endif - - return(0); + if (pkey && pkey->ameth && pkey->ameth->pkey_size) + return pkey->ameth->pkey_size(pkey); + return 0; } int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) @@ -174,88 +134,26 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS); goto err; } -#ifndef OPENSSL_NO_DSA - if (to->type == EVP_PKEY_DSA) - { - BIGNUM *a; - - if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err; - if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p); - to->pkey.dsa->p=a; - - if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err; - if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q); - to->pkey.dsa->q=a; - - if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err; - if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g); - to->pkey.dsa->g=a; - } -#endif -#ifndef OPENSSL_NO_EC - if (to->type == EVP_PKEY_EC) - { - EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec)); - if (group == NULL) - goto err; - if (EC_KEY_set_group(to->pkey.ec, group) == 0) - goto err; - EC_GROUP_free(group); - } -#endif - return(1); + if (from->ameth && from->ameth->param_copy) + return from->ameth->param_copy(to, from); err: - return(0); + return 0; } int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) { -#ifndef OPENSSL_NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - DSA *dsa; - - dsa=pkey->pkey.dsa; - if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL)) - return(1); - } -#endif -#ifndef OPENSSL_NO_EC - if (pkey->type == EVP_PKEY_EC) - { - if (EC_KEY_get0_group(pkey->pkey.ec) == NULL) - return(1); - } -#endif - - return(0); + if (pkey->ameth && pkey->ameth->param_missing) + return pkey->ameth->param_missing(pkey); + return 0; } int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { -#ifndef OPENSSL_NO_DSA - if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA)) - { - if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) || - BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) || - BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g)) - return(0); - else - return(1); - } -#endif -#ifndef OPENSSL_NO_EC - if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC) - { - const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec), - *group_b = EC_KEY_get0_group(b->pkey.ec); - if (EC_GROUP_cmp(group_a, group_b, NULL)) - return 0; - else - return 1; - } -#endif - return(-1); + if (a->type != b->type) + return -1; + if (a->ameth && a->ameth->param_cmp) + return a->ameth->param_cmp(a, b); + return -2; } int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) @@ -263,51 +161,22 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) if (a->type != b->type) return -1; - if (EVP_PKEY_cmp_parameters(a, b) == 0) - return 0; - - switch (a->type) + if (a->ameth) { -#ifndef OPENSSL_NO_RSA - case EVP_PKEY_RSA: - if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0 - || BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0) - return 0; - break; -#endif -#ifndef OPENSSL_NO_DSA - case EVP_PKEY_DSA: - if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0) - return 0; - break; -#endif -#ifndef OPENSSL_NO_EC - case EVP_PKEY_EC: - { - int r; - const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec); - const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec), - *pb = EC_KEY_get0_public_key(b->pkey.ec); - r = EC_POINT_cmp(group, pa, pb, NULL); - if (r != 0) + int ret; + /* Compare parameters if the algorithm has them */ + if (a->ameth->param_cmp) { - if (r == 1) - return 0; - else - return -2; + ret = a->ameth->param_cmp(a, b); + if (ret <= 0) + return ret; } - } - break; -#endif -#ifndef OPENSSL_NO_DH - case EVP_PKEY_DH: - return -2; -#endif - default: - return -2; + + if (a->ameth->pub_cmp) + return a->ameth->pub_cmp(a, b); } - return 1; + return -2; } EVP_PKEY *EVP_PKEY_new(void) @@ -321,22 +190,87 @@ EVP_PKEY *EVP_PKEY_new(void) return(NULL); } ret->type=EVP_PKEY_NONE; + ret->save_type=EVP_PKEY_NONE; ret->references=1; + ret->ameth=NULL; + ret->engine=NULL; ret->pkey.ptr=NULL; ret->attributes=NULL; ret->save_parameters=1; return(ret); } -int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) +/* Setup a public key ASN1 method and ENGINE from a NID or a string. + * If pkey is NULL just return 1 or 0 if the algorithm exists. + */ + +static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len) { - if (pkey == NULL) return(0); - if (pkey->pkey.ptr != NULL) - EVP_PKEY_free_it(pkey); - pkey->type=EVP_PKEY_type(type); - pkey->save_type=type; + const EVP_PKEY_ASN1_METHOD *ameth; + ENGINE *e = NULL; + if (pkey) + { + if (pkey->pkey.ptr) + EVP_PKEY_free_it(pkey); + /* If key type matches and a method exists then this + * lookup has succeeded once so just indicate success. + */ + if ((type == pkey->save_type) && pkey->ameth) + return 1; +#ifndef OPENSSL_NO_ENGINE + /* If we have an ENGINE release it */ + if (pkey->engine) + { + ENGINE_finish(pkey->engine); + pkey->engine = NULL; + } +#endif + } + if (str) + ameth = EVP_PKEY_asn1_find_str(&e, str, len); + else + ameth = EVP_PKEY_asn1_find(&e, type); +#ifndef OPENSSL_NO_ENGINE + if (!pkey && e) + ENGINE_finish(e); +#endif + if (!ameth) + { + EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); + return 0; + } + if (pkey) + { + pkey->ameth = ameth; + pkey->engine = e; + + pkey->type = pkey->ameth->pkey_id; + pkey->save_type=type; + } + return 1; + } + +int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) + { + return pkey_set_type(pkey, type, NULL, -1); + } + +int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) + { + return pkey_set_type(pkey, EVP_PKEY_NONE, str, len); + } + +int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) + { + if (!EVP_PKEY_set_type(pkey, type)) + return 0; pkey->pkey.ptr=key; - return(key != NULL); + return (key != NULL); + } + +void *EVP_PKEY_get0(EVP_PKEY *pkey) + { + return pkey->pkey.ptr; } #ifndef OPENSSL_NO_RSA @@ -425,24 +359,29 @@ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) int EVP_PKEY_type(int type) { - switch (type) - { - case EVP_PKEY_RSA: - case EVP_PKEY_RSA2: - return(EVP_PKEY_RSA); - case EVP_PKEY_DSA: - case EVP_PKEY_DSA1: - case EVP_PKEY_DSA2: - case EVP_PKEY_DSA3: - case EVP_PKEY_DSA4: - return(EVP_PKEY_DSA); - case EVP_PKEY_DH: - return(EVP_PKEY_DH); - case EVP_PKEY_EC: - return(EVP_PKEY_EC); - default: - return(NID_undef); - } + int ret; + const EVP_PKEY_ASN1_METHOD *ameth; + ENGINE *e; + ameth = EVP_PKEY_asn1_find(&e, type); + if (ameth) + ret = ameth->pkey_id; + else + ret = NID_undef; +#ifndef OPENSSL_NO_ENGINE + if (e) + ENGINE_finish(e); +#endif + return ret; + } + +int EVP_PKEY_id(const EVP_PKEY *pkey) + { + return pkey->type; + } + +int EVP_PKEY_base_id(const EVP_PKEY *pkey) + { + return EVP_PKEY_type(pkey->type); } void EVP_PKEY_free(EVP_PKEY *x) @@ -471,32 +410,57 @@ void EVP_PKEY_free(EVP_PKEY *x) static void EVP_PKEY_free_it(EVP_PKEY *x) { - switch (x->type) + if (x->ameth && x->ameth->pkey_free) + x->ameth->pkey_free(x); +#ifndef OPENSSL_NO_ENGINE + if (x->engine) { -#ifndef OPENSSL_NO_RSA - case EVP_PKEY_RSA: - case EVP_PKEY_RSA2: - RSA_free(x->pkey.rsa); - break; -#endif -#ifndef OPENSSL_NO_DSA - case EVP_PKEY_DSA: - case EVP_PKEY_DSA2: - case EVP_PKEY_DSA3: - case EVP_PKEY_DSA4: - DSA_free(x->pkey.dsa); - break; -#endif -#ifndef OPENSSL_NO_EC - case EVP_PKEY_EC: - EC_KEY_free(x->pkey.ec); - break; -#endif -#ifndef OPENSSL_NO_DH - case EVP_PKEY_DH: - DH_free(x->pkey.dh); - break; -#endif + ENGINE_finish(x->engine); + x->engine = NULL; } +#endif + } + +static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, + const char *kstr) + { + BIO_indent(out, indent, 128); + BIO_printf(out, "%s algorithm \"%s\" unsupported\n", + kstr, OBJ_nid2ln(pkey->type)); + return 1; + } + +int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx) + { + if (pkey->ameth && pkey->ameth->pub_print) + return pkey->ameth->pub_print(out, pkey, indent, pctx); + + return unsup_alg(out, pkey, indent, "Public Key"); + } + +int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx) + { + if (pkey->ameth && pkey->ameth->priv_print) + return pkey->ameth->priv_print(out, pkey, indent, pctx); + + return unsup_alg(out, pkey, indent, "Private Key"); + } + +int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx) + { + if (pkey->ameth && pkey->ameth->param_print) + return pkey->ameth->param_print(out, pkey, indent, pctx); + return unsup_alg(out, pkey, indent, "Parameters"); + } + +int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) + { + if (!pkey->ameth || !pkey->ameth->pkey_ctrl) + return -2; + return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, + 0, pnid); } diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c index 9935206d0f..53a59a295c 100644 --- a/src/lib/libcrypto/evp/p_open.c +++ b/src/lib/libcrypto/evp/p_open.c @@ -95,7 +95,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, goto err; } - i=EVP_PKEY_decrypt(key,ek,ekl,priv); + i=EVP_PKEY_decrypt_old(key,ek,ekl,priv); if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) { /* ERROR */ diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c index 8cc8fcb0bd..d8324526e7 100644 --- a/src/lib/libcrypto/evp/p_seal.c +++ b/src/lib/libcrypto/evp/p_seal.c @@ -87,7 +87,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek for (i=0; idigest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) + { + EVP_PKEY_CTX *pkctx = NULL; + size_t sltmp = (size_t)EVP_PKEY_size(pkey); + i = 0; + pkctx = EVP_PKEY_CTX_new(pkey, NULL); + if (!pkctx) + goto err; + if (EVP_PKEY_sign_init(pkctx) <= 0) + goto err; + if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) + goto err; + if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0) + goto err; + *siglen = sltmp; + i = 1; + err: + EVP_PKEY_CTX_free(pkctx); + return i; + } + for (i=0; i<4; i++) { v=ctx->digest->required_pkey_type[i]; @@ -99,28 +125,13 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); return(0); } + if (ctx->digest->sign == NULL) { EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED); return(0); } - EVP_MD_CTX_init(&tmp_ctx); - EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); - if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) - { - EVP_MD_SVCTX sctmp; - sctmp.mctx = &tmp_ctx; - sctmp.key = pkey->pkey.ptr; - i = ctx->digest->sign(ctx->digest->type, - NULL, -1, sigret, siglen, &sctmp); - } - else - { - EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); - i = ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, - pkey->pkey.ptr); - } - EVP_MD_CTX_cleanup(&tmp_ctx); - return i; + return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, + pkey->pkey.ptr)); } diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c index 2d46dffe7e..8db46412f3 100644 --- a/src/lib/libcrypto/evp/p_verify.c +++ b/src/lib/libcrypto/evp/p_verify.c @@ -70,6 +70,28 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, int i,ok=0,v; MS_STATIC EVP_MD_CTX tmp_ctx; + EVP_MD_CTX_init(&tmp_ctx); + EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); + EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); + EVP_MD_CTX_cleanup(&tmp_ctx); + + if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) + { + EVP_PKEY_CTX *pkctx = NULL; + i = -1; + pkctx = EVP_PKEY_CTX_new(pkey, NULL); + if (!pkctx) + goto err; + if (EVP_PKEY_verify_init(pkctx) <= 0) + goto err; + if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) + goto err; + i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); + err: + EVP_PKEY_CTX_free(pkctx); + return i; + } + for (i=0; i<4; i++) { v=ctx->digest->required_pkey_type[i]; @@ -85,29 +107,13 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); return(-1); } - if (ctx->digest->verify == NULL) + if (ctx->digest->verify == NULL) { EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED); return(0); } - EVP_MD_CTX_init(&tmp_ctx); - EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); - if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) - { - EVP_MD_SVCTX sctmp; - sctmp.mctx = &tmp_ctx; - sctmp.key = pkey->pkey.ptr; - i = ctx->digest->verify(ctx->digest->type, - NULL, -1, sigbuf, siglen, &sctmp); - } - else - { - EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); - i = ctx->digest->verify(ctx->digest->type,m,m_len, - sigbuf,siglen,pkey->pkey.ptr); - } - EVP_MD_CTX_cleanup(&tmp_ctx); - return i; + return(ctx->digest->verify(ctx->digest->type,m,m_len, + sigbuf,siglen,pkey->pkey.ptr)); } diff --git a/src/lib/libcrypto/ex_data.c b/src/lib/libcrypto/ex_data.c index 3b11e7a556..e2bc8298d0 100644 --- a/src/lib/libcrypto/ex_data.c +++ b/src/lib/libcrypto/ex_data.c @@ -245,18 +245,21 @@ typedef struct st_ex_class_item { static int ex_class = CRYPTO_EX_INDEX_USER; /* The global hash table of EX_CLASS_ITEM items */ -static LHASH *ex_data = NULL; +DECLARE_LHASH_OF(EX_CLASS_ITEM); +static LHASH_OF(EX_CLASS_ITEM) *ex_data = NULL; /* The callbacks required in the "ex_data" hash table */ -static unsigned long ex_hash_cb(const void *a_void) +static unsigned long ex_class_item_hash(const EX_CLASS_ITEM *a) { - return ((const EX_CLASS_ITEM *)a_void)->class_index; + return a->class_index; } -static int ex_cmp_cb(const void *a_void, const void *b_void) +static IMPLEMENT_LHASH_HASH_FN(ex_class_item, EX_CLASS_ITEM) + +static int ex_class_item_cmp(const EX_CLASS_ITEM *a, const EX_CLASS_ITEM *b) { - return (((const EX_CLASS_ITEM *)a_void)->class_index - - ((const EX_CLASS_ITEM *)b_void)->class_index); + return a->class_index - b->class_index; } +static IMPLEMENT_LHASH_COMP_FN(ex_class_item, EX_CLASS_ITEM) /* Internal functions used by the "impl_default" implementation to access the * state */ @@ -265,7 +268,8 @@ static int ex_data_check(void) { int toret = 1; CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA); - if(!ex_data && ((ex_data = lh_new(ex_hash_cb, ex_cmp_cb)) == NULL)) + if(!ex_data + && (ex_data = lh_EX_CLASS_ITEM_new()) == NULL) toret = 0; CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); return toret; @@ -298,7 +302,7 @@ static EX_CLASS_ITEM *def_get_class(int class_index) EX_DATA_CHECK(return NULL;) d.class_index = class_index; CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA); - p = lh_retrieve(ex_data, &d); + p = lh_EX_CLASS_ITEM_retrieve(ex_data, &d); if(!p) { gen = OPENSSL_malloc(sizeof(EX_CLASS_ITEM)); @@ -313,7 +317,7 @@ static EX_CLASS_ITEM *def_get_class(int class_index) { /* Because we're inside the ex_data lock, the * return value from the insert will be NULL */ - lh_insert(ex_data, gen); + (void)lh_EX_CLASS_ITEM_insert(ex_data, gen); p = gen; } } @@ -375,8 +379,8 @@ static int int_new_class(void) static void int_cleanup(void) { EX_DATA_CHECK(return;) - lh_doall(ex_data, def_cleanup_cb); - lh_free(ex_data); + lh_EX_CLASS_ITEM_doall(ex_data, def_cleanup_cb); + lh_EX_CLASS_ITEM_free(ex_data); ex_data = NULL; impl = NULL; } @@ -452,7 +456,7 @@ static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, return 0; CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); - j = sk_num(from->sk); + j = sk_void_num(from->sk); if(j < mx) mx = j; if(mx > 0) @@ -523,7 +527,7 @@ skip: OPENSSL_free(storage); if(ad->sk) { - sk_free(ad->sk); + sk_void_free(ad->sk); ad->sk=NULL; } } @@ -596,24 +600,24 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val) if (ad->sk == NULL) { - if ((ad->sk=sk_new_null()) == NULL) + if ((ad->sk=sk_void_new_null()) == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE); return(0); } } - i=sk_num(ad->sk); + i=sk_void_num(ad->sk); while (i <= idx) { - if (!sk_push(ad->sk,NULL)) + if (!sk_void_push(ad->sk,NULL)) { CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE); return(0); } i++; } - sk_set(ad->sk,idx,val); + sk_void_set(ad->sk,idx,val); return(1); } @@ -623,10 +627,10 @@ void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx) { if (ad->sk == NULL) return(0); - else if (idx >= sk_num(ad->sk)) + else if (idx >= sk_void_num(ad->sk)) return(0); else - return(sk_value(ad->sk,idx)); + return(sk_void_value(ad->sk,idx)); } IMPLEMENT_STACK_OF(CRYPTO_EX_DATA_FUNCS) diff --git a/src/lib/libcrypto/fips_err.c b/src/lib/libcrypto/fips_err.c deleted file mode 100644 index 09f11748f6..0000000000 --- a/src/lib/libcrypto/fips_err.c +++ /dev/null @@ -1,7 +0,0 @@ -#include - -#ifdef OPENSSL_FIPS -# include "fips_err.h" -#else -static void *dummy=&dummy; -#endif diff --git a/src/lib/libcrypto/fips_err.h b/src/lib/libcrypto/fips_err.h deleted file mode 100644 index b328616858..0000000000 --- a/src/lib/libcrypto/fips_err.h +++ /dev/null @@ -1,137 +0,0 @@ -/* crypto/fips_err.h */ -/* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason) - -static ERR_STRING_DATA FIPS_str_functs[]= - { -{ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, -{ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, -{ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"}, -{ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"}, -{ERR_FUNC(FIPS_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, -{ERR_FUNC(FIPS_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, -{ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"}, -{ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT), "FIPS_CHECK_INCORE_FINGERPRINT"}, -{ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "FIPS_CHECK_RSA"}, -{ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"}, -{ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"}, -{ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, -{ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"}, -{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"}, -{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"}, -{ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"}, -{ERR_FUNC(FIPS_F_FIPS_SELFTEST_RNG), "FIPS_selftest_rng"}, -{ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"}, -{ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"}, -{ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, -{ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, -{ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, -{ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, -{ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, -{ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY_EX), "RSA_X931_generate_key_ex"}, -{ERR_FUNC(FIPS_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, -{0,NULL} - }; - -static ERR_STRING_DATA FIPS_str_reasons[]= - { -{ERR_REASON(FIPS_R_CANNOT_READ_EXE) ,"cannot read exe"}, -{ERR_REASON(FIPS_R_CANNOT_READ_EXE_DIGEST),"cannot read exe digest"}, -{ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE),"contradicting evidence"}, -{ERR_REASON(FIPS_R_EXE_DIGEST_DOES_NOT_MATCH),"exe digest does not match"}, -{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),"fingerprint does not match"}, -{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),"fingerprint does not match nonpic relocated"}, -{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),"fingerprint does not match segment aliasing"}, -{ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET),"fips mode already set"}, -{ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED) ,"fips selftest failed"}, -{ERR_REASON(FIPS_R_INVALID_KEY_LENGTH) ,"invalid key length"}, -{ERR_REASON(FIPS_R_KEY_TOO_SHORT) ,"key too short"}, -{ERR_REASON(FIPS_R_NON_FIPS_METHOD) ,"non fips method"}, -{ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED) ,"pairwise test failed"}, -{ERR_REASON(FIPS_R_RSA_DECRYPT_ERROR) ,"rsa decrypt error"}, -{ERR_REASON(FIPS_R_RSA_ENCRYPT_ERROR) ,"rsa encrypt error"}, -{ERR_REASON(FIPS_R_SELFTEST_FAILED) ,"selftest failed"}, -{ERR_REASON(FIPS_R_TEST_FAILURE) ,"test failure"}, -{ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM) ,"unsupported platform"}, -{0,NULL} - }; - -#endif - -void ERR_load_FIPS_strings(void) - { -#ifndef OPENSSL_NO_ERR - - if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) - { - ERR_load_strings(0,FIPS_str_functs); - ERR_load_strings(0,FIPS_str_reasons); - } -#endif - } diff --git a/src/lib/libcrypto/hmac/Makefile.ssl b/src/lib/libcrypto/hmac/Makefile.ssl deleted file mode 100644 index f1c07322c4..0000000000 --- a/src/lib/libcrypto/hmac/Makefile.ssl +++ /dev/null @@ -1,101 +0,0 @@ -# -# SSLeay/crypto/md/Makefile -# - -DIR= hmac -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=hmactest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=hmac.c -LIBOBJ=hmac.o - -SRC= $(LIBSRC) - -EXHEADER= hmac.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -hmac.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -hmac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -hmac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -hmac.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -hmac.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h -hmac.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hmac.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hmac.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hmac.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -hmac.o: ../cryptlib.h hmac.c diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c index cbc1c76a57..45015fe754 100644 --- a/src/lib/libcrypto/hmac/hmac.c +++ b/src/lib/libcrypto/hmac/hmac.c @@ -61,9 +61,7 @@ #include "cryptlib.h" #include -#ifndef OPENSSL_FIPS - -void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, +int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, ENGINE *impl) { int i,j,reset=0; @@ -84,10 +82,13 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, OPENSSL_assert(j <= (int)sizeof(ctx->key)); if (j < len) { - EVP_DigestInit_ex(&ctx->md_ctx,md, impl); - EVP_DigestUpdate(&ctx->md_ctx,key,len); - EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key, - &ctx->key_length); + if (!EVP_DigestInit_ex(&ctx->md_ctx,md, impl)) + goto err; + if (!EVP_DigestUpdate(&ctx->md_ctx,key,len)) + goto err; + if (!EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key, + &ctx->key_length)) + goto err; } else { @@ -104,31 +105,38 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, { for (i=0; ikey[i]; - EVP_DigestInit_ex(&ctx->i_ctx,md, impl); - EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md)); + if (!EVP_DigestInit_ex(&ctx->i_ctx,md, impl)) + goto err; + if (!EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md))) + goto err; for (i=0; ikey[i]; - EVP_DigestInit_ex(&ctx->o_ctx,md, impl); - EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md)); + if (!EVP_DigestInit_ex(&ctx->o_ctx,md, impl)) + goto err; + if (!EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md))) + goto err; } - EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx); + if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx)) + goto err; + return 1; + err: + return 0; } -void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, - const EVP_MD *md) +int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md) { if(key && md) HMAC_CTX_init(ctx); - HMAC_Init_ex(ctx,key,len,md, NULL); + return HMAC_Init_ex(ctx,key,len,md, NULL); } -void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len) +int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len) { - EVP_DigestUpdate(&ctx->md_ctx,data,len); + return EVP_DigestUpdate(&ctx->md_ctx,data,len); } -void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) +int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) { int j; unsigned int i; @@ -136,10 +144,17 @@ void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) j=EVP_MD_block_size(ctx->md); - EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i); - EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx); - EVP_DigestUpdate(&ctx->md_ctx,buf,i); - EVP_DigestFinal_ex(&ctx->md_ctx,md,len); + if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i)) + goto err; + if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx)) + goto err; + if (!EVP_DigestUpdate(&ctx->md_ctx,buf,i)) + goto err; + if (!EVP_DigestFinal_ex(&ctx->md_ctx,md,len)) + goto err; + return 1; + err: + return 0; } void HMAC_CTX_init(HMAC_CTX *ctx) @@ -149,6 +164,22 @@ void HMAC_CTX_init(HMAC_CTX *ctx) EVP_MD_CTX_init(&ctx->md_ctx); } +int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) + { + if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx)) + goto err; + if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx)) + goto err; + if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx)) + goto err; + memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); + dctx->key_length = sctx->key_length; + dctx->md = sctx->md; + return 1; + err: + return 0; + } + void HMAC_CTX_cleanup(HMAC_CTX *ctx) { EVP_MD_CTX_cleanup(&ctx->i_ctx); @@ -166,11 +197,16 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, if (md == NULL) md=m; HMAC_CTX_init(&c); - HMAC_Init(&c,key,key_len,evp_md); - HMAC_Update(&c,d,n); - HMAC_Final(&c,md,md_len); + if (!HMAC_Init(&c,key,key_len,evp_md)) + goto err; + if (!HMAC_Update(&c,d,n)) + goto err; + if (!HMAC_Final(&c,md,md_len)) + goto err; HMAC_CTX_cleanup(&c); - return(md); + return md; + err: + return NULL; } void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) @@ -179,5 +215,3 @@ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) EVP_MD_CTX_set_flags(&ctx->o_ctx, flags); EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); } - -#endif diff --git a/src/lib/libcrypto/hmac/hmac.h b/src/lib/libcrypto/hmac/hmac.h index fc38ffb52b..1be0022190 100644 --- a/src/lib/libcrypto/hmac/hmac.h +++ b/src/lib/libcrypto/hmac/hmac.h @@ -90,15 +90,16 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx); #define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */ -void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, +int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md); /* deprecated */ -void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, +int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, ENGINE *impl); -void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len); -void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); +int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len); +int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len); +int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx); void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags); diff --git a/src/lib/libcrypto/idea/Makefile.ssl b/src/lib/libcrypto/idea/Makefile.ssl deleted file mode 100644 index fa016ea399..0000000000 --- a/src/lib/libcrypto/idea/Makefile.ssl +++ /dev/null @@ -1,91 +0,0 @@ -# -# SSLeay/crypto/idea/Makefile -# - -DIR= idea -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=ideatest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c -LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o - -SRC= $(LIBSRC) - -EXHEADER= idea.h -HEADER= idea_lcl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -i_cbc.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h -i_cbc.o: i_cbc.c idea_lcl.h -i_cfb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h -i_cfb64.o: i_cfb64.c idea_lcl.h -i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h -i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h -i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h -i_ofb64.o: i_ofb64.c idea_lcl.h -i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h -i_skey.o: i_skey.c idea_lcl.h diff --git a/src/lib/libcrypto/idea/idea.h b/src/lib/libcrypto/idea/idea.h index a137d4cbce..5782e54b0f 100644 --- a/src/lib/libcrypto/idea/idea.h +++ b/src/lib/libcrypto/idea/idea.h @@ -83,11 +83,8 @@ typedef struct idea_key_st const char *idea_options(void); void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks); -#ifdef OPENSSL_FIPS -void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); -#endif void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); -void idea_set_decrypt_key(const IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); +void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc); void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, diff --git a/src/lib/libcrypto/install.com b/src/lib/libcrypto/install.com index ffad1f97a7..ad3e4d48c7 100644 --- a/src/lib/libcrypto/install.com +++ b/src/lib/libcrypto/install.com @@ -3,15 +3,26 @@ $! $! Author: Richard Levitte $! Time of creation: 22-MAY-1998 10:13 $! +$! Changes by Zoltan Arpadffy +$! $! P1 root of the directory tree $! $ IF P1 .EQS. "" $ THEN $ WRITE SYS$OUTPUT "First argument missing." -$ WRITE SYS$OUTPUT "Should be the directory where you want things installed." +$ WRITE SYS$OUTPUT - + "It should be the directory where you want things installed." $ EXIT $ ENDIF $ +$ IF (F$GETSYI("CPU").LT.128) +$ THEN +$ ARCH := VAX +$ ELSE +$ ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE") +$ IF (ARCH .EQS. "") THEN ARCH = "UNK" +$ ENDIF +$ $ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0" $ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY") $ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") - @@ -19,30 +30,28 @@ $ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") - $ ROOT = ROOT_DEV + "[" + ROOT_DIR $ $ DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC -$ DEFINE/NOLOG WRK_SSLVLIB WRK_SSLROOT:[VAX_LIB] -$ DEFINE/NOLOG WRK_SSLALIB WRK_SSLROOT:[ALPHA_LIB] +$ DEFINE/NOLOG WRK_SSLLIB WRK_SSLROOT:['ARCH'_LIB] $ DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE] $ $ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN - CREATE/DIR/LOG WRK_SSLROOT:[000000] -$ IF F$PARSE("WRK_SSLVLIB:") .EQS. "" THEN - - CREATE/DIR/LOG WRK_SSLVLIB: -$ IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN - - CREATE/DIR/LOG WRK_SSLALIB: +$ IF F$PARSE("WRK_SSLLIB:") .EQS. "" THEN - + CREATE/DIR/LOG WRK_SSLLIB: $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN - CREATE/DIR/LOG WRK_SSLINCLUDE: $ $ SDIRS := ,- + _'ARCH',- OBJECTS,- - MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- + MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,WHRLPOOL,- DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,- BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,- BUFFER,BIO,STACK,LHASH,RAND,ERR,- EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,- UI,KRB5,- - STORE,PQUEUE,JPAKE -$ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,- - symhacks.h,ossl_typ.h + STORE,CMS,PQUEUE,TS,JPAKE +$ EXHEADER_ := crypto.h,opensslv.h,ebcdic.h,symhacks.h,ossl_typ.h +$ EXHEADER__'ARCH' := opensslconf.h $ EXHEADER_OBJECTS := objects.h,obj_mac.h $ EXHEADER_MD2 := md2.h $ EXHEADER_MD4 := md4.h @@ -51,6 +60,7 @@ $ EXHEADER_SHA := sha.h $ EXHEADER_MDC2 := mdc2.h $ EXHEADER_HMAC := hmac.h $ EXHEADER_RIPEMD := ripemd.h +$ EXHEADER_WHRLPOOL := whrlpool.h $ EXHEADER_DES := des.h,des_old.h $ EXHEADER_AES := aes.h $ EXHEADER_RC2 := rc2.h @@ -61,6 +71,7 @@ $ EXHEADER_BF := blowfish.h $ EXHEADER_CAST := cast.h $ EXHEADER_CAMELLIA := camellia.h $ EXHEADER_SEED := seed.h +$ EXHEADER_MODES := modes.h $ EXHEADER_BN := bn.h $ EXHEADER_EC := ec.h $ EXHEADER_RSA := rsa.h @@ -91,12 +102,13 @@ $ EXHEADER_UI := ui.h,ui_compat.h $ EXHEADER_KRB5 := krb5_asn.h $! EXHEADER_STORE := store.h,str_compat.h $ EXHEADER_STORE := store.h -$ EXHEADER_PQUEUE := pqueue.h,pq_compat.h +$ EXHEADER_CMS := cms.h +$ EXHEADER_PQUEUE := pqueue.h +$ EXHEADER_TS := ts.h $ EXHEADER_JPAKE := jpake.h $ LIBS := LIBCRYPTO $ -$ VEXE_DIR := [-.VAX.EXE.CRYPTO] -$ AEXE_DIR := [-.AXP.EXE.CRYPTO] +$ EXE_DIR := [-.'ARCH'.EXE.CRYPTO] $ $ I = 0 $ LOOP_SDIRS: @@ -108,7 +120,12 @@ $ IF D .EQS. "" $ THEN $ COPY 'tmp' WRK_SSLINCLUDE: /LOG $ ELSE -$ COPY [.'D']'tmp' WRK_SSLINCLUDE: /LOG +$ IF D .EQS. "_''ARCH'" +$ THEN +$ COPY [-.'ARCH'.CRYPTO]'tmp' WRK_SSLINCLUDE: /LOG +$ ELSE +$ COPY [.'D']'tmp' WRK_SSLINCLUDE: /LOG +$ ENDIF $ ENDIF $ SET FILE/PROT=WORLD:RE WRK_SSLINCLUDE:'tmp' $ GOTO LOOP_SDIRS @@ -120,27 +137,16 @@ $ E = F$EDIT(F$ELEMENT(I, ",", LIBS),"TRIM") $ I = I + 1 $ IF E .EQS. "," THEN GOTO LOOP_LIB_END $ SET NOON -$ IF F$SEARCH(VEXE_DIR+E+".OLB") .NES. "" -$ THEN -$ COPY 'VEXE_DIR''E'.OLB WRK_SSLVLIB:'E'.OLB/log -$ SET FILE/PROT=W:RE WRK_SSLVLIB:'E'.OLB -$ ENDIF -$ ! Preparing for the time when we have shareable images -$ IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. "" -$ THEN -$ COPY 'VEXE_DIR''E'.EXE WRK_SSLVLIB:'E'.EXE/log -$ SET FILE/PROT=W:RE WRK_SSLVLIB:'E'.EXE -$ ENDIF -$ IF F$SEARCH(AEXE_DIR+E+".OLB") .NES. "" +$ IF F$SEARCH(EXE_DIR+E+".OLB") .NES. "" $ THEN -$ COPY 'AEXE_DIR''E'.OLB WRK_SSLALIB:'E'.OLB/log -$ SET FILE/PROT=W:RE WRK_SSLALIB:'E'.OLB +$ COPY 'EXE_DIR''E'.OLB WRK_SSLLIB:'E'.OLB/log +$ SET FILE/PROT=W:RE WRK_SSLLIB:'E'.OLB $ ENDIF $ ! Preparing for the time when we have shareable images -$ IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. "" +$ IF F$SEARCH(EXE_DIR+E+".EXE") .NES. "" $ THEN -$ COPY 'AEXE_DIR''E'.EXE WRK_SSLALIB:'E'.EXE/log -$ SET FILE/PROT=W:RE WRK_SSLALIB:'E'.EXE +$ COPY 'EXE_DIR''E'.EXE WRK_SSLLIB:'E'.EXE/log +$ SET FILE/PROT=W:RE WRK_SSLLIB:'E'.EXE $ ENDIF $ SET ON $ GOTO LOOP_LIB diff --git a/src/lib/libcrypto/krb5/Makefile.ssl b/src/lib/libcrypto/krb5/Makefile.ssl deleted file mode 100644 index d9224c0f09..0000000000 --- a/src/lib/libcrypto/krb5/Makefile.ssl +++ /dev/null @@ -1,90 +0,0 @@ -# -# OpenSSL/krb5/Makefile.ssl -# - -DIR= krb5 -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile README -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= krb5_asn.c - -LIBOBJ= krb5_asn.o - -SRC= $(LIBSRC) - -EXHEADER= krb5_asn.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile ; - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -krb5_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -krb5_asn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -krb5_asn.o: ../../include/openssl/krb5_asn.h -krb5_asn.o: ../../include/openssl/opensslconf.h -krb5_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -krb5_asn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -krb5_asn.o: ../../include/openssl/symhacks.h krb5_asn.c diff --git a/src/lib/libcrypto/lhash/Makefile.ssl b/src/lib/libcrypto/lhash/Makefile.ssl deleted file mode 100644 index 60e7ee3393..0000000000 --- a/src/lib/libcrypto/lhash/Makefile.ssl +++ /dev/null @@ -1,93 +0,0 @@ -# -# SSLeay/crypto/lhash/Makefile -# - -DIR= lhash -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=lhash.c lh_stats.c -LIBOBJ=lhash.o lh_stats.o - -SRC= $(LIBSRC) - -EXHEADER= lhash.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -lh_stats.o: ../../e_os.h ../../include/openssl/bio.h -lh_stats.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -lh_stats.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -lh_stats.o: ../cryptlib.h lh_stats.c -lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -lhash.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h -lhash.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -lhash.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -lhash.o: ../../include/openssl/symhacks.h lhash.c diff --git a/src/lib/libcrypto/lhash/lh_stats.c b/src/lib/libcrypto/lhash/lh_stats.c index 5aa7766aa6..815615e338 100644 --- a/src/lib/libcrypto/lhash/lh_stats.c +++ b/src/lib/libcrypto/lhash/lh_stats.c @@ -139,7 +139,7 @@ void lh_node_usage_stats(LHASH *lh, FILE *out) #else #ifndef OPENSSL_NO_FP_API -void lh_stats(const LHASH *lh, FILE *fp) +void lh_stats(const _LHASH *lh, FILE *fp) { BIO *bp; @@ -151,7 +151,7 @@ void lh_stats(const LHASH *lh, FILE *fp) end:; } -void lh_node_stats(const LHASH *lh, FILE *fp) +void lh_node_stats(const _LHASH *lh, FILE *fp) { BIO *bp; @@ -163,7 +163,7 @@ void lh_node_stats(const LHASH *lh, FILE *fp) end:; } -void lh_node_usage_stats(const LHASH *lh, FILE *fp) +void lh_node_usage_stats(const _LHASH *lh, FILE *fp) { BIO *bp; @@ -177,7 +177,7 @@ end:; #endif -void lh_stats_bio(const LHASH *lh, BIO *out) +void lh_stats_bio(const _LHASH *lh, BIO *out) { BIO_printf(out,"num_items = %lu\n",lh->num_items); BIO_printf(out,"num_nodes = %u\n",lh->num_nodes); @@ -205,7 +205,7 @@ void lh_stats_bio(const LHASH *lh, BIO *out) #endif } -void lh_node_stats_bio(const LHASH *lh, BIO *out) +void lh_node_stats_bio(const _LHASH *lh, BIO *out) { LHASH_NODE *n; unsigned int i,num; @@ -218,7 +218,7 @@ void lh_node_stats_bio(const LHASH *lh, BIO *out) } } -void lh_node_usage_stats_bio(const LHASH *lh, BIO *out) +void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out) { LHASH_NODE *n; unsigned long num; diff --git a/src/lib/libcrypto/lhash/lhash.c b/src/lib/libcrypto/lhash/lhash.c index 04ea80203c..47f748081b 100644 --- a/src/lib/libcrypto/lhash/lhash.c +++ b/src/lib/libcrypto/lhash/lhash.c @@ -107,18 +107,18 @@ const char lh_version[]="lhash" OPENSSL_VERSION_PTEXT; #define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */ #define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */ -static void expand(LHASH *lh); -static void contract(LHASH *lh); -static LHASH_NODE **getrn(LHASH *lh, const void *data, unsigned long *rhash); +static void expand(_LHASH *lh); +static void contract(_LHASH *lh); +static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash); -LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c) +_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c) { - LHASH *ret; + _LHASH *ret; int i; - if ((ret=(LHASH *)OPENSSL_malloc(sizeof(LHASH))) == NULL) + if ((ret=OPENSSL_malloc(sizeof(_LHASH))) == NULL) goto err0; - if ((ret->b=(LHASH_NODE **)OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) + if ((ret->b=OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) goto err1; for (i=0; ib[i]=NULL; @@ -154,7 +154,7 @@ err0: return(NULL); } -void lh_free(LHASH *lh) +void lh_free(_LHASH *lh) { unsigned int i; LHASH_NODE *n,*nn; @@ -176,7 +176,7 @@ void lh_free(LHASH *lh) OPENSSL_free(lh); } -void *lh_insert(LHASH *lh, void *data) +void *lh_insert(_LHASH *lh, void *data) { unsigned long hash; LHASH_NODE *nn,**rn; @@ -214,7 +214,7 @@ void *lh_insert(LHASH *lh, void *data) return(ret); } -void *lh_delete(LHASH *lh, const void *data) +void *lh_delete(_LHASH *lh, const void *data) { unsigned long hash; LHASH_NODE *nn,**rn; @@ -245,7 +245,7 @@ void *lh_delete(LHASH *lh, const void *data) return(ret); } -void *lh_retrieve(LHASH *lh, const void *data) +void *lh_retrieve(_LHASH *lh, const void *data) { unsigned long hash; LHASH_NODE **rn; @@ -267,12 +267,15 @@ void *lh_retrieve(LHASH *lh, const void *data) return(ret); } -static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func, +static void doall_util_fn(_LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func, LHASH_DOALL_ARG_FN_TYPE func_arg, void *arg) { int i; LHASH_NODE *a,*n; + if (lh == NULL) + return; + /* reverse the order so we search from 'top to bottom' * We were having memory leaks otherwise */ for (i=lh->num_nodes-1; i>=0; i--) @@ -282,6 +285,8 @@ static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func, { /* 28/05/91 - eay - n added so items can be deleted * via lh_doall */ + /* 22/05/08 - ben - eh? since a is not passed, + * this should not be needed */ n=a->next; if(use_arg) func_arg(a->data,arg); @@ -292,17 +297,17 @@ static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func, } } -void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func) +void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func) { doall_util_fn(lh, 0, func, (LHASH_DOALL_ARG_FN_TYPE)0, NULL); } -void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg) +void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg) { doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg); } -static void expand(LHASH *lh) +static void expand(_LHASH *lh) { LHASH_NODE **n,**n1,**n2,*np; unsigned int p,i,j; @@ -358,7 +363,7 @@ static void expand(LHASH *lh) } } -static void contract(LHASH *lh) +static void contract(_LHASH *lh) { LHASH_NODE **n,*n1,*np; @@ -397,7 +402,7 @@ static void contract(LHASH *lh) } } -static LHASH_NODE **getrn(LHASH *lh, const void *data, unsigned long *rhash) +static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash) { LHASH_NODE **ret,*n1; unsigned long hash,nn; @@ -464,7 +469,7 @@ unsigned long lh_strhash(const char *c) return((ret>>16)^ret); } -unsigned long lh_num_items(const LHASH *lh) +unsigned long lh_num_items(const _LHASH *lh) { return lh ? lh->num_items : 0; } diff --git a/src/lib/libcrypto/lhash/lhash.h b/src/lib/libcrypto/lhash/lhash.h index d392d0cd80..e7d8763591 100644 --- a/src/lib/libcrypto/lhash/lhash.h +++ b/src/lib/libcrypto/lhash/lhash.h @@ -98,42 +98,42 @@ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *); * macros if the functions are strictly internal. */ /* First: "hash" functions */ -#define DECLARE_LHASH_HASH_FN(f_name,o_type) \ - unsigned long f_name##_LHASH_HASH(const void *); -#define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \ - unsigned long f_name##_LHASH_HASH(const void *arg) { \ - o_type a = (o_type)arg; \ - return f_name(a); } -#define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH +#define DECLARE_LHASH_HASH_FN(name, o_type) \ + unsigned long name##_LHASH_HASH(const void *); +#define IMPLEMENT_LHASH_HASH_FN(name, o_type) \ + unsigned long name##_LHASH_HASH(const void *arg) { \ + const o_type *a = arg; \ + return name##_hash(a); } +#define LHASH_HASH_FN(name) name##_LHASH_HASH /* Second: "compare" functions */ -#define DECLARE_LHASH_COMP_FN(f_name,o_type) \ - int f_name##_LHASH_COMP(const void *, const void *); -#define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \ - int f_name##_LHASH_COMP(const void *arg1, const void *arg2) { \ - o_type a = (o_type)arg1; \ - o_type b = (o_type)arg2; \ - return f_name(a,b); } -#define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP +#define DECLARE_LHASH_COMP_FN(name, o_type) \ + int name##_LHASH_COMP(const void *, const void *); +#define IMPLEMENT_LHASH_COMP_FN(name, o_type) \ + int name##_LHASH_COMP(const void *arg1, const void *arg2) { \ + const o_type *a = arg1; \ + const o_type *b = arg2; \ + return name##_cmp(a,b); } +#define LHASH_COMP_FN(name) name##_LHASH_COMP /* Third: "doall" functions */ -#define DECLARE_LHASH_DOALL_FN(f_name,o_type) \ - void f_name##_LHASH_DOALL(void *); -#define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \ - void f_name##_LHASH_DOALL(void *arg) { \ - o_type a = (o_type)arg; \ - f_name(a); } -#define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL +#define DECLARE_LHASH_DOALL_FN(name, o_type) \ + void name##_LHASH_DOALL(void *); +#define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \ + void name##_LHASH_DOALL(void *arg) { \ + o_type *a = arg; \ + name##_doall(a); } +#define LHASH_DOALL_FN(name) name##_LHASH_DOALL /* Fourth: "doall_arg" functions */ -#define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \ - void f_name##_LHASH_DOALL_ARG(void *, void *); -#define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \ - void f_name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \ - o_type a = (o_type)arg1; \ - a_type b = (a_type)arg2; \ - f_name(a,b); } -#define LHASH_DOALL_ARG_FN(f_name) f_name##_LHASH_DOALL_ARG +#define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \ + void name##_LHASH_DOALL_ARG(void *, void *); +#define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \ + void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \ + o_type *a = arg1; \ + a_type *b = arg2; \ + name##_doall_arg(a, b); } +#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG typedef struct lhash_st { @@ -163,7 +163,8 @@ typedef struct lhash_st unsigned long num_hash_comps; int error; - } LHASH; + } _LHASH; /* Do not use _LHASH directly, use LHASH_OF + * and friends */ #define LH_LOAD_MULT 256 @@ -171,27 +172,67 @@ typedef struct lhash_st * in lh_insert(). */ #define lh_error(lh) ((lh)->error) -LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); -void lh_free(LHASH *lh); -void *lh_insert(LHASH *lh, void *data); -void *lh_delete(LHASH *lh, const void *data); -void *lh_retrieve(LHASH *lh, const void *data); -void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func); -void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg); +_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); +void lh_free(_LHASH *lh); +void *lh_insert(_LHASH *lh, void *data); +void *lh_delete(_LHASH *lh, const void *data); +void *lh_retrieve(_LHASH *lh, const void *data); +void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func); +void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg); unsigned long lh_strhash(const char *c); -unsigned long lh_num_items(const LHASH *lh); +unsigned long lh_num_items(const _LHASH *lh); #ifndef OPENSSL_NO_FP_API -void lh_stats(const LHASH *lh, FILE *out); -void lh_node_stats(const LHASH *lh, FILE *out); -void lh_node_usage_stats(const LHASH *lh, FILE *out); +void lh_stats(const _LHASH *lh, FILE *out); +void lh_node_stats(const _LHASH *lh, FILE *out); +void lh_node_usage_stats(const _LHASH *lh, FILE *out); #endif #ifndef OPENSSL_NO_BIO -void lh_stats_bio(const LHASH *lh, BIO *out); -void lh_node_stats_bio(const LHASH *lh, BIO *out); -void lh_node_usage_stats_bio(const LHASH *lh, BIO *out); +void lh_stats_bio(const _LHASH *lh, BIO *out); +void lh_node_stats_bio(const _LHASH *lh, BIO *out); +void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out); #endif + +/* Type checking... */ + +#define LHASH_OF(type) struct lhash_st_##type + +#define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; } + +#define CHECKED_LHASH_OF(type,lh) \ + ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh)) + +/* Define wrapper functions. */ +#define LHM_lh_new(type, name) \ + ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name))) +#define LHM_lh_error(type, lh) \ + lh_error(CHECKED_LHASH_OF(type,lh)) +#define LHM_lh_insert(type, lh, inst) \ + ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \ + CHECKED_PTR_OF(type, inst))) +#define LHM_lh_retrieve(type, lh, inst) \ + ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \ + CHECKED_PTR_OF(type, inst))) +#define LHM_lh_delete(type, lh, inst) \ + ((type *)lh_delete(CHECKED_LHASH_OF(type, lh), \ + CHECKED_PTR_OF(type, inst))) +#define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn) +#define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \ + lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg)) +#define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh)) +#define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load) +#define LHM_lh_node_stats_bio(type, lh, out) \ + lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out) +#define LHM_lh_node_usage_stats_bio(type, lh, out) \ + lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out) +#define LHM_lh_stats_bio(type, lh, out) \ + lh_stats_bio(CHECKED_LHASH_OF(type, lh), out) +#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh)) + +DECLARE_LHASH_OF(OPENSSL_STRING); +DECLARE_LHASH_OF(OPENSSL_CSTRING); + #ifdef __cplusplus } #endif diff --git a/src/lib/libcrypto/md2/Makefile.ssl b/src/lib/libcrypto/md2/Makefile.ssl deleted file mode 100644 index 3206924c90..0000000000 --- a/src/lib/libcrypto/md2/Makefile.ssl +++ /dev/null @@ -1,93 +0,0 @@ -# -# SSLeay/crypto/md/Makefile -# - -DIR= md2 -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=md2test.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=md2_dgst.c md2_one.c -LIBOBJ=md2_dgst.o md2_one.o - -SRC= $(LIBSRC) - -EXHEADER= md2.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h -md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md2_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md2_dgst.o: md2_dgst.c -md2_one.o: ../../e_os.h ../../include/openssl/bio.h -md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md2_one.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -md2_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -md2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -md2_one.o: ../../include/openssl/symhacks.h ../cryptlib.h md2_one.c diff --git a/src/lib/libcrypto/md2/md2.h b/src/lib/libcrypto/md2/md2.h index d59c9f2593..a46120e7d4 100644 --- a/src/lib/libcrypto/md2/md2.h +++ b/src/lib/libcrypto/md2/md2.h @@ -81,9 +81,6 @@ typedef struct MD2state_st } MD2_CTX; const char *MD2_options(void); -#ifdef OPENSSL_FIPS -int private_MD2_Init(MD2_CTX *c); -#endif int MD2_Init(MD2_CTX *c); int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len); int MD2_Final(unsigned char *md, MD2_CTX *c); diff --git a/src/lib/libcrypto/md2/md2_dgst.c b/src/lib/libcrypto/md2/md2_dgst.c index cc4eeaf7a7..c57b3da288 100644 --- a/src/lib/libcrypto/md2/md2_dgst.c +++ b/src/lib/libcrypto/md2/md2_dgst.c @@ -62,11 +62,6 @@ #include #include #include -#ifdef OPENSSL_FIPS -#include -#endif - -#include const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT; @@ -78,7 +73,7 @@ const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT; static void md2_block(MD2_CTX *c, const unsigned char *d); /* The magic S table - I have converted it to hex since it is * basically just a random byte string. */ -static MD2_INT S[256]={ +static const MD2_INT S[256]={ 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01, 0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13, 0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C, @@ -121,7 +116,7 @@ const char *MD2_options(void) return("md2(int)"); } -FIPS_NON_FIPS_MD_Init(MD2) +int MD2_Init(MD2_CTX *c) { c->num=0; memset(c->state,0,sizeof c->state); diff --git a/src/lib/libcrypto/md32_common.h b/src/lib/libcrypto/md32_common.h index 61bcd9786f..1cb783944e 100644 --- a/src/lib/libcrypto/md32_common.h +++ b/src/lib/libcrypto/md32_common.h @@ -241,11 +241,11 @@ #ifndef PEDANTIC # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) # if defined(__s390x__) -# define HOST_c2l(c,l) ({ asm ("lrv %0,0(%1)" \ - :"=r"(l) : "r"(c)); \ +# define HOST_c2l(c,l) ({ asm ("lrv %0,%1" \ + :"=d"(l) :"m"(*(const unsigned int *)(c)));\ (c)+=4; (l); }) -# define HOST_l2c(l,c) ({ asm ("strv %0,0(%1)" \ - : : "r"(l),"r"(c) : "memory"); \ +# define HOST_l2c(l,c) ({ asm ("strv %1,%0" \ + :"=m"(*(unsigned int *)(c)) :"d"(l));\ (c)+=4; (l); }) # endif # endif @@ -293,7 +293,7 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len) * Wei Dai for pointing it out. */ if (l < c->Nl) /* overflow */ c->Nh++; - c->Nh+=(len>>29); /* might cause compiler warning on 16-bit */ + c->Nh+=(HASH_LONG)(len>>29); /* might cause compiler warning on 16-bit */ c->Nl=l; n = c->num; @@ -331,7 +331,7 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len) if (len != 0) { p = (unsigned char *)c->data; - c->num = len; + c->num = (unsigned int)len; memcpy (p,data,len); } return 1; diff --git a/src/lib/libcrypto/md4/Makefile.ssl b/src/lib/libcrypto/md4/Makefile.ssl deleted file mode 100644 index 7d2e8d8d3b..0000000000 --- a/src/lib/libcrypto/md4/Makefile.ssl +++ /dev/null @@ -1,91 +0,0 @@ -# -# SSLeay/crypto/md4/Makefile -# - -DIR= md4 -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=md4test.c -APPS=md4.c - -LIB=$(TOP)/libcrypto.a -LIBSRC=md4_dgst.c md4_one.c -LIBOBJ=md4_dgst.o md4_one.o - -SRC= $(LIBSRC) - -EXHEADER= md4.h -HEADER= md4_locl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h -md4_dgst.o: ../../include/openssl/opensslconf.h -md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c -md4_dgst.o: md4_locl.h -md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h -md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md4_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md4_one.o: md4_one.c diff --git a/src/lib/libcrypto/md4/md4.h b/src/lib/libcrypto/md4/md4.h index ba1fe4a6ee..c3ed9b3f75 100644 --- a/src/lib/libcrypto/md4/md4.h +++ b/src/lib/libcrypto/md4/md4.h @@ -77,7 +77,7 @@ extern "C" { * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! */ -#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) +#if defined(__LP32__) #define MD4_LONG unsigned long #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) #define MD4_LONG unsigned long @@ -105,9 +105,6 @@ typedef struct MD4state_st unsigned int num; } MD4_CTX; -#ifdef OPENSSL_FIPS -int private_MD4_Init(MD4_CTX *c); -#endif int MD4_Init(MD4_CTX *c); int MD4_Update(MD4_CTX *c, const void *data, size_t len); int MD4_Final(unsigned char *md, MD4_CTX *c); diff --git a/src/lib/libcrypto/md4/md4_dgst.c b/src/lib/libcrypto/md4/md4_dgst.c index 0f5448601d..e0c42e8596 100644 --- a/src/lib/libcrypto/md4/md4_dgst.c +++ b/src/lib/libcrypto/md4/md4_dgst.c @@ -59,11 +59,6 @@ #include #include "md4_locl.h" #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; @@ -75,15 +70,13 @@ const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; #define INIT_DATA_C (unsigned long)0x98badcfeL #define INIT_DATA_D (unsigned long)0x10325476L -FIPS_NON_FIPS_MD_Init(MD4) +int MD4_Init(MD4_CTX *c) { + memset (c,0,sizeof(*c)); c->A=INIT_DATA_A; c->B=INIT_DATA_B; c->C=INIT_DATA_C; c->D=INIT_DATA_D; - c->Nl=0; - c->Nh=0; - c->num=0; return 1; } diff --git a/src/lib/libcrypto/md5/Makefile.ssl b/src/lib/libcrypto/md5/Makefile.ssl deleted file mode 100644 index 2361775a2d..0000000000 --- a/src/lib/libcrypto/md5/Makefile.ssl +++ /dev/null @@ -1,127 +0,0 @@ -# -# SSLeay/crypto/md5/Makefile -# - -DIR= md5 -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES=-I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -MD5_ASM_OBJ= - -CFLAGS= $(INCLUDES) $(CFLAG) -ASFLAGS= $(INCLUDES) $(ASFLAG) - -GENERAL=Makefile -TEST=md5test.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=md5_dgst.c md5_one.c -LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ) - -SRC= $(LIBSRC) - -EXHEADER= md5.h -HEADER= md5_locl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -# elf -asm/mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > mx86-elf.s) - -# a.out -asm/mx86-out.o: asm/mx86unix.cpp - $(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o - -# bsdi -asm/mx86bsdi.o: asm/mx86unix.cpp - $(CPP) -DBSDI asm/mx86unix.cpp | sed 's/ :/:/' | as -o asm/mx86bsdi.o - -asm/mx86unix.cpp: asm/md5-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) md5-586.pl cpp >mx86unix.cpp) - -asm/md5-sparcv8plus.o: asm/md5-sparcv9.S - $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \ - -o asm/md5-sparcv8plus.o asm/md5-sparcv9.S - -# Old GNU assembler doesn't understand V9 instructions, so we -# hire /usr/ccs/bin/as to do the job. Note that option is called -# *-gcc27, but even gcc 2>=8 users may experience similar problem -# if they didn't bother to upgrade GNU assembler. Such users should -# not choose this option, but be adviced to *remove* GNU assembler -# or upgrade it. -asm/md5-sparcv8plus-gcc27.o: asm/md5-sparcv9.S - $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -E asm/md5-sparcv9.S | \ - /usr/ccs/bin/as -xarch=v8plus - -o asm/md5-sparcv8plus-gcc27.o - -asm/md5-sparcv9.o: asm/md5-sparcv9.S - $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \ - -o asm/md5-sparcv9.o asm/md5-sparcv9.S - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/mx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h -md5_dgst.o: ../../include/openssl/opensslconf.h -md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c -md5_dgst.o: md5_locl.h -md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h -md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md5_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md5_one.o: md5_one.c diff --git a/src/lib/libcrypto/md5/asm/md5-586.pl b/src/lib/libcrypto/md5/asm/md5-586.pl index 76ac235f7d..6cb66bb499 100644 --- a/src/lib/libcrypto/md5/asm/md5-586.pl +++ b/src/lib/libcrypto/md5/asm/md5-586.pl @@ -7,7 +7,8 @@ $normal=0; -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; &asm_init($ARGV[0],$0); diff --git a/src/lib/libcrypto/md5/asm/md5-sparcv9.S b/src/lib/libcrypto/md5/asm/md5-sparcv9.S deleted file mode 100644 index db45aa4c97..0000000000 --- a/src/lib/libcrypto/md5/asm/md5-sparcv9.S +++ /dev/null @@ -1,1031 +0,0 @@ -.ident "md5-sparcv9.S, Version 1.0" -.ident "SPARC V9 ISA artwork by Andy Polyakov " -.file "md5-sparcv9.S" - -/* - * ==================================================================== - * Copyright (c) 1999 Andy Polyakov . - * - * Rights for redistribution and usage in source and binary forms are - * granted as long as above copyright notices are retained. Warranty - * of any kind is (of course:-) disclaimed. - * ==================================================================== - */ - -/* - * This is my modest contribution to OpenSSL project (see - * http://www.openssl.org/ for more information about it) and is an - * assembler implementation of MD5 block hash function. I've hand-coded - * this for the sole reason to reach UltraSPARC-specific "load in - * little-endian byte order" instruction. This gives up to 15% - * performance improvement for cases when input message is aligned at - * 32 bits boundary. The module was tested under both 32 *and* 64 bit - * kernels. For updates see http://fy.chalmers.se/~appro/hpe/. - * - * To compile with SC4.x/SC5.x: - * - * cc -xarch=v[9|8plus] -DOPENSSL_SYSNAME_ULTRASPARC -DMD5_BLOCK_DATA_ORDER \ - * -c md5-sparcv9.S - * - * and with gcc: - * - * gcc -mcpu=ultrasparc -DOPENSSL_SYSNAME_ULTRASPARC -DMD5_BLOCK_DATA_ORDER \ - * -c md5-sparcv9.S - * - * or if above fails (it does if you have gas): - * - * gcc -E -DOPENSSL_SYSNAMEULTRASPARC -DMD5_BLOCK_DATA_ORDER md5_block.sparc.S | \ - * as -xarch=v8plus /dev/fd/0 -o md5-sparcv9.o - */ - -#include - -#define A %o0 -#define B %o1 -#define C %o2 -#define D %o3 -#define T1 %o4 -#define T2 %o5 - -#define R0 %l0 -#define R1 %l1 -#define R2 %l2 -#define R3 %l3 -#define R4 %l4 -#define R5 %l5 -#define R6 %l6 -#define R7 %l7 -#define R8 %i3 -#define R9 %i4 -#define R10 %i5 -#define R11 %g1 -#define R12 %g2 -#define R13 %g3 -#define RX %g4 - -#define Aptr %i0+0 -#define Bptr %i0+4 -#define Cptr %i0+8 -#define Dptr %i0+12 - -#define Aval R5 /* those not used at the end of the last round */ -#define Bval R6 -#define Cval R7 -#define Dval R8 - -#if defined(MD5_BLOCK_DATA_ORDER) -# if defined(OPENSSL_SYSNAME_ULTRASPARC) -# define LOAD lda -# define X(i) [%i1+i*4]%asi -# define md5_block md5_block_asm_data_order_aligned -# define ASI_PRIMARY_LITTLE 0x88 -# else -# error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!" -# endif -#else -# define LOAD ld -# define X(i) [%i1+i*4] -# define md5_block md5_block_asm_host_order -#endif - -.section ".text",#alloc,#execinstr - -#if defined(__SUNPRO_C) && defined(__sparcv9) - /* They've said -xarch=v9 at command line */ - .register %g2,#scratch - .register %g3,#scratch -# define FRAME -192 -#elif defined(__GNUC__) && defined(__arch64__) - /* They've said -m64 at command line */ - .register %g2,#scratch - .register %g3,#scratch -# define FRAME -192 -#else -# define FRAME -96 -#endif - -.align 32 - -.global md5_block -md5_block: - save %sp,FRAME,%sp - - ld [Dptr],D - ld [Cptr],C - ld [Bptr],B - ld [Aptr],A -#ifdef ASI_PRIMARY_LITTLE - rd %asi,%o7 ! How dare I? Well, I just do:-) - wr %g0,ASI_PRIMARY_LITTLE,%asi -#endif - LOAD X(0),R0 - -.Lmd5_block_loop: - -!!!!!!!!Round 0 - - xor C,D,T1 - sethi %hi(0xd76aa478),T2 - and T1,B,T1 - or T2,%lo(0xd76aa478),T2 != - xor T1,D,T1 - add T1,R0,T1 - LOAD X(1),R1 - add T1,T2,T1 != - add A,T1,A - sll A,7,T2 - srl A,32-7,A - or A,T2,A != - xor B,C,T1 - add A,B,A - - sethi %hi(0xe8c7b756),T2 - and T1,A,T1 != - or T2,%lo(0xe8c7b756),T2 - xor T1,C,T1 - LOAD X(2),R2 - add T1,R1,T1 != - add T1,T2,T1 - add D,T1,D - sll D,12,T2 - srl D,32-12,D != - or D,T2,D - xor A,B,T1 - add D,A,D - - sethi %hi(0x242070db),T2 != - and T1,D,T1 - or T2,%lo(0x242070db),T2 - xor T1,B,T1 - add T1,R2,T1 != - LOAD X(3),R3 - add T1,T2,T1 - add C,T1,C - sll C,17,T2 != - srl C,32-17,C - or C,T2,C - xor D,A,T1 - add C,D,C != - - sethi %hi(0xc1bdceee),T2 - and T1,C,T1 - or T2,%lo(0xc1bdceee),T2 - xor T1,A,T1 != - add T1,R3,T1 - LOAD X(4),R4 - add T1,T2,T1 - add B,T1,B != - sll B,22,T2 - srl B,32-22,B - or B,T2,B - xor C,D,T1 != - add B,C,B - - sethi %hi(0xf57c0faf),T2 - and T1,B,T1 - or T2,%lo(0xf57c0faf),T2 != - xor T1,D,T1 - add T1,R4,T1 - LOAD X(5),R5 - add T1,T2,T1 != - add A,T1,A - sll A,7,T2 - srl A,32-7,A - or A,T2,A != - xor B,C,T1 - add A,B,A - - sethi %hi(0x4787c62a),T2 - and T1,A,T1 != - or T2,%lo(0x4787c62a),T2 - xor T1,C,T1 - LOAD X(6),R6 - add T1,R5,T1 != - add T1,T2,T1 - add D,T1,D - sll D,12,T2 - srl D,32-12,D != - or D,T2,D - xor A,B,T1 - add D,A,D - - sethi %hi(0xa8304613),T2 != - and T1,D,T1 - or T2,%lo(0xa8304613),T2 - xor T1,B,T1 - add T1,R6,T1 != - LOAD X(7),R7 - add T1,T2,T1 - add C,T1,C - sll C,17,T2 != - srl C,32-17,C - or C,T2,C - xor D,A,T1 - add C,D,C != - - sethi %hi(0xfd469501),T2 - and T1,C,T1 - or T2,%lo(0xfd469501),T2 - xor T1,A,T1 != - add T1,R7,T1 - LOAD X(8),R8 - add T1,T2,T1 - add B,T1,B != - sll B,22,T2 - srl B,32-22,B - or B,T2,B - xor C,D,T1 != - add B,C,B - - sethi %hi(0x698098d8),T2 - and T1,B,T1 - or T2,%lo(0x698098d8),T2 != - xor T1,D,T1 - add T1,R8,T1 - LOAD X(9),R9 - add T1,T2,T1 != - add A,T1,A - sll A,7,T2 - srl A,32-7,A - or A,T2,A != - xor B,C,T1 - add A,B,A - - sethi %hi(0x8b44f7af),T2 - and T1,A,T1 != - or T2,%lo(0x8b44f7af),T2 - xor T1,C,T1 - LOAD X(10),R10 - add T1,R9,T1 != - add T1,T2,T1 - add D,T1,D - sll D,12,T2 - srl D,32-12,D != - or D,T2,D - xor A,B,T1 - add D,A,D - - sethi %hi(0xffff5bb1),T2 != - and T1,D,T1 - or T2,%lo(0xffff5bb1),T2 - xor T1,B,T1 - add T1,R10,T1 != - LOAD X(11),R11 - add T1,T2,T1 - add C,T1,C - sll C,17,T2 != - srl C,32-17,C - or C,T2,C - xor D,A,T1 - add C,D,C != - - sethi %hi(0x895cd7be),T2 - and T1,C,T1 - or T2,%lo(0x895cd7be),T2 - xor T1,A,T1 != - add T1,R11,T1 - LOAD X(12),R12 - add T1,T2,T1 - add B,T1,B != - sll B,22,T2 - srl B,32-22,B - or B,T2,B - xor C,D,T1 != - add B,C,B - - sethi %hi(0x6b901122),T2 - and T1,B,T1 - or T2,%lo(0x6b901122),T2 != - xor T1,D,T1 - add T1,R12,T1 - LOAD X(13),R13 - add T1,T2,T1 != - add A,T1,A - sll A,7,T2 - srl A,32-7,A - or A,T2,A != - xor B,C,T1 - add A,B,A - - sethi %hi(0xfd987193),T2 - and T1,A,T1 != - or T2,%lo(0xfd987193),T2 - xor T1,C,T1 - LOAD X(14),RX - add T1,R13,T1 != - add T1,T2,T1 - add D,T1,D - sll D,12,T2 - srl D,32-12,D != - or D,T2,D - xor A,B,T1 - add D,A,D - - sethi %hi(0xa679438e),T2 != - and T1,D,T1 - or T2,%lo(0xa679438e),T2 - xor T1,B,T1 - add T1,RX,T1 != - LOAD X(15),RX - add T1,T2,T1 - add C,T1,C - sll C,17,T2 != - srl C,32-17,C - or C,T2,C - xor D,A,T1 - add C,D,C != - - sethi %hi(0x49b40821),T2 - and T1,C,T1 - or T2,%lo(0x49b40821),T2 - xor T1,A,T1 != - add T1,RX,T1 - !pre-LOADed X(1),R1 - add T1,T2,T1 - add B,T1,B - sll B,22,T2 != - srl B,32-22,B - or B,T2,B - add B,C,B - -!!!!!!!!Round 1 - - xor B,C,T1 != - sethi %hi(0xf61e2562),T2 - and T1,D,T1 - or T2,%lo(0xf61e2562),T2 - xor T1,C,T1 != - add T1,R1,T1 - !pre-LOADed X(6),R6 - add T1,T2,T1 - add A,T1,A - sll A,5,T2 != - srl A,32-5,A - or A,T2,A - add A,B,A - - xor A,B,T1 != - sethi %hi(0xc040b340),T2 - and T1,C,T1 - or T2,%lo(0xc040b340),T2 - xor T1,B,T1 != - add T1,R6,T1 - !pre-LOADed X(11),R11 - add T1,T2,T1 - add D,T1,D - sll D,9,T2 != - srl D,32-9,D - or D,T2,D - add D,A,D - - xor D,A,T1 != - sethi %hi(0x265e5a51),T2 - and T1,B,T1 - or T2,%lo(0x265e5a51),T2 - xor T1,A,T1 != - add T1,R11,T1 - !pre-LOADed X(0),R0 - add T1,T2,T1 - add C,T1,C - sll C,14,T2 != - srl C,32-14,C - or C,T2,C - add C,D,C - - xor C,D,T1 != - sethi %hi(0xe9b6c7aa),T2 - and T1,A,T1 - or T2,%lo(0xe9b6c7aa),T2 - xor T1,D,T1 != - add T1,R0,T1 - !pre-LOADed X(5),R5 - add T1,T2,T1 - add B,T1,B - sll B,20,T2 != - srl B,32-20,B - or B,T2,B - add B,C,B - - xor B,C,T1 != - sethi %hi(0xd62f105d),T2 - and T1,D,T1 - or T2,%lo(0xd62f105d),T2 - xor T1,C,T1 != - add T1,R5,T1 - !pre-LOADed X(10),R10 - add T1,T2,T1 - add A,T1,A - sll A,5,T2 != - srl A,32-5,A - or A,T2,A - add A,B,A - - xor A,B,T1 != - sethi %hi(0x02441453),T2 - and T1,C,T1 - or T2,%lo(0x02441453),T2 - xor T1,B,T1 != - add T1,R10,T1 - LOAD X(15),RX - add T1,T2,T1 - add D,T1,D != - sll D,9,T2 - srl D,32-9,D - or D,T2,D - add D,A,D != - - xor D,A,T1 - sethi %hi(0xd8a1e681),T2 - and T1,B,T1 - or T2,%lo(0xd8a1e681),T2 != - xor T1,A,T1 - add T1,RX,T1 - !pre-LOADed X(4),R4 - add T1,T2,T1 - add C,T1,C != - sll C,14,T2 - srl C,32-14,C - or C,T2,C - add C,D,C != - - xor C,D,T1 - sethi %hi(0xe7d3fbc8),T2 - and T1,A,T1 - or T2,%lo(0xe7d3fbc8),T2 != - xor T1,D,T1 - add T1,R4,T1 - !pre-LOADed X(9),R9 - add T1,T2,T1 - add B,T1,B != - sll B,20,T2 - srl B,32-20,B - or B,T2,B - add B,C,B != - - xor B,C,T1 - sethi %hi(0x21e1cde6),T2 - and T1,D,T1 - or T2,%lo(0x21e1cde6),T2 != - xor T1,C,T1 - add T1,R9,T1 - LOAD X(14),RX - add T1,T2,T1 != - add A,T1,A - sll A,5,T2 - srl A,32-5,A - or A,T2,A != - add A,B,A - - xor A,B,T1 - sethi %hi(0xc33707d6),T2 - and T1,C,T1 != - or T2,%lo(0xc33707d6),T2 - xor T1,B,T1 - add T1,RX,T1 - !pre-LOADed X(3),R3 - add T1,T2,T1 != - add D,T1,D - sll D,9,T2 - srl D,32-9,D - or D,T2,D != - add D,A,D - - xor D,A,T1 - sethi %hi(0xf4d50d87),T2 - and T1,B,T1 != - or T2,%lo(0xf4d50d87),T2 - xor T1,A,T1 - add T1,R3,T1 - !pre-LOADed X(8),R8 - add T1,T2,T1 != - add C,T1,C - sll C,14,T2 - srl C,32-14,C - or C,T2,C != - add C,D,C - - xor C,D,T1 - sethi %hi(0x455a14ed),T2 - and T1,A,T1 != - or T2,%lo(0x455a14ed),T2 - xor T1,D,T1 - add T1,R8,T1 - !pre-LOADed X(13),R13 - add T1,T2,T1 != - add B,T1,B - sll B,20,T2 - srl B,32-20,B - or B,T2,B != - add B,C,B - - xor B,C,T1 - sethi %hi(0xa9e3e905),T2 - and T1,D,T1 != - or T2,%lo(0xa9e3e905),T2 - xor T1,C,T1 - add T1,R13,T1 - !pre-LOADed X(2),R2 - add T1,T2,T1 != - add A,T1,A - sll A,5,T2 - srl A,32-5,A - or A,T2,A != - add A,B,A - - xor A,B,T1 - sethi %hi(0xfcefa3f8),T2 - and T1,C,T1 != - or T2,%lo(0xfcefa3f8),T2 - xor T1,B,T1 - add T1,R2,T1 - !pre-LOADed X(7),R7 - add T1,T2,T1 != - add D,T1,D - sll D,9,T2 - srl D,32-9,D - or D,T2,D != - add D,A,D - - xor D,A,T1 - sethi %hi(0x676f02d9),T2 - and T1,B,T1 != - or T2,%lo(0x676f02d9),T2 - xor T1,A,T1 - add T1,R7,T1 - !pre-LOADed X(12),R12 - add T1,T2,T1 != - add C,T1,C - sll C,14,T2 - srl C,32-14,C - or C,T2,C != - add C,D,C - - xor C,D,T1 - sethi %hi(0x8d2a4c8a),T2 - and T1,A,T1 != - or T2,%lo(0x8d2a4c8a),T2 - xor T1,D,T1 - add T1,R12,T1 - !pre-LOADed X(5),R5 - add T1,T2,T1 != - add B,T1,B - sll B,20,T2 - srl B,32-20,B - or B,T2,B != - add B,C,B - -!!!!!!!!Round 2 - - xor B,C,T1 - sethi %hi(0xfffa3942),T2 - xor T1,D,T1 != - or T2,%lo(0xfffa3942),T2 - add T1,R5,T1 - !pre-LOADed X(8),R8 - add T1,T2,T1 - add A,T1,A != - sll A,4,T2 - srl A,32-4,A - or A,T2,A - add A,B,A != - - xor A,B,T1 - sethi %hi(0x8771f681),T2 - xor T1,C,T1 - or T2,%lo(0x8771f681),T2 != - add T1,R8,T1 - !pre-LOADed X(11),R11 - add T1,T2,T1 - add D,T1,D - sll D,11,T2 != - srl D,32-11,D - or D,T2,D - add D,A,D - - xor D,A,T1 != - sethi %hi(0x6d9d6122),T2 - xor T1,B,T1 - or T2,%lo(0x6d9d6122),T2 - add T1,R11,T1 != - LOAD X(14),RX - add T1,T2,T1 - add C,T1,C - sll C,16,T2 != - srl C,32-16,C - or C,T2,C - add C,D,C - - xor C,D,T1 != - sethi %hi(0xfde5380c),T2 - xor T1,A,T1 - or T2,%lo(0xfde5380c),T2 - add T1,RX,T1 != - !pre-LOADed X(1),R1 - add T1,T2,T1 - add B,T1,B - sll B,23,T2 - srl B,32-23,B != - or B,T2,B - add B,C,B - - xor B,C,T1 - sethi %hi(0xa4beea44),T2 != - xor T1,D,T1 - or T2,%lo(0xa4beea44),T2 - add T1,R1,T1 - !pre-LOADed X(4),R4 - add T1,T2,T1 != - add A,T1,A - sll A,4,T2 - srl A,32-4,A - or A,T2,A != - add A,B,A - - xor A,B,T1 - sethi %hi(0x4bdecfa9),T2 - xor T1,C,T1 != - or T2,%lo(0x4bdecfa9),T2 - add T1,R4,T1 - !pre-LOADed X(7),R7 - add T1,T2,T1 - add D,T1,D != - sll D,11,T2 - srl D,32-11,D - or D,T2,D - add D,A,D != - - xor D,A,T1 - sethi %hi(0xf6bb4b60),T2 - xor T1,B,T1 - or T2,%lo(0xf6bb4b60),T2 != - add T1,R7,T1 - !pre-LOADed X(10),R10 - add T1,T2,T1 - add C,T1,C - sll C,16,T2 != - srl C,32-16,C - or C,T2,C - add C,D,C - - xor C,D,T1 != - sethi %hi(0xbebfbc70),T2 - xor T1,A,T1 - or T2,%lo(0xbebfbc70),T2 - add T1,R10,T1 != - !pre-LOADed X(13),R13 - add T1,T2,T1 - add B,T1,B - sll B,23,T2 - srl B,32-23,B != - or B,T2,B - add B,C,B - - xor B,C,T1 - sethi %hi(0x289b7ec6),T2 != - xor T1,D,T1 - or T2,%lo(0x289b7ec6),T2 - add T1,R13,T1 - !pre-LOADed X(0),R0 - add T1,T2,T1 != - add A,T1,A - sll A,4,T2 - srl A,32-4,A - or A,T2,A != - add A,B,A - - xor A,B,T1 - sethi %hi(0xeaa127fa),T2 - xor T1,C,T1 != - or T2,%lo(0xeaa127fa),T2 - add T1,R0,T1 - !pre-LOADed X(3),R3 - add T1,T2,T1 - add D,T1,D != - sll D,11,T2 - srl D,32-11,D - or D,T2,D - add D,A,D != - - xor D,A,T1 - sethi %hi(0xd4ef3085),T2 - xor T1,B,T1 - or T2,%lo(0xd4ef3085),T2 != - add T1,R3,T1 - !pre-LOADed X(6),R6 - add T1,T2,T1 - add C,T1,C - sll C,16,T2 != - srl C,32-16,C - or C,T2,C - add C,D,C - - xor C,D,T1 != - sethi %hi(0x04881d05),T2 - xor T1,A,T1 - or T2,%lo(0x04881d05),T2 - add T1,R6,T1 != - !pre-LOADed X(9),R9 - add T1,T2,T1 - add B,T1,B - sll B,23,T2 - srl B,32-23,B != - or B,T2,B - add B,C,B - - xor B,C,T1 - sethi %hi(0xd9d4d039),T2 != - xor T1,D,T1 - or T2,%lo(0xd9d4d039),T2 - add T1,R9,T1 - !pre-LOADed X(12),R12 - add T1,T2,T1 != - add A,T1,A - sll A,4,T2 - srl A,32-4,A - or A,T2,A != - add A,B,A - - xor A,B,T1 - sethi %hi(0xe6db99e5),T2 - xor T1,C,T1 != - or T2,%lo(0xe6db99e5),T2 - add T1,R12,T1 - LOAD X(15),RX - add T1,T2,T1 != - add D,T1,D - sll D,11,T2 - srl D,32-11,D - or D,T2,D != - add D,A,D - - xor D,A,T1 - sethi %hi(0x1fa27cf8),T2 - xor T1,B,T1 != - or T2,%lo(0x1fa27cf8),T2 - add T1,RX,T1 - !pre-LOADed X(2),R2 - add T1,T2,T1 - add C,T1,C != - sll C,16,T2 - srl C,32-16,C - or C,T2,C - add C,D,C != - - xor C,D,T1 - sethi %hi(0xc4ac5665),T2 - xor T1,A,T1 - or T2,%lo(0xc4ac5665),T2 != - add T1,R2,T1 - !pre-LOADed X(0),R0 - add T1,T2,T1 - add B,T1,B - sll B,23,T2 != - srl B,32-23,B - or B,T2,B - add B,C,B - -!!!!!!!!Round 3 - - orn B,D,T1 != - sethi %hi(0xf4292244),T2 - xor T1,C,T1 - or T2,%lo(0xf4292244),T2 - add T1,R0,T1 != - !pre-LOADed X(7),R7 - add T1,T2,T1 - add A,T1,A - sll A,6,T2 - srl A,32-6,A != - or A,T2,A - add A,B,A - - orn A,C,T1 - sethi %hi(0x432aff97),T2 != - xor T1,B,T1 - or T2,%lo(0x432aff97),T2 - LOAD X(14),RX - add T1,R7,T1 != - add T1,T2,T1 - add D,T1,D - sll D,10,T2 - srl D,32-10,D != - or D,T2,D - add D,A,D - - orn D,B,T1 - sethi %hi(0xab9423a7),T2 != - xor T1,A,T1 - or T2,%lo(0xab9423a7),T2 - add T1,RX,T1 - !pre-LOADed X(5),R5 - add T1,T2,T1 != - add C,T1,C - sll C,15,T2 - srl C,32-15,C - or C,T2,C != - add C,D,C - - orn C,A,T1 - sethi %hi(0xfc93a039),T2 - xor T1,D,T1 != - or T2,%lo(0xfc93a039),T2 - add T1,R5,T1 - !pre-LOADed X(12),R12 - add T1,T2,T1 - add B,T1,B != - sll B,21,T2 - srl B,32-21,B - or B,T2,B - add B,C,B != - - orn B,D,T1 - sethi %hi(0x655b59c3),T2 - xor T1,C,T1 - or T2,%lo(0x655b59c3),T2 != - add T1,R12,T1 - !pre-LOADed X(3),R3 - add T1,T2,T1 - add A,T1,A - sll A,6,T2 != - srl A,32-6,A - or A,T2,A - add A,B,A - - orn A,C,T1 != - sethi %hi(0x8f0ccc92),T2 - xor T1,B,T1 - or T2,%lo(0x8f0ccc92),T2 - add T1,R3,T1 != - !pre-LOADed X(10),R10 - add T1,T2,T1 - add D,T1,D - sll D,10,T2 - srl D,32-10,D != - or D,T2,D - add D,A,D - - orn D,B,T1 - sethi %hi(0xffeff47d),T2 != - xor T1,A,T1 - or T2,%lo(0xffeff47d),T2 - add T1,R10,T1 - !pre-LOADed X(1),R1 - add T1,T2,T1 != - add C,T1,C - sll C,15,T2 - srl C,32-15,C - or C,T2,C != - add C,D,C - - orn C,A,T1 - sethi %hi(0x85845dd1),T2 - xor T1,D,T1 != - or T2,%lo(0x85845dd1),T2 - add T1,R1,T1 - !pre-LOADed X(8),R8 - add T1,T2,T1 - add B,T1,B != - sll B,21,T2 - srl B,32-21,B - or B,T2,B - add B,C,B != - - orn B,D,T1 - sethi %hi(0x6fa87e4f),T2 - xor T1,C,T1 - or T2,%lo(0x6fa87e4f),T2 != - add T1,R8,T1 - LOAD X(15),RX - add T1,T2,T1 - add A,T1,A != - sll A,6,T2 - srl A,32-6,A - or A,T2,A - add A,B,A != - - orn A,C,T1 - sethi %hi(0xfe2ce6e0),T2 - xor T1,B,T1 - or T2,%lo(0xfe2ce6e0),T2 != - add T1,RX,T1 - !pre-LOADed X(6),R6 - add T1,T2,T1 - add D,T1,D - sll D,10,T2 != - srl D,32-10,D - or D,T2,D - add D,A,D - - orn D,B,T1 != - sethi %hi(0xa3014314),T2 - xor T1,A,T1 - or T2,%lo(0xa3014314),T2 - add T1,R6,T1 != - !pre-LOADed X(13),R13 - add T1,T2,T1 - add C,T1,C - sll C,15,T2 - srl C,32-15,C != - or C,T2,C - add C,D,C - - orn C,A,T1 - sethi %hi(0x4e0811a1),T2 != - xor T1,D,T1 - or T2,%lo(0x4e0811a1),T2 - !pre-LOADed X(4),R4 - ld [Aptr],Aval - add T1,R13,T1 != - add T1,T2,T1 - add B,T1,B - sll B,21,T2 - srl B,32-21,B != - or B,T2,B - add B,C,B - - orn B,D,T1 - sethi %hi(0xf7537e82),T2 != - xor T1,C,T1 - or T2,%lo(0xf7537e82),T2 - !pre-LOADed X(11),R11 - ld [Dptr],Dval - add T1,R4,T1 != - add T1,T2,T1 - add A,T1,A - sll A,6,T2 - srl A,32-6,A != - or A,T2,A - add A,B,A - - orn A,C,T1 - sethi %hi(0xbd3af235),T2 != - xor T1,B,T1 - or T2,%lo(0xbd3af235),T2 - !pre-LOADed X(2),R2 - ld [Cptr],Cval - add T1,R11,T1 != - add T1,T2,T1 - add D,T1,D - sll D,10,T2 - srl D,32-10,D != - or D,T2,D - add D,A,D - - orn D,B,T1 - sethi %hi(0x2ad7d2bb),T2 != - xor T1,A,T1 - or T2,%lo(0x2ad7d2bb),T2 - !pre-LOADed X(9),R9 - ld [Bptr],Bval - add T1,R2,T1 != - add Aval,A,Aval - add T1,T2,T1 - st Aval,[Aptr] - add C,T1,C != - sll C,15,T2 - add Dval,D,Dval - srl C,32-15,C - or C,T2,C != - st Dval,[Dptr] - add C,D,C - - orn C,A,T1 - sethi %hi(0xeb86d391),T2 != - xor T1,D,T1 - or T2,%lo(0xeb86d391),T2 - add T1,R9,T1 - !pre-LOADed X(0),R0 - mov Aval,A != - add T1,T2,T1 - mov Dval,D - add B,T1,B - sll B,21,T2 != - add Cval,C,Cval - srl B,32-21,B - st Cval,[Cptr] - or B,T2,B != - add B,C,B - - deccc %i2 - mov Cval,C - add B,Bval,B != - inc 64,%i1 - nop - st B,[Bptr] - nop != - -#ifdef OPENSSL_SYSNAME_ULTRASPARC - bg,a,pt %icc,.Lmd5_block_loop -#else - bg,a .Lmd5_block_loop -#endif - LOAD X(0),R0 - -#ifdef ASI_PRIMARY_LITTLE - wr %g0,%o7,%asi -#endif - ret - restore %g0,0,%o0 - -.type md5_block,#function -.size md5_block,(.-md5_block) diff --git a/src/lib/libcrypto/md5/md5.h b/src/lib/libcrypto/md5/md5.h index 0761f84a27..4cbf84386b 100644 --- a/src/lib/libcrypto/md5/md5.h +++ b/src/lib/libcrypto/md5/md5.h @@ -77,7 +77,7 @@ extern "C" { * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! */ -#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) +#if defined(__LP32__) #define MD5_LONG unsigned long #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) #define MD5_LONG unsigned long @@ -105,9 +105,6 @@ typedef struct MD5state_st unsigned int num; } MD5_CTX; -#ifdef OPENSSL_FIPS -int private_MD5_Init(MD5_CTX *c); -#endif int MD5_Init(MD5_CTX *c); int MD5_Update(MD5_CTX *c, const void *data, size_t len); int MD5_Final(unsigned char *md, MD5_CTX *c); diff --git a/src/lib/libcrypto/md5/md5_dgst.c b/src/lib/libcrypto/md5/md5_dgst.c index 47bb9020ee..beace632e3 100644 --- a/src/lib/libcrypto/md5/md5_dgst.c +++ b/src/lib/libcrypto/md5/md5_dgst.c @@ -59,11 +59,6 @@ #include #include "md5_locl.h" #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; @@ -75,15 +70,13 @@ const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; #define INIT_DATA_C (unsigned long)0x98badcfeL #define INIT_DATA_D (unsigned long)0x10325476L -FIPS_NON_FIPS_MD_Init(MD5) +int MD5_Init(MD5_CTX *c) { + memset (c,0,sizeof(*c)); c->A=INIT_DATA_A; c->B=INIT_DATA_B; c->C=INIT_DATA_C; c->D=INIT_DATA_D; - c->Nl=0; - c->Nh=0; - c->num=0; return 1; } diff --git a/src/lib/libcrypto/md5/md5_locl.h b/src/lib/libcrypto/md5/md5_locl.h index 84e81b960d..968d577995 100644 --- a/src/lib/libcrypto/md5/md5_locl.h +++ b/src/lib/libcrypto/md5/md5_locl.h @@ -69,6 +69,8 @@ # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \ defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64) # define md5_block_data_order md5_block_asm_data_order +# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64) +# define md5_block_data_order md5_block_asm_data_order # endif #endif diff --git a/src/lib/libcrypto/mdc2/Makefile b/src/lib/libcrypto/mdc2/Makefile index ea25688d88..1d064f17a6 100644 --- a/src/lib/libcrypto/mdc2/Makefile +++ b/src/lib/libcrypto/mdc2/Makefile @@ -33,7 +33,7 @@ top: all: lib lib: $(LIBOBJ) - $(ARX) $(LIB) $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib diff --git a/src/lib/libcrypto/mdc2/Makefile.ssl b/src/lib/libcrypto/mdc2/Makefile.ssl deleted file mode 100644 index 33f366fb08..0000000000 --- a/src/lib/libcrypto/mdc2/Makefile.ssl +++ /dev/null @@ -1,98 +0,0 @@ -# -# SSLeay/crypto/mdc2/Makefile -# - -DIR= mdc2 -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= mdc2test.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=mdc2dgst.c mdc2_one.c -LIBOBJ=mdc2dgst.o mdc2_one.o - -SRC= $(LIBSRC) - -EXHEADER= mdc2.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -mdc2_one.o: ../../e_os.h ../../include/openssl/bio.h -mdc2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h -mdc2_one.o: ../../include/openssl/opensslconf.h -mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -mdc2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -mdc2_one.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -mdc2_one.o: ../cryptlib.h mdc2_one.c -mdc2dgst.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -mdc2dgst.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h -mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -mdc2dgst.o: mdc2dgst.c diff --git a/src/lib/libcrypto/mdc2/mdc2.h b/src/lib/libcrypto/mdc2/mdc2.h index 7e1354116a..72778a5212 100644 --- a/src/lib/libcrypto/mdc2/mdc2.h +++ b/src/lib/libcrypto/mdc2/mdc2.h @@ -80,9 +80,7 @@ typedef struct mdc2_ctx_st int pad_type; /* either 1 or 2, default 1 */ } MDC2_CTX; -#ifdef OPENSSL_FIPS -int private_MDC2_Init(MDC2_CTX *c); -#endif + int MDC2_Init(MDC2_CTX *c); int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len); int MDC2_Final(unsigned char *md, MDC2_CTX *c); diff --git a/src/lib/libcrypto/mem.c b/src/lib/libcrypto/mem.c index 00ebaf0b9b..8f06d190a1 100644 --- a/src/lib/libcrypto/mem.c +++ b/src/lib/libcrypto/mem.c @@ -101,7 +101,7 @@ static void (*free_locked_func)(void *) = free; /* may be changed as long as 'allow_customize_debug' is set */ /* XXX use correct function pointer types */ -#if defined(CRYPTO_MDEBUG) && !defined(OPENSSL_FIPS) +#ifdef CRYPTO_MDEBUG /* use default functions from mem_dbg.c */ static void (*malloc_debug_func)(void *,int,const char *,int,int) = CRYPTO_dbg_malloc; @@ -110,14 +110,6 @@ static void (*realloc_debug_func)(void *,void *,int,const char *,int,int) static void (*free_debug_func)(void *,int) = CRYPTO_dbg_free; static void (*set_debug_options_func)(long) = CRYPTO_dbg_set_options; static long (*get_debug_options_func)(void) = CRYPTO_dbg_get_options; - -static int (*push_info_func)(const char *info, const char *file, int line) - = CRYPTO_dbg_push_info; -static int (*pop_info_func)(void) - = CRYPTO_dbg_pop_info; -static int (*remove_all_info_func)(void) - = CRYPTO_dbg_remove_all_info; - #else /* applications can use CRYPTO_malloc_debug_init() to select above case * at run-time */ @@ -127,13 +119,6 @@ static void (*realloc_debug_func)(void *,void *,int,const char *,int,int) static void (*free_debug_func)(void *,int) = NULL; static void (*set_debug_options_func)(long) = NULL; static long (*get_debug_options_func)(void) = NULL; - - -static int (*push_info_func)(const char *info, const char *file, int line) - = NULL; -static int (*pop_info_func)(void) = NULL; -static int (*remove_all_info_func)(void) = NULL; - #endif @@ -209,15 +194,6 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int), return 1; } -void CRYPTO_set_mem_info_functions( - int (*push_info_fn)(const char *info, const char *file, int line), - int (*pop_info_fn)(void), - int (*remove_all_info_fn)(void)) - { - push_info_func = push_info_fn; - pop_info_func = pop_info_fn; - remove_all_info_func = remove_all_info_fn; - } void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t), void (**f)(void *)) @@ -274,7 +250,6 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), void *CRYPTO_malloc_locked(int num, const char *file, int line) { void *ret = NULL; - extern unsigned char cleanse_ctr; if (num <= 0) return NULL; @@ -291,11 +266,15 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); +#ifndef OPENSSL_CPUID_OBJ /* Create a dependency on the value of 'cleanse_ctr' so our memory * sanitisation function can't be optimised out. NB: We only do * this for >2Kb so the overhead doesn't bother us. */ if(ret && (num > 2048)) + { extern unsigned char cleanse_ctr; ((unsigned char *)ret)[0] = cleanse_ctr; + } +#endif return ret; } @@ -315,7 +294,6 @@ void CRYPTO_free_locked(void *str) void *CRYPTO_malloc(int num, const char *file, int line) { void *ret = NULL; - extern unsigned char cleanse_ctr; if (num <= 0) return NULL; @@ -332,12 +310,24 @@ void *CRYPTO_malloc(int num, const char *file, int line) if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); +#ifndef OPENSSL_CPUID_OBJ /* Create a dependency on the value of 'cleanse_ctr' so our memory * sanitisation function can't be optimised out. NB: We only do * this for >2Kb so the overhead doesn't bother us. */ if(ret && (num > 2048)) + { extern unsigned char cleanse_ctr; ((unsigned char *)ret)[0] = cleanse_ctr; + } +#endif + + return ret; + } +char *CRYPTO_strdup(const char *str, const char *file, int line) + { + size_t len = strlen(str)+1; + char *ret = CRYPTO_malloc(len, file, line); + memcpy(ret, str, len); return ret; } @@ -423,24 +413,3 @@ long CRYPTO_get_mem_debug_options(void) return get_debug_options_func(); return 0; } - -int CRYPTO_push_info_(const char *info, const char *file, int line) - { - if (push_info_func) - return push_info_func(info, file, line); - return 1; - } - -int CRYPTO_pop_info(void) - { - if (pop_info_func) - return pop_info_func(); - return 1; - } - -int CRYPTO_remove_all_info(void) - { - if (remove_all_info_func) - return remove_all_info_func(); - return 1; - } diff --git a/src/lib/libcrypto/mem_dbg.c b/src/lib/libcrypto/mem_dbg.c index c6dee9a92b..ac793397f1 100644 --- a/src/lib/libcrypto/mem_dbg.c +++ b/src/lib/libcrypto/mem_dbg.c @@ -55,6 +55,59 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ #include #include @@ -81,8 +134,11 @@ static int mh_mode=CRYPTO_MEM_CHECK_OFF; */ static unsigned long order = 0; /* number of memory requests */ -static LHASH *mh=NULL; /* hash-table of memory requests (address as key); - * access requires MALLOC2 lock */ + +DECLARE_LHASH_OF(MEM); +static LHASH_OF(MEM) *mh=NULL; /* hash-table of memory requests + * (address as key); access requires + * MALLOC2 lock */ typedef struct app_mem_info_st @@ -93,8 +149,8 @@ typedef struct app_mem_info_st * CRYPTO_pop_info() to pop an entry, * CRYPTO_remove_all_info() to pop all entries. */ - { - unsigned long thread; + { + CRYPTO_THREADID threadid; const char *file; int line; const char *info; @@ -104,10 +160,13 @@ typedef struct app_mem_info_st static void app_info_free(APP_INFO *); -static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's - * that are at the top of their thread's stack - * (with `thread' as key); - * access requires MALLOC2 lock */ +DECLARE_LHASH_OF(APP_INFO); +static LHASH_OF(APP_INFO) *amih=NULL; /* hash-table with those + * app_mem_info_st's that are at + * the top of their thread's + * stack (with `thread' as key); + * access requires MALLOC2 + * lock */ typedef struct mem_st /* memory-block description */ @@ -116,7 +175,7 @@ typedef struct mem_st int num; const char *file; int line; - unsigned long thread; + CRYPTO_THREADID threadid; unsigned long order; time_t time; APP_INFO *app_info; @@ -136,11 +195,11 @@ static unsigned int num_disable = 0; /* num_disable > 0 * iff * mh_mode == CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE) */ -static unsigned long disabling_thread = 0; /* Valid iff num_disable > 0. - * CRYPTO_LOCK_MALLOC2 is locked - * exactly in this case (by the - * thread named in disabling_thread). - */ + +/* Valid iff num_disable > 0. CRYPTO_LOCK_MALLOC2 is locked exactly in this + * case (by the thread named in disabling_thread). + */ +static CRYPTO_THREADID disabling_threadid; static void app_info_free(APP_INFO *inf) { @@ -177,7 +236,9 @@ int CRYPTO_mem_ctrl(int mode) case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */ if (mh_mode & CRYPTO_MEM_CHECK_ON) { - if (!num_disable || (disabling_thread != CRYPTO_thread_id())) /* otherwise we already have the MALLOC2 lock */ + CRYPTO_THREADID cur; + CRYPTO_THREADID_current(&cur); + if (!num_disable || CRYPTO_THREADID_cmp(&disabling_threadid, &cur)) /* otherwise we already have the MALLOC2 lock */ { /* Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed while * we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock if @@ -195,7 +256,7 @@ int CRYPTO_mem_ctrl(int mode) CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2); CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE; - disabling_thread=CRYPTO_thread_id(); + CRYPTO_THREADID_cpy(&disabling_threadid, &cur); } num_disable++; } @@ -228,10 +289,12 @@ int CRYPTO_is_mem_check_on(void) if (mh_mode & CRYPTO_MEM_CHECK_ON) { + CRYPTO_THREADID cur; + CRYPTO_THREADID_current(&cur); CRYPTO_r_lock(CRYPTO_LOCK_MALLOC); ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE) - || (disabling_thread != CRYPTO_thread_id()); + || CRYPTO_THREADID_cmp(&disabling_threadid, &cur); CRYPTO_r_unlock(CRYPTO_LOCK_MALLOC); } @@ -249,49 +312,49 @@ long CRYPTO_dbg_get_options(void) return options; } -/* static int mem_cmp(MEM *a, MEM *b) */ -static int mem_cmp(const void *a_void, const void *b_void) +static int mem_cmp(const MEM *a, const MEM *b) { #ifdef _WIN64 - const char *a=(const char *)((const MEM *)a_void)->addr, - *b=(const char *)((const MEM *)b_void)->addr; - if (a==b) return 0; - else if (a>b) return 1; + const char *ap=(const char *)a->addr, + *bp=(const char *)b->addr; + if (ap==bp) return 0; + else if (ap>bp) return 1; else return -1; #else - return((const char *)((const MEM *)a_void)->addr - - (const char *)((const MEM *)b_void)->addr); + return (const char *)a->addr - (const char *)b->addr; #endif } +static IMPLEMENT_LHASH_COMP_FN(mem, MEM) -/* static unsigned long mem_hash(MEM *a) */ -static unsigned long mem_hash(const void *a_void) +static unsigned long mem_hash(const MEM *a) { unsigned long ret; - ret=(unsigned long)((const MEM *)a_void)->addr; + ret=(unsigned long)a->addr; ret=ret*17851+(ret>>14)*7+(ret>>4)*251; return(ret); } +static IMPLEMENT_LHASH_HASH_FN(mem, MEM) /* static int app_info_cmp(APP_INFO *a, APP_INFO *b) */ static int app_info_cmp(const void *a_void, const void *b_void) { - return(((const APP_INFO *)a_void)->thread - != ((const APP_INFO *)b_void)->thread); + return CRYPTO_THREADID_cmp(&((const APP_INFO *)a_void)->threadid, + &((const APP_INFO *)b_void)->threadid); } +static IMPLEMENT_LHASH_COMP_FN(app_info, APP_INFO) -/* static unsigned long app_info_hash(APP_INFO *a) */ -static unsigned long app_info_hash(const void *a_void) +static unsigned long app_info_hash(const APP_INFO *a) { unsigned long ret; - ret=(unsigned long)((const APP_INFO *)a_void)->thread; - + ret = CRYPTO_THREADID_hash(&a->threadid); + /* This is left in as a "who am I to question legacy?" measure */ ret=ret*17851+(ret>>14)*7+(ret>>4)*251; return(ret); } +static IMPLEMENT_LHASH_HASH_FN(app_info, APP_INFO) static APP_INFO *pop_info(void) { @@ -300,21 +363,22 @@ static APP_INFO *pop_info(void) if (amih != NULL) { - tmp.thread=CRYPTO_thread_id(); - if ((ret=(APP_INFO *)lh_delete(amih,&tmp)) != NULL) + CRYPTO_THREADID_current(&tmp.threadid); + if ((ret=lh_APP_INFO_delete(amih,&tmp)) != NULL) { APP_INFO *next=ret->next; if (next != NULL) { next->references++; - lh_insert(amih,(char *)next); + (void)lh_APP_INFO_insert(amih,next); } #ifdef LEVITTE_DEBUG_MEM - if (ret->thread != tmp.thread) + if (CRYPTO_THREADID_cmp(&ret->threadid, &tmp.threadid)) { fprintf(stderr, "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n", - ret->thread, tmp.thread); + CRYPTO_THREADID_hash(&ret->threadid), + CRYPTO_THREADID_hash(&tmp.threadid)); abort(); } #endif @@ -330,7 +394,7 @@ static APP_INFO *pop_info(void) return(ret); } -int CRYPTO_dbg_push_info(const char *info, const char *file, int line) +int CRYPTO_push_info_(const char *info, const char *file, int line) { APP_INFO *ami, *amim; int ret=0; @@ -346,7 +410,7 @@ int CRYPTO_dbg_push_info(const char *info, const char *file, int line) } if (amih == NULL) { - if ((amih=lh_new(app_info_hash, app_info_cmp)) == NULL) + if ((amih=lh_APP_INFO_new()) == NULL) { OPENSSL_free(ami); ret=0; @@ -354,20 +418,21 @@ int CRYPTO_dbg_push_info(const char *info, const char *file, int line) } } - ami->thread=CRYPTO_thread_id(); + CRYPTO_THREADID_current(&ami->threadid); ami->file=file; ami->line=line; ami->info=info; ami->references=1; ami->next=NULL; - if ((amim=(APP_INFO *)lh_insert(amih,(char *)ami)) != NULL) + if ((amim=lh_APP_INFO_insert(amih,ami)) != NULL) { #ifdef LEVITTE_DEBUG_MEM - if (ami->thread != amim->thread) + if (CRYPTO_THREADID_cmp(&ami->threadid, &amim->threadid)) { fprintf(stderr, "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n", - amim->thread, ami->thread); + CRYPTO_THREADID_hash(&amim->threadid), + CRYPTO_THREADID_hash(&ami->threadid)); abort(); } #endif @@ -380,7 +445,7 @@ int CRYPTO_dbg_push_info(const char *info, const char *file, int line) return(ret); } -int CRYPTO_dbg_pop_info(void) +int CRYPTO_pop_info(void) { int ret=0; @@ -395,7 +460,7 @@ int CRYPTO_dbg_pop_info(void) return(ret); } -int CRYPTO_dbg_remove_all_info(void) +int CRYPTO_remove_all_info(void) { int ret=0; @@ -439,7 +504,7 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, } if (mh == NULL) { - if ((mh=lh_new(mem_hash, mem_cmp)) == NULL) + if ((mh=lh_MEM_new()) == NULL) { OPENSSL_free(addr); OPENSSL_free(m); @@ -453,9 +518,9 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, m->line=line; m->num=num; if (options & V_CRYPTO_MDEBUG_THREAD) - m->thread=CRYPTO_thread_id(); + CRYPTO_THREADID_current(&m->threadid); else - m->thread=0; + memset(&m->threadid, 0, sizeof(m->threadid)); if (order == break_order_num) { @@ -464,7 +529,7 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, } m->order=order++; #ifdef LEVITTE_DEBUG_MEM - fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] %c 0x%p (%d)\n", + fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] %c 0x%p (%d)\n", m->order, (before_p & 128) ? '*' : '+', m->addr, m->num); @@ -474,16 +539,16 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, else m->time=0; - tmp.thread=CRYPTO_thread_id(); + CRYPTO_THREADID_current(&tmp.threadid); m->app_info=NULL; if (amih != NULL - && (amim=(APP_INFO *)lh_retrieve(amih,(char *)&tmp)) != NULL) + && (amim=lh_APP_INFO_retrieve(amih,&tmp)) != NULL) { m->app_info = amim; amim->references++; } - if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL) + if ((mm=lh_MEM_insert(mh, m)) != NULL) { /* Not good, but don't sweat it */ if (mm->app_info != NULL) @@ -516,11 +581,11 @@ void CRYPTO_dbg_free(void *addr, int before_p) MemCheck_off(); /* make sure we hold MALLOC2 lock */ m.addr=addr; - mp=(MEM *)lh_delete(mh,(char *)&m); + mp=lh_MEM_delete(mh,&m); if (mp != NULL) { #ifdef LEVITTE_DEBUG_MEM - fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] - 0x%p (%d)\n", + fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] - 0x%p (%d)\n", mp->order, mp->addr, mp->num); #endif if (mp->app_info != NULL) @@ -566,18 +631,18 @@ void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, MemCheck_off(); /* make sure we hold MALLOC2 lock */ m.addr=addr1; - mp=(MEM *)lh_delete(mh,(char *)&m); + mp=lh_MEM_delete(mh,&m); if (mp != NULL) { #ifdef LEVITTE_DEBUG_MEM - fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] * 0x%p (%d) -> 0x%p (%d)\n", + fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] * 0x%p (%d) -> 0x%p (%d)\n", mp->order, mp->addr, mp->num, addr2, num); #endif mp->addr=addr2; mp->num=num; - lh_insert(mh,(char *)mp); + (void)lh_MEM_insert(mh,mp); } MemCheck_on(); /* release MALLOC2 lock @@ -596,14 +661,14 @@ typedef struct mem_leak_st long bytes; } MEM_LEAK; -static void print_leak(const MEM *m, MEM_LEAK *l) +static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l) { char buf[1024]; char *bufp = buf; APP_INFO *amip; int ami_cnt; struct tm *lcl = NULL; - unsigned long ti; + CRYPTO_THREADID ti; #define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf)) @@ -625,7 +690,8 @@ static void print_leak(const MEM *m, MEM_LEAK *l) if (options & V_CRYPTO_MDEBUG_THREAD) { - BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ", m->thread); + BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ", + CRYPTO_THREADID_hash(&m->threadid)); bufp += strlen(bufp); } @@ -642,8 +708,8 @@ static void print_leak(const MEM *m, MEM_LEAK *l) ami_cnt=0; if (!amip) return; - ti=amip->thread; - + CRYPTO_THREADID_cpy(&ti, &amip->threadid); + do { int buf_len; @@ -653,7 +719,8 @@ static void print_leak(const MEM *m, MEM_LEAK *l) memset(buf,'>',ami_cnt); BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt, " thread=%lu, file=%s, line=%d, info=\"", - amip->thread, amip->file, amip->line); + CRYPTO_THREADID_hash(&amip->threadid), amip->file, + amip->line); buf_len=strlen(buf); info_len=strlen(amip->info); if (128 - buf_len - 3 < info_len) @@ -673,8 +740,8 @@ static void print_leak(const MEM *m, MEM_LEAK *l) amip = amip->next; } - while(amip && amip->thread == ti); - + while(amip && !CRYPTO_THREADID_cmp(&amip->threadid, &ti)); + #ifdef LEVITTE_DEBUG_MEM if (amip) { @@ -684,7 +751,7 @@ static void print_leak(const MEM *m, MEM_LEAK *l) #endif } -static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM *, MEM_LEAK *) +static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM, MEM_LEAK) void CRYPTO_mem_leaks(BIO *b) { @@ -699,12 +766,15 @@ void CRYPTO_mem_leaks(BIO *b) ml.bytes=0; ml.chunks=0; if (mh != NULL) - lh_doall_arg(mh, LHASH_DOALL_ARG_FN(print_leak), - (char *)&ml); + lh_MEM_doall_arg(mh, LHASH_DOALL_ARG_FN(print_leak), MEM_LEAK, + &ml); if (ml.chunks != 0) { BIO_printf(b,"%ld bytes leaked in %d chunks\n", ml.bytes,ml.chunks); +#ifdef CRYPTO_MDEBUG_ABORT + abort(); +#endif } else { @@ -717,7 +787,7 @@ void CRYPTO_mem_leaks(BIO *b) * XXX This should be in CRYPTO_mem_leaks_cb, * and CRYPTO_mem_leaks should be implemented by * using CRYPTO_mem_leaks_cb. - * (Also their should be a variant of lh_doall_arg + * (Also there should be a variant of lh_doall_arg * that takes a function pointer instead of a void *; * this would obviate the ugly and illegal * void_fn_to_char kludge in CRYPTO_mem_leaks_cb. @@ -734,14 +804,14 @@ void CRYPTO_mem_leaks(BIO *b) if (mh != NULL) { - lh_free(mh); + lh_MEM_free(mh); mh = NULL; } if (amih != NULL) { - if (lh_num_items(amih) == 0) + if (lh_APP_INFO_num_items(amih) == 0) { - lh_free(amih); + lh_APP_INFO_free(amih); amih = NULL; } } @@ -779,40 +849,26 @@ void CRYPTO_mem_leaks_fp(FILE *fp) /* NB: The prototypes have been typedef'd to CRYPTO_MEM_LEAK_CB inside crypto.h * If this code is restructured, remove the callback type if it is no longer * needed. -- Geoff Thorpe */ -static void cb_leak(const MEM *m, CRYPTO_MEM_LEAK_CB **cb) + +/* Can't pass CRYPTO_MEM_LEAK_CB directly to lh_MEM_doall_arg because it + * is a function pointer and conversion to void * is prohibited. Instead + * pass its address + */ + +typedef CRYPTO_MEM_LEAK_CB *PCRYPTO_MEM_LEAK_CB; + +static void cb_leak_doall_arg(const MEM *m, PCRYPTO_MEM_LEAK_CB *cb) { - (**cb)(m->order,m->file,m->line,m->num,m->addr); + (*cb)(m->order,m->file,m->line,m->num,m->addr); } -static IMPLEMENT_LHASH_DOALL_ARG_FN(cb_leak, const MEM *, CRYPTO_MEM_LEAK_CB **) +static IMPLEMENT_LHASH_DOALL_ARG_FN(cb_leak, const MEM, PCRYPTO_MEM_LEAK_CB) void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb) { if (mh == NULL) return; CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2); - lh_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), &cb); + lh_MEM_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), PCRYPTO_MEM_LEAK_CB, + &cb); CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); } - -void CRYPTO_malloc_debug_init(void) - { - CRYPTO_set_mem_debug_functions( - CRYPTO_dbg_malloc, - CRYPTO_dbg_realloc, - CRYPTO_dbg_free, - CRYPTO_dbg_set_options, - CRYPTO_dbg_get_options); - CRYPTO_set_mem_info_functions( - CRYPTO_dbg_push_info, - CRYPTO_dbg_pop_info, - CRYPTO_dbg_remove_all_info); - } - -char *CRYPTO_strdup(const char *str, const char *file, int line) - { - size_t len = strlen(str)+1; - char *ret = CRYPTO_malloc(len, file, line); - - memcpy(ret, str, len); - return ret; - } diff --git a/src/lib/libcrypto/o_init.c b/src/lib/libcrypto/o_init.c deleted file mode 100644 index 00ed65a6cf..0000000000 --- a/src/lib/libcrypto/o_init.c +++ /dev/null @@ -1,86 +0,0 @@ -/* o_init.c */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -/* Perform any essential OpenSSL initialization operations. - * Currently only sets FIPS callbacks - */ - -void OPENSSL_init(void) - { -#ifdef OPENSSL_FIPS - static int done = 0; - if (!done) - { - int_ERR_lib_init(); -#ifdef CRYPTO_MDEBUG - CRYPTO_malloc_debug_init(); -#endif -#ifdef OPENSSL_ENGINE - int_EVP_MD_init_engine_callbacks(); - int_EVP_CIPHER_init_engine_callbacks(); - int_RAND_init_engine_callbacks(); -#endif - done = 1; - } -#endif - } - - diff --git a/src/lib/libcrypto/o_time.c b/src/lib/libcrypto/o_time.c index e29091d650..eecbdd19f0 100644 --- a/src/lib/libcrypto/o_time.c +++ b/src/lib/libcrypto/o_time.c @@ -2,6 +2,9 @@ /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL * project 2001. */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 2008. + */ /* ==================================================================== * Copyright (c) 2001 The OpenSSL Project. All rights reserved. * @@ -73,7 +76,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) { struct tm *ts = NULL; -#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && !defined(__CYGWIN32__) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS) +#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS) /* should return &data, but doesn't on some systems, so we don't even look at the return value */ gmtime_r(timer,result); @@ -214,4 +217,150 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) } #endif return ts; - } + } + +/* Take a tm structure and add an offset to it. This avoids any OS issues + * with restricted date types and overflows which cause the year 2038 + * problem. + */ + +#define SECS_PER_DAY (24 * 60 * 60) + +static long date_to_julian(int y, int m, int d); +static void julian_to_date(long jd, int *y, int *m, int *d); + +int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec) + { + int offset_hms, offset_day; + long time_jd; + int time_year, time_month, time_day; + /* split offset into days and day seconds */ + offset_day = offset_sec / SECS_PER_DAY; + /* Avoid sign issues with % operator */ + offset_hms = offset_sec - (offset_day * SECS_PER_DAY); + offset_day += off_day; + /* Add current time seconds to offset */ + offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec; + /* Adjust day seconds if overflow */ + if (offset_hms >= SECS_PER_DAY) + { + offset_day++; + offset_hms -= SECS_PER_DAY; + } + else if (offset_hms < 0) + { + offset_day--; + offset_hms += SECS_PER_DAY; + } + + /* Convert date of time structure into a Julian day number. + */ + + time_year = tm->tm_year + 1900; + time_month = tm->tm_mon + 1; + time_day = tm->tm_mday; + + time_jd = date_to_julian(time_year, time_month, time_day); + + /* Work out Julian day of new date */ + time_jd += offset_day; + + if (time_jd < 0) + return 0; + + /* Convert Julian day back to date */ + + julian_to_date(time_jd, &time_year, &time_month, &time_day); + + if (time_year < 1900 || time_year > 9999) + return 0; + + /* Update tm structure */ + + tm->tm_year = time_year - 1900; + tm->tm_mon = time_month - 1; + tm->tm_mday = time_day; + + tm->tm_hour = offset_hms / 3600; + tm->tm_min = (offset_hms / 60) % 60; + tm->tm_sec = offset_hms % 60; + + return 1; + +} + +/* Convert date to and from julian day + * Uses Fliegel & Van Flandern algorithm + */ +static long date_to_julian(int y, int m, int d) +{ + return (1461 * (y + 4800 + (m - 14) / 12)) / 4 + + (367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 - + (3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 + + d - 32075; +} + +static void julian_to_date(long jd, int *y, int *m, int *d) + { + long L = jd + 68569; + long n = (4 * L) / 146097; + long i, j; + + L = L - (146097 * n + 3) / 4; + i = (4000 * (L + 1)) / 1461001; + L = L - (1461 * i) / 4 + 31; + j = (80 * L) / 2447; + *d = L - (2447 * j) / 80; + L = j / 11; + *m = j + 2 - (12 * L); + *y = 100 * (n - 49) + i + L; + } + +#ifdef OPENSSL_TIME_TEST + +#include + +/* Time checking test code. Check times are identical for a wide range of + * offsets. This should be run on a machine with 64 bit time_t or it will + * trigger the very errors the routines fix. + */ + +int main(int argc, char **argv) + { + long offset; + for (offset = 0; offset < 1000000; offset++) + { + check_time(offset); + check_time(-offset); + check_time(offset * 1000); + check_time(-offset * 1000); + } + } + +int check_time(long offset) + { + struct tm tm1, tm2; + time_t t1, t2; + time(&t1); + t2 = t1 + offset; + OPENSSL_gmtime(&t2, &tm2); + OPENSSL_gmtime(&t1, &tm1); + OPENSSL_gmtime_adj(&tm1, 0, offset); + if ((tm1.tm_year == tm2.tm_year) && + (tm1.tm_mon == tm2.tm_mon) && + (tm1.tm_mday == tm2.tm_mday) && + (tm1.tm_hour == tm2.tm_hour) && + (tm1.tm_min == tm2.tm_min) && + (tm1.tm_sec == tm2.tm_sec)) + return 1; + fprintf(stderr, "TIME ERROR!!\n"); + fprintf(stderr, "Time1: %d/%d/%d, %d:%02d:%02d\n", + tm2.tm_mday, tm2.tm_mon + 1, tm2.tm_year + 1900, + tm2.tm_hour, tm2.tm_min, tm2.tm_sec); + fprintf(stderr, "Time2: %d/%d/%d, %d:%02d:%02d\n", + tm1.tm_mday, tm1.tm_mon + 1, tm1.tm_year + 1900, + tm1.tm_hour, tm1.tm_min, tm1.tm_sec); + return 0; + } + +#endif diff --git a/src/lib/libcrypto/o_time.h b/src/lib/libcrypto/o_time.h index e66044626d..e391da7508 100644 --- a/src/lib/libcrypto/o_time.h +++ b/src/lib/libcrypto/o_time.h @@ -62,5 +62,6 @@ #include struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result); +int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec); #endif diff --git a/src/lib/libcrypto/objects/Makefile.ssl b/src/lib/libcrypto/objects/Makefile.ssl deleted file mode 100644 index 3e7a194cf9..0000000000 --- a/src/lib/libcrypto/objects/Makefile.ssl +++ /dev/null @@ -1,123 +0,0 @@ -# -# SSLeay/crypto/objects/Makefile -# - -DIR= objects -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r -PERL= perl - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile README -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= o_names.c obj_dat.c obj_lib.c obj_err.c -LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o - -SRC= $(LIBSRC) - -EXHEADER= objects.h obj_mac.h -HEADER= $(EXHEADER) obj_dat.h - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: obj_dat.h lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -obj_dat.h: obj_dat.pl obj_mac.h - $(PERL) obj_dat.pl obj_mac.h obj_dat.h - -# objects.pl both reads and writes obj_mac.num -obj_mac.h: objects.pl objects.txt obj_mac.num - $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -o_names.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -o_names.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h -o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -o_names.o: o_names.c -obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h -obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -obj_dat.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -obj_dat.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -obj_dat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -obj_dat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -obj_dat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -obj_dat.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_dat.c obj_dat.h -obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -obj_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -obj_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -obj_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -obj_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -obj_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -obj_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -obj_err.o: ../../include/openssl/symhacks.h obj_err.c -obj_lib.o: ../../e_os.h ../../include/openssl/asn1.h -obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -obj_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -obj_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -obj_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -obj_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -obj_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -obj_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -obj_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_lib.c diff --git a/src/lib/libcrypto/objects/o_names.c b/src/lib/libcrypto/objects/o_names.c index adb5731f76..84380a96a9 100644 --- a/src/lib/libcrypto/objects/o_names.c +++ b/src/lib/libcrypto/objects/o_names.c @@ -22,7 +22,8 @@ /* I use the ex_data stuff to manage the identifiers for the obj_name_types * that applications may define. I only really use the free function field. */ -static LHASH *names_lh=NULL; +DECLARE_LHASH_OF(OBJ_NAME); +static LHASH_OF(OBJ_NAME) *names_lh=NULL; static int names_type_num=OBJ_NAME_TYPE_NUM; typedef struct name_funcs_st @@ -46,11 +47,14 @@ static unsigned long obj_name_hash(const void *a_void); /* static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); */ static int obj_name_cmp(const void *a_void,const void *b_void); +static IMPLEMENT_LHASH_HASH_FN(obj_name, OBJ_NAME) +static IMPLEMENT_LHASH_COMP_FN(obj_name, OBJ_NAME) + int OBJ_NAME_init(void) { if (names_lh != NULL) return(1); MemCheck_off(); - names_lh=lh_new(obj_name_hash, obj_name_cmp); + names_lh=lh_OBJ_NAME_new(); MemCheck_on(); return(names_lh != NULL); } @@ -164,7 +168,7 @@ const char *OBJ_NAME_get(const char *name, int type) for (;;) { - ret=(OBJ_NAME *)lh_retrieve(names_lh,&on); + ret=lh_OBJ_NAME_retrieve(names_lh,&on); if (ret == NULL) return(NULL); if ((ret->alias) && !alias) { @@ -200,7 +204,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data) onp->type=type; onp->data=data; - ret=(OBJ_NAME *)lh_insert(names_lh,onp); + ret=lh_OBJ_NAME_insert(names_lh,onp); if (ret != NULL) { /* free things */ @@ -217,7 +221,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data) } else { - if (lh_error(names_lh)) + if (lh_OBJ_NAME_error(names_lh)) { /* ERROR */ return(0); @@ -235,7 +239,7 @@ int OBJ_NAME_remove(const char *name, int type) type&= ~OBJ_NAME_ALIAS; on.name=name; on.type=type; - ret=(OBJ_NAME *)lh_delete(names_lh,&on); + ret=lh_OBJ_NAME_delete(names_lh,&on); if (ret != NULL) { /* free things */ @@ -262,13 +266,13 @@ struct doall void *arg; }; -static void do_all_fn(const OBJ_NAME *name,struct doall *d) +static void do_all_fn_doall_arg(const OBJ_NAME *name,struct doall *d) { if(name->type == d->type) d->fn(name,d->arg); } -static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME *, struct doall *) +static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME, struct doall) void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg),void *arg) { @@ -278,7 +282,8 @@ void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg),void *arg) d.fn=fn; d.arg=arg; - lh_doall_arg(names_lh,LHASH_DOALL_ARG_FN(do_all_fn),&d); + lh_OBJ_NAME_doall_arg(names_lh, LHASH_DOALL_ARG_FN(do_all_fn), + struct doall, &d); } struct doall_sorted @@ -313,7 +318,7 @@ void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), int n; d.type=type; - d.names=OPENSSL_malloc(lh_num_items(names_lh)*sizeof *d.names); + d.names=OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh)*sizeof *d.names); d.n=0; OBJ_NAME_do_all(type,do_all_sorted_fn,&d); @@ -327,18 +332,16 @@ void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), static int free_type; -static void names_lh_free(OBJ_NAME *onp) -{ - if(onp == NULL) +static void names_lh_free_doall(OBJ_NAME *onp) + { + if (onp == NULL) return; - if ((free_type < 0) || (free_type == onp->type)) - { + if (free_type < 0 || free_type == onp->type) OBJ_NAME_remove(onp->name,onp->type); - } } -static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME *) +static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME) static void name_funcs_free(NAME_FUNCS *ptr) { @@ -352,18 +355,18 @@ void OBJ_NAME_cleanup(int type) if (names_lh == NULL) return; free_type=type; - down_load=names_lh->down_load; - names_lh->down_load=0; + down_load=lh_OBJ_NAME_down_load(names_lh); + lh_OBJ_NAME_down_load(names_lh)=0; - lh_doall(names_lh,LHASH_DOALL_FN(names_lh_free)); + lh_OBJ_NAME_doall(names_lh,LHASH_DOALL_FN(names_lh_free)); if (type < 0) { - lh_free(names_lh); + lh_OBJ_NAME_free(names_lh); sk_NAME_FUNCS_pop_free(name_funcs_stack,name_funcs_free); names_lh=NULL; name_funcs_stack = NULL; } else - names_lh->down_load=down_load; + lh_OBJ_NAME_down_load(names_lh)=down_load; } diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c index 7fd7433241..8a342ba3eb 100644 --- a/src/lib/libcrypto/objects/obj_dat.c +++ b/src/lib/libcrypto/objects/obj_dat.c @@ -74,16 +74,17 @@ #define NUM_SN 0 #define NUM_LN 0 #define NUM_OBJ 0 -static unsigned char lvalues[1]; -static ASN1_OBJECT nid_objs[1]; -static ASN1_OBJECT *sn_objs[1]; -static ASN1_OBJECT *ln_objs[1]; -static ASN1_OBJECT *obj_objs[1]; +static const unsigned char lvalues[1]; +static const ASN1_OBJECT nid_objs[1]; +static const unsigned int sn_objs[1]; +static const unsigned int ln_objs[1]; +static const unsigned int obj_objs[1]; #endif -static int sn_cmp(const void *a, const void *b); -static int ln_cmp(const void *a, const void *b); -static int obj_cmp(const void *a, const void *b); +DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn); +DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln); +DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj); + #define ADDED_DATA 0 #define ADDED_SNAME 1 #define ADDED_LNAME 2 @@ -94,30 +95,27 @@ typedef struct added_obj_st int type; ASN1_OBJECT *obj; } ADDED_OBJ; +DECLARE_LHASH_OF(ADDED_OBJ); static int new_nid=NUM_NID; -static LHASH *added=NULL; +static LHASH_OF(ADDED_OBJ) *added=NULL; -static int sn_cmp(const void *a, const void *b) - { - const ASN1_OBJECT * const *ap = a, * const *bp = b; - return(strcmp((*ap)->sn,(*bp)->sn)); - } +static int sn_cmp(const ASN1_OBJECT * const *a, const unsigned int *b) + { return(strcmp((*a)->sn,nid_objs[*b].sn)); } -static int ln_cmp(const void *a, const void *b) - { - const ASN1_OBJECT * const *ap = a, * const *bp = b; - return(strcmp((*ap)->ln,(*bp)->ln)); - } +IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn); + +static int ln_cmp(const ASN1_OBJECT * const *a, const unsigned int *b) + { return(strcmp((*a)->ln,nid_objs[*b].ln)); } -/* static unsigned long add_hash(ADDED_OBJ *ca) */ -static unsigned long add_hash(const void *ca_void) +IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln); + +static unsigned long added_obj_hash(const ADDED_OBJ *ca) { const ASN1_OBJECT *a; int i; unsigned long ret=0; unsigned char *p; - const ADDED_OBJ *ca = (const ADDED_OBJ *)ca_void; a=ca->obj; switch (ca->type) @@ -145,14 +143,12 @@ static unsigned long add_hash(const void *ca_void) ret|=ca->type<<30L; return(ret); } +static IMPLEMENT_LHASH_HASH_FN(added_obj, ADDED_OBJ) -/* static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb) */ -static int add_cmp(const void *ca_void, const void *cb_void) +static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb) { ASN1_OBJECT *a,*b; int i; - const ADDED_OBJ *ca = (const ADDED_OBJ *)ca_void; - const ADDED_OBJ *cb = (const ADDED_OBJ *)cb_void; i=ca->type-cb->type; if (i) return(i); @@ -179,15 +175,16 @@ static int add_cmp(const void *ca_void, const void *cb_void) return 0; } } +static IMPLEMENT_LHASH_COMP_FN(added_obj, ADDED_OBJ) static int init_added(void) { if (added != NULL) return(1); - added=lh_new(add_hash,add_cmp); + added=lh_ADDED_OBJ_new(); return(added != NULL); } -static void cleanup1(ADDED_OBJ *a) +static void cleanup1_doall(ADDED_OBJ *a) { a->obj->nid=0; a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC| @@ -195,28 +192,46 @@ static void cleanup1(ADDED_OBJ *a) ASN1_OBJECT_FLAG_DYNAMIC_DATA; } -static void cleanup2(ADDED_OBJ *a) +static void cleanup2_doall(ADDED_OBJ *a) { a->obj->nid++; } -static void cleanup3(ADDED_OBJ *a) +static void cleanup3_doall(ADDED_OBJ *a) { if (--a->obj->nid == 0) ASN1_OBJECT_free(a->obj); OPENSSL_free(a); } -static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ *) -static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ *) -static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ *) +static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ) +static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ) +static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ) + +/* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting + * to use freed up OIDs. If neccessary the actual freeing up of OIDs is + * delayed. + */ + +int obj_cleanup_defer = 0; + +void check_defer(int nid) + { + if (!obj_cleanup_defer && nid >= NUM_NID) + obj_cleanup_defer = 1; + } void OBJ_cleanup(void) { + if (obj_cleanup_defer) + { + obj_cleanup_defer = 2; + return ; + } if (added == NULL) return; - added->down_load=0; - lh_doall(added,LHASH_DOALL_FN(cleanup1)); /* zero counters */ - lh_doall(added,LHASH_DOALL_FN(cleanup2)); /* set counters */ - lh_doall(added,LHASH_DOALL_FN(cleanup3)); /* free objects */ - lh_free(added); + lh_ADDED_OBJ_down_load(added) = 0; + lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup1)); /* zero counters */ + lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup2)); /* set counters */ + lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup3)); /* free objects */ + lh_ADDED_OBJ_free(added); added=NULL; } @@ -252,7 +267,7 @@ int OBJ_add_object(const ASN1_OBJECT *obj) { ao[i]->type=i; ao[i]->obj=o; - aop=(ADDED_OBJ *)lh_insert(added,ao[i]); + aop=lh_ADDED_OBJ_insert(added,ao[i]); /* memory leak, buit should not normally matter */ if (aop != NULL) OPENSSL_free(aop); @@ -292,7 +307,7 @@ ASN1_OBJECT *OBJ_nid2obj(int n) ad.type=ADDED_NID; ad.obj= &ob; ob.nid=n; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); + adp=lh_ADDED_OBJ_retrieve(added,&ad); if (adp != NULL) return(adp->obj); else @@ -324,7 +339,7 @@ const char *OBJ_nid2sn(int n) ad.type=ADDED_NID; ad.obj= &ob; ob.nid=n; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); + adp=lh_ADDED_OBJ_retrieve(added,&ad); if (adp != NULL) return(adp->obj->sn); else @@ -356,7 +371,7 @@ const char *OBJ_nid2ln(int n) ad.type=ADDED_NID; ad.obj= &ob; ob.nid=n; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); + adp=lh_ADDED_OBJ_retrieve(added,&ad); if (adp != NULL) return(adp->obj->ln); else @@ -367,9 +382,22 @@ const char *OBJ_nid2ln(int n) } } +static int obj_cmp(const ASN1_OBJECT * const *ap, const unsigned int *bp) + { + int j; + const ASN1_OBJECT *a= *ap; + const ASN1_OBJECT *b= &nid_objs[*bp]; + + j=(a->length - b->length); + if (j) return(j); + return(memcmp(a->data,b->data,a->length)); + } + +IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj); + int OBJ_obj2nid(const ASN1_OBJECT *a) { - ASN1_OBJECT **op; + const unsigned int *op; ADDED_OBJ ad,*adp; if (a == NULL) @@ -381,14 +409,13 @@ int OBJ_obj2nid(const ASN1_OBJECT *a) { ad.type=ADDED_DATA; ad.obj=(ASN1_OBJECT *)a; /* XXX: ugly but harmless */ - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); + adp=lh_ADDED_OBJ_retrieve(added,&ad); if (adp != NULL) return (adp->obj->nid); } - op=(ASN1_OBJECT **)OBJ_bsearch((const char *)&a,(const char *)obj_objs, - NUM_OBJ, sizeof(ASN1_OBJECT *),obj_cmp); + op=OBJ_bsearch_obj(&a, obj_objs, NUM_OBJ); if (op == NULL) return(NID_undef); - return((*op)->nid); + return(nid_objs[*op].nid); } /* Convert an object name into an ASN1_OBJECT @@ -441,7 +468,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) int i,n=0,len,nid, first, use_bn; BIGNUM *bl; unsigned long l; - unsigned char *p; + const unsigned char *p; char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; if ((a == NULL) || (a->data == NULL)) { @@ -456,10 +483,13 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) s=OBJ_nid2ln(nid); if (s == NULL) s=OBJ_nid2sn(nid); - if (buf) - BUF_strlcpy(buf,s,buf_len); - n=strlen(s); - return n; + if (s) + { + if (buf) + BUF_strlcpy(buf,s,buf_len); + n=strlen(s); + return n; + } } @@ -607,62 +637,56 @@ int OBJ_txt2nid(const char *s) int OBJ_ln2nid(const char *s) { - ASN1_OBJECT o,*oo= &o,**op; + ASN1_OBJECT o; + const ASN1_OBJECT *oo= &o; ADDED_OBJ ad,*adp; + const unsigned int *op; o.ln=s; if (added != NULL) { ad.type=ADDED_LNAME; ad.obj= &o; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); + adp=lh_ADDED_OBJ_retrieve(added,&ad); if (adp != NULL) return (adp->obj->nid); } - op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs, NUM_LN, - sizeof(ASN1_OBJECT *),ln_cmp); + op=OBJ_bsearch_ln(&oo, ln_objs, NUM_LN); if (op == NULL) return(NID_undef); - return((*op)->nid); + return(nid_objs[*op].nid); } int OBJ_sn2nid(const char *s) { - ASN1_OBJECT o,*oo= &o,**op; + ASN1_OBJECT o; + const ASN1_OBJECT *oo= &o; ADDED_OBJ ad,*adp; + const unsigned int *op; o.sn=s; if (added != NULL) { ad.type=ADDED_SNAME; ad.obj= &o; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); + adp=lh_ADDED_OBJ_retrieve(added,&ad); if (adp != NULL) return (adp->obj->nid); } - op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN, - sizeof(ASN1_OBJECT *),sn_cmp); + op=OBJ_bsearch_sn(&oo, sn_objs, NUM_SN); if (op == NULL) return(NID_undef); - return((*op)->nid); + return(nid_objs[*op].nid); } -static int obj_cmp(const void *ap, const void *bp) - { - int j; - const ASN1_OBJECT *a= *(ASN1_OBJECT * const *)ap; - const ASN1_OBJECT *b= *(ASN1_OBJECT * const *)bp; - - j=(a->length - b->length); - if (j) return(j); - return(memcmp(a->data,b->data,a->length)); - } - -const char *OBJ_bsearch(const char *key, const char *base, int num, int size, - int (*cmp)(const void *, const void *)) +const void *OBJ_bsearch_(const void *key, const void *base, int num, int size, + int (*cmp)(const void *, const void *)) { - return OBJ_bsearch_ex(key, base, num, size, cmp, 0); + return OBJ_bsearch_ex_(key, base, num, size, cmp, 0); } -const char *OBJ_bsearch_ex(const char *key, const char *base, int num, - int size, int (*cmp)(const void *, const void *), int flags) +const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num, + int size, + int (*cmp)(const void *, const void *), + int flags) { + const char *base=base_; int l,h,i=0,c=0; const char *p = NULL; diff --git a/src/lib/libcrypto/objects/obj_dat.pl b/src/lib/libcrypto/objects/obj_dat.pl index 7de2f77afd..c67f71c327 100644 --- a/src/lib/libcrypto/objects/obj_dat.pl +++ b/src/lib/libcrypto/objects/obj_dat.pl @@ -2,9 +2,7 @@ # fixes bug in floating point emulation on sparc64 when # this script produces off-by-one output on sparc64 -eval 'use integer;'; - -print STDERR "Warning: perl module integer not found.\n" if ($@); +use integer; sub obj_cmp { @@ -150,13 +148,13 @@ for ($i=0; $i<$n; $i++) @a=grep(defined($sn{$nid{$_}}),0 .. $n); foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a) { - push(@sn,sprintf("&(nid_objs[%2d]),/* \"$sn{$nid{$_}}\" */\n",$_)); + push(@sn,sprintf("%2d,\t/* \"$sn{$nid{$_}}\" */\n",$_)); } @a=grep(defined($ln{$nid{$_}}),0 .. $n); foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a) { - push(@ln,sprintf("&(nid_objs[%2d]),/* \"$ln{$nid{$_}}\" */\n",$_)); + push(@ln,sprintf("%2d,\t/* \"$ln{$nid{$_}}\" */\n",$_)); } @a=grep(defined($obj{$nid{$_}}),0 .. $n); @@ -166,7 +164,7 @@ foreach (sort obj_cmp @a) $v=$objd{$m}; $v =~ s/L//g; $v =~ s/,/ /g; - push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v)); + push(@ob,sprintf("%2d,\t/* %-32s %s */\n",$_,$m,$v)); } print OUT <<'EOF'; @@ -241,11 +239,11 @@ printf OUT "#define NUM_SN %d\n",$#sn+1; printf OUT "#define NUM_LN %d\n",$#ln+1; printf OUT "#define NUM_OBJ %d\n\n",$#ob+1; -printf OUT "static unsigned char lvalues[%d]={\n",$lvalues+1; +printf OUT "static const unsigned char lvalues[%d]={\n",$lvalues+1; print OUT @lvalues; print OUT "};\n\n"; -printf OUT "static ASN1_OBJECT nid_objs[NUM_NID]={\n"; +printf OUT "static const ASN1_OBJECT nid_objs[NUM_NID]={\n"; foreach (@out) { if (length($_) > 75) @@ -269,15 +267,15 @@ foreach (@out) } print OUT "};\n\n"; -printf OUT "static ASN1_OBJECT *sn_objs[NUM_SN]={\n"; +printf OUT "static const unsigned int sn_objs[NUM_SN]={\n"; print OUT @sn; print OUT "};\n\n"; -printf OUT "static ASN1_OBJECT *ln_objs[NUM_LN]={\n"; +printf OUT "static const unsigned int ln_objs[NUM_LN]={\n"; print OUT @ln; print OUT "};\n\n"; -printf OUT "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n"; +printf OUT "static const unsigned int obj_objs[NUM_OBJ]={\n"; print OUT @ob; print OUT "};\n\n"; diff --git a/src/lib/libcrypto/objects/obj_err.c b/src/lib/libcrypto/objects/obj_err.c index 12b48850c6..2e7a034c3f 100644 --- a/src/lib/libcrypto/objects/obj_err.c +++ b/src/lib/libcrypto/objects/obj_err.c @@ -1,6 +1,6 @@ /* crypto/objects/obj_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/src/lib/libcrypto/objects/obj_lib.c b/src/lib/libcrypto/objects/obj_lib.c index 706fa0b0e7..23e9d48cdf 100644 --- a/src/lib/libcrypto/objects/obj_lib.c +++ b/src/lib/libcrypto/objects/obj_lib.c @@ -66,7 +66,8 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) { ASN1_OBJECT *r; int i; - char *ln=NULL; + char *ln=NULL,*sn=NULL; + unsigned char *data=NULL; if (o == NULL) return(NULL); if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC)) @@ -79,42 +80,42 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB); return(NULL); } - r->data=OPENSSL_malloc(o->length); - if (r->data == NULL) + data=OPENSSL_malloc(o->length); + if (data == NULL) goto err; if (o->data != NULL) - memcpy(r->data,o->data,o->length); + memcpy(data,o->data,o->length); + /* once data attached to object it remains const */ + r->data = data; r->length=o->length; r->nid=o->nid; r->ln=r->sn=NULL; if (o->ln != NULL) { i=strlen(o->ln)+1; - r->ln=ln=OPENSSL_malloc(i); - if (r->ln == NULL) goto err; + ln=OPENSSL_malloc(i); + if (ln == NULL) goto err; memcpy(ln,o->ln,i); + r->ln=ln; } if (o->sn != NULL) { - char *s; - i=strlen(o->sn)+1; - r->sn=s=OPENSSL_malloc(i); - if (r->sn == NULL) goto err; - memcpy(s,o->sn,i); + sn=OPENSSL_malloc(i); + if (sn == NULL) goto err; + memcpy(sn,o->sn,i); + r->sn=sn; } r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC| ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA); return(r); err: OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE); - if (r != NULL) - { - if (ln != NULL) OPENSSL_free(ln); - if (r->data != NULL) OPENSSL_free(r->data); - OPENSSL_free(r); - } + if (ln != NULL) OPENSSL_free(ln); + if (sn != NULL) OPENSSL_free(sn); + if (data != NULL) OPENSSL_free(data); + if (r != NULL) OPENSSL_free(r); return(NULL); } diff --git a/src/lib/libcrypto/objects/obj_mac.num b/src/lib/libcrypto/objects/obj_mac.num index e3f56bc52c..8c50aac27f 100644 --- a/src/lib/libcrypto/objects/obj_mac.num +++ b/src/lib/libcrypto/objects/obj_mac.num @@ -856,3 +856,37 @@ hmac 855 LocalKeySet 856 freshest_crl 857 id_on_permanentIdentifier 858 +searchGuide 859 +businessCategory 860 +postalAddress 861 +postOfficeBox 862 +physicalDeliveryOfficeName 863 +telephoneNumber 864 +telexNumber 865 +teletexTerminalIdentifier 866 +facsimileTelephoneNumber 867 +x121Address 868 +internationaliSDNNumber 869 +registeredAddress 870 +destinationIndicator 871 +preferredDeliveryMethod 872 +presentationAddress 873 +supportedApplicationContext 874 +member 875 +owner 876 +roleOccupant 877 +seeAlso 878 +userPassword 879 +userCertificate 880 +cACertificate 881 +authorityRevocationList 882 +certificateRevocationList 883 +crossCertificatePair 884 +enhancedSearchGuide 885 +protocolInformation 886 +distinguishedName 887 +uniqueMember 888 +houseIdentifier 889 +supportedAlgorithms 890 +deltaRevocationList 891 +dmdName 892 diff --git a/src/lib/libcrypto/objects/objects.h b/src/lib/libcrypto/objects/objects.h index 7242f76fb0..bd0ee52feb 100644 --- a/src/lib/libcrypto/objects/objects.h +++ b/src/lib/libcrypto/objects/objects.h @@ -1011,10 +1011,91 @@ int OBJ_txt2nid(const char *s); int OBJ_ln2nid(const char *s); int OBJ_sn2nid(const char *s); int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b); -const char * OBJ_bsearch(const char *key,const char *base,int num,int size, - int (*cmp)(const void *, const void *)); -const char * OBJ_bsearch_ex(const char *key,const char *base,int num, - int size, int (*cmp)(const void *, const void *), int flags); +const void * OBJ_bsearch_(const void *key,const void *base,int num,int size, + int (*cmp)(const void *, const void *)); +const void * OBJ_bsearch_ex_(const void *key,const void *base,int num, + int size, + int (*cmp)(const void *, const void *), + int flags); + +#define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm) \ + static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \ + static int nm##_cmp(type1 const *, type2 const *); \ + scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) + +#define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp) \ + _DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp) +#define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \ + type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) + +/* + * Unsolved problem: if a type is actually a pointer type, like + * nid_triple is, then its impossible to get a const where you need + * it. Consider: + * + * typedef int nid_triple[3]; + * const void *a_; + * const nid_triple const *a = a_; + * + * The assignement discards a const because what you really want is: + * + * const int const * const *a = a_; + * + * But if you do that, you lose the fact that a is an array of 3 ints, + * which breaks comparison functions. + * + * Thus we end up having to cast, sadly, or unpack the + * declarations. Or, as I finally did in this case, delcare nid_triple + * to be a struct, which it should have been in the first place. + * + * Ben, August 2008. + * + * Also, strictly speaking not all types need be const, but handling + * the non-constness means a lot of complication, and in practice + * comparison routines do always not touch their arguments. + */ + +#define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm) \ + static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \ + { \ + type1 const *a = a_; \ + type2 const *b = b_; \ + return nm##_cmp(a,b); \ + } \ + static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \ + { \ + return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \ + nm##_cmp_BSEARCH_CMP_FN); \ + } \ + extern void dummy_prototype(void) + +#define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \ + static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \ + { \ + type1 const *a = a_; \ + type2 const *b = b_; \ + return nm##_cmp(a,b); \ + } \ + type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \ + { \ + return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \ + nm##_cmp_BSEARCH_CMP_FN); \ + } \ + extern void dummy_prototype(void) + +#define OBJ_bsearch(type1,key,type2,base,num,cmp) \ + ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \ + num,sizeof(type2), \ + ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \ + (void)CHECKED_PTR_OF(type2,cmp##_type_2), \ + cmp##_BSEARCH_CMP_FN))) + +#define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags) \ + ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \ + num,sizeof(type2), \ + ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \ + (void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \ + cmp##_BSEARCH_CMP_FN)),flags) int OBJ_new_nid(int num); int OBJ_add_object(const ASN1_OBJECT *obj); @@ -1022,6 +1103,14 @@ int OBJ_create(const char *oid,const char *sn,const char *ln); void OBJ_cleanup(void ); int OBJ_create_objects(BIO *in); +int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid); +int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid); +int OBJ_add_sigid(int signid, int dig_id, int pkey_id); +void OBJ_sigid_free(void); + +extern int obj_cleanup_defer; +void check_defer(int nid); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. diff --git a/src/lib/libcrypto/objects/objects.pl b/src/lib/libcrypto/objects/objects.pl index 76bb8da677..d2bf659d88 100644 --- a/src/lib/libcrypto/objects/objects.pl +++ b/src/lib/libcrypto/objects/objects.pl @@ -14,6 +14,8 @@ while() $Cname =~ s/^X//; if (defined($nidn{$mynum})) { die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; } + if (defined($nid{$Cname})) + { die "$ARGV[1]:$o:There's already an object with name ",$Cname," on line ",$order{$nid{$Cname}},"\n"; } $nid{$Cname} = $mynum; $nidn{$mynum} = $Cname; $order{$mynum} = $o; @@ -102,6 +104,7 @@ while () $max_nid++; $nid{$Cname} = $max_nid; $nidn{$max_nid} = $Cname; +print STDERR "Added OID $Cname\n"; } $Cname=""; } diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt index a6a811b8e7..e61fe60cbf 100644 --- a/src/lib/libcrypto/objects/objects.txt +++ b/src/lib/libcrypto/objects/objects.txt @@ -20,7 +20,7 @@ identified-organization 132 : certicom-arc joint-iso-itu-t 23 : international-organizations : International Organizations international-organizations 43 : wap -wap 13 : wap-wsg +wap 1 : wap-wsg joint-iso-itu-t 5 1 5 : selected-attribute-types : Selected Attribute Types @@ -664,18 +664,52 @@ X509 5 : : serialNumber X509 6 : C : countryName X509 7 : L : localityName X509 8 : ST : stateOrProvinceName -X509 9 : : streetAddress +X509 9 : street : streetAddress X509 10 : O : organizationName X509 11 : OU : organizationalUnitName -X509 12 : : title +X509 12 : title : title X509 13 : : description -X509 17 : : postalCode +X509 14 : : searchGuide +X509 15 : : businessCategory +X509 16 : : postalAddress +X509 17 : : postalCode +X509 18 : : postOfficeBox +X509 19 : : physicalDeliveryOfficeName +X509 20 : : telephoneNumber +X509 21 : : telexNumber +X509 22 : : teletexTerminalIdentifier +X509 23 : : facsimileTelephoneNumber +X509 24 : : x121Address +X509 25 : : internationaliSDNNumber +X509 26 : : registeredAddress +X509 27 : : destinationIndicator +X509 28 : : preferredDeliveryMethod +X509 29 : : presentationAddress +X509 30 : : supportedApplicationContext +X509 31 : member : +X509 32 : owner : +X509 33 : : roleOccupant +X509 34 : seeAlso : +X509 35 : : userPassword +X509 36 : : userCertificate +X509 37 : : cACertificate +X509 38 : : authorityRevocationList +X509 39 : : certificateRevocationList +X509 40 : : crossCertificatePair X509 41 : name : name X509 42 : GN : givenName -X509 43 : : initials +X509 43 : initials : initials X509 44 : : generationQualifier X509 45 : : x500UniqueIdentifier X509 46 : dnQualifier : dnQualifier +X509 47 : : enhancedSearchGuide +X509 48 : : protocolInformation +X509 49 : : distinguishedName +X509 50 : : uniqueMember +X509 51 : : houseIdentifier +X509 52 : : supportedAlgorithms +X509 53 : : deltaRevocationList +X509 54 : dmdName : X509 65 : : pseudonym X509 72 : role : role diff --git a/src/lib/libcrypto/ocsp/Makefile.ssl b/src/lib/libcrypto/ocsp/Makefile.ssl deleted file mode 100644 index 02477be538..0000000000 --- a/src/lib/libcrypto/ocsp/Makefile.ssl +++ /dev/null @@ -1,293 +0,0 @@ -# -# OpenSSL/ocsp/Makefile.ssl -# - -DIR= ocsp -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile README -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_ht.c ocsp_lib.c ocsp_cl.c \ - ocsp_srv.c ocsp_prn.c ocsp_vfy.c ocsp_err.c - -LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_ht.o ocsp_lib.o ocsp_cl.o \ - ocsp_srv.o ocsp_prn.o ocsp_vfy.o ocsp_err.o - -SRC= $(LIBSRC) - -EXHEADER= ocsp.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile ; - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -ocsp_asn.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -ocsp_asn.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_asn.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_asn.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_asn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h -ocsp_asn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_asn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_asn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -ocsp_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -ocsp_asn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h -ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_asn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_asn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_asn.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_asn.o: ../../include/openssl/x509v3.h ocsp_asn.c -ocsp_cl.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_cl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_cl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_cl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -ocsp_cl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_cl.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_cl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_cl.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_cl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_cl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -ocsp_cl.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h -ocsp_cl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ocsp_cl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -ocsp_cl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -ocsp_cl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_cl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_cl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c -ocsp_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_err.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -ocsp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -ocsp_err.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h -ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_err.o: ../../include/openssl/x509v3.h ocsp_err.c -ocsp_ext.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -ocsp_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -ocsp_ext.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h -ocsp_ext.o: ../../include/openssl/opensslconf.h -ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -ocsp_ext.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -ocsp_ext.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -ocsp_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -ocsp_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ocsp_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ocsp_ext.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -ocsp_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -ocsp_ext.o: ../cryptlib.h ocsp_ext.c -ocsp_ht.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_ht.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_ht.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_ht.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_ht.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_ht.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_ht.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_ht.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_ht.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_ht.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_ht.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h -ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_ht.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_ht.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_ht.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_ht.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_ht.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_ht.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_ht.o: ../../include/openssl/x509v3.h ocsp_ht.c -ocsp_lib.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -ocsp_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_lib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h -ocsp_lib.o: ../../include/openssl/opensslconf.h -ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -ocsp_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -ocsp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -ocsp_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -ocsp_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ocsp_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ocsp_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -ocsp_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -ocsp_lib.o: ../cryptlib.h ocsp_lib.c -ocsp_prn.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_prn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_prn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_prn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -ocsp_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -ocsp_prn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h -ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_prn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_prn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_prn.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_prn.o: ../../include/openssl/x509v3.h ocsp_prn.c -ocsp_srv.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_srv.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_srv.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_srv.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_srv.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_srv.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_srv.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_srv.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_srv.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -ocsp_srv.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h -ocsp_srv.o: ../../include/openssl/opensslconf.h -ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -ocsp_srv.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -ocsp_srv.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -ocsp_srv.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -ocsp_srv.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ocsp_srv.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ocsp_srv.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -ocsp_srv.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -ocsp_srv.o: ../cryptlib.h ocsp_srv.c -ocsp_vfy.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_vfy.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_vfy.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_vfy.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_vfy.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_vfy.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_vfy.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_vfy.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -ocsp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -ocsp_vfy.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h -ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_vfy.o: ../../include/openssl/x509v3.h ocsp_vfy.c diff --git a/src/lib/libcrypto/ocsp/ocsp.h b/src/lib/libcrypto/ocsp/ocsp.h index a0577a717e..31e45744ba 100644 --- a/src/lib/libcrypto/ocsp/ocsp.h +++ b/src/lib/libcrypto/ocsp/ocsp.h @@ -64,6 +64,7 @@ #ifndef HEADER_OCSP_H #define HEADER_OCSP_H +#include #include #include #include @@ -394,17 +395,20 @@ typedef struct ocsp_service_locator_st #define ASN1_BIT_STRING_digest(data,type,md,len) \ ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len) -#define OCSP_CERTID_dup(cid) ASN1_dup_of(OCSP_CERTID,i2d_OCSP_CERTID,d2i_OCSP_CERTID,cid) - #define OCSP_CERTSTATUS_dup(cs)\ (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\ (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs)) +OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id); + OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req); OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, int maxline); int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx); void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx); +int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req); +int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx, + const char *name, const char *value); OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer); @@ -474,11 +478,6 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags); -ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, - void *data, STACK_OF(ASN1_OBJECT) *sk); -#define ASN1_STRING_encode_of(type,s,i2d,data,sk) \ - ASN1_STRING_encode(s, CHECKED_I2D_OF(type, i2d), data, sk) - X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim); X509_EXTENSION *OCSP_accept_responses_new(char **oids); @@ -547,9 +546,9 @@ DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO) DECLARE_ASN1_FUNCTIONS(OCSP_CRLID) DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC) -char *OCSP_response_status_str(long s); -char *OCSP_cert_status_str(long s); -char *OCSP_crl_reason_str(long s); +const char *OCSP_response_status_str(long s); +const char *OCSP_cert_status_str(long s); +const char *OCSP_crl_reason_str(long s); int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags); int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags); @@ -582,7 +581,8 @@ void ERR_load_OCSP_strings(void); #define OCSP_F_OCSP_REQUEST_VERIFY 116 #define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111 #define OCSP_F_OCSP_SENDREQ_BIO 112 -#define OCSP_F_PARSE_HTTP_LINE1 117 +#define OCSP_F_OCSP_SENDREQ_NBIO 117 +#define OCSP_F_PARSE_HTTP_LINE1 118 #define OCSP_F_REQUEST_VERIFY 113 /* Reason codes. */ diff --git a/src/lib/libcrypto/ocsp/ocsp_cl.c b/src/lib/libcrypto/ocsp/ocsp_cl.c index 17bab5fc59..9c14d9da27 100644 --- a/src/lib/libcrypto/ocsp/ocsp_cl.c +++ b/src/lib/libcrypto/ocsp/ocsp_cl.c @@ -155,7 +155,6 @@ int OCSP_request_sign(OCSP_REQUEST *req, goto err; if (!(req->optionalSignature = sig = OCSP_SIGNATURE_new())) goto err; - if (!dgst) dgst = EVP_sha1(); if (key) { if (!X509_check_private_key(signer, key)) diff --git a/src/lib/libcrypto/ocsp/ocsp_err.c b/src/lib/libcrypto/ocsp/ocsp_err.c index d2f2e79f44..0cedcea682 100644 --- a/src/lib/libcrypto/ocsp/ocsp_err.c +++ b/src/lib/libcrypto/ocsp/ocsp_err.c @@ -1,6 +1,6 @@ /* crypto/ocsp/ocsp_err.c */ /* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -86,6 +86,7 @@ static ERR_STRING_DATA OCSP_str_functs[]= {ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"}, {ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"}, {ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO), "OCSP_sendreq_bio"}, +{ERR_FUNC(OCSP_F_OCSP_SENDREQ_NBIO), "OCSP_sendreq_nbio"}, {ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1), "PARSE_HTTP_LINE1"}, {ERR_FUNC(OCSP_F_REQUEST_VERIFY), "REQUEST_VERIFY"}, {0,NULL} diff --git a/src/lib/libcrypto/ocsp/ocsp_ext.c b/src/lib/libcrypto/ocsp/ocsp_ext.c index 815cc29d58..ec884cb08f 100644 --- a/src/lib/libcrypto/ocsp/ocsp_ext.c +++ b/src/lib/libcrypto/ocsp/ocsp_ext.c @@ -264,7 +264,7 @@ int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc) } /* also CRL Entry Extensions */ - +#if 0 ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, void *data, STACK_OF(ASN1_OBJECT) *sk) { @@ -305,6 +305,7 @@ err: if (b) OPENSSL_free(b); return NULL; } +#endif /* Nonce handling functions */ @@ -442,17 +443,10 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim) if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim))) goto err; } - if (!(x = X509_EXTENSION_new())) goto err; - if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) goto err; - if (!(ASN1_STRING_encode_of(OCSP_CRLID,x->value,i2d_OCSP_CRLID,cid, - NULL))) - goto err; - OCSP_CRLID_free(cid); - return x; + x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid); err: - if (x) X509_EXTENSION_free(x); if (cid) OCSP_CRLID_free(cid); - return NULL; + return x; } /* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */ @@ -470,18 +464,10 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids) sk_ASN1_OBJECT_push(sk, o); oids++; } - if (!(x = X509_EXTENSION_new())) goto err; - if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses))) - goto err; - if (!(ASN1_STRING_encode_of(ASN1_OBJECT,x->value,i2d_ASN1_OBJECT,NULL, - sk))) - goto err; - sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); - return x; + x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk); err: - if (x) X509_EXTENSION_free(x); if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); - return NULL; + return x; } /* ArchiveCutoff ::= GeneralizedTime */ @@ -492,16 +478,10 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char* tim) if (!(gt = ASN1_GENERALIZEDTIME_new())) goto err; if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err; - if (!(x = X509_EXTENSION_new())) goto err; - if (!(x->object=OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))goto err; - if (!(ASN1_STRING_encode_of(ASN1_GENERALIZEDTIME,x->value, - i2d_ASN1_GENERALIZEDTIME,gt,NULL))) goto err; - ASN1_GENERALIZEDTIME_free(gt); - return x; + x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt); err: if (gt) ASN1_GENERALIZEDTIME_free(gt); - if (x) X509_EXTENSION_free(x); - return NULL; + return x; } /* per ACCESS_DESCRIPTION parameter are oids, of which there are currently @@ -530,16 +510,9 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls) if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err; urls++; } - if (!(x = X509_EXTENSION_new())) goto err; - if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator))) - goto err; - if (!(ASN1_STRING_encode_of(OCSP_SERVICELOC,x->value, - i2d_OCSP_SERVICELOC,sloc,NULL))) goto err; - OCSP_SERVICELOC_free(sloc); - return x; + x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc); err: - if (x) X509_EXTENSION_free(x); if (sloc) OCSP_SERVICELOC_free(sloc); - return NULL; + return x; } diff --git a/src/lib/libcrypto/ocsp/ocsp_ht.c b/src/lib/libcrypto/ocsp/ocsp_ht.c index 6abb30b2c0..12bbfcffd1 100644 --- a/src/lib/libcrypto/ocsp/ocsp_ht.c +++ b/src/lib/libcrypto/ocsp/ocsp_ht.c @@ -118,39 +118,65 @@ void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx) OPENSSL_free(rctx); } -OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, - int maxline) +int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req) { - static char post_hdr[] = "POST %s HTTP/1.0\r\n" + static const char req_hdr[] = "Content-Type: application/ocsp-request\r\n" "Content-Length: %d\r\n\r\n"; + if (BIO_printf(rctx->mem, req_hdr, i2d_OCSP_REQUEST(req, NULL)) <= 0) + return 0; + if (i2d_OCSP_REQUEST_bio(rctx->mem, req) <= 0) + return 0; + rctx->state = OHS_ASN1_WRITE; + rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL); + return 1; + } + +int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx, + const char *name, const char *value) + { + if (!name) + return 0; + if (BIO_puts(rctx->mem, name) <= 0) + return 0; + if (value) + { + if (BIO_write(rctx->mem, ": ", 2) != 2) + return 0; + if (BIO_puts(rctx->mem, value) <= 0) + return 0; + } + if (BIO_write(rctx->mem, "\r\n", 2) != 2) + return 0; + return 1; + } + +OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, + int maxline) + { + static const char post_hdr[] = "POST %s HTTP/1.0\r\n"; OCSP_REQ_CTX *rctx; rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX)); - rctx->state = OHS_FIRSTLINE; + rctx->state = OHS_ERROR; rctx->mem = BIO_new(BIO_s_mem()); rctx->io = io; + rctx->asn1_len = 0; if (maxline > 0) rctx->iobuflen = maxline; else rctx->iobuflen = OCSP_MAX_LINE_LEN; rctx->iobuf = OPENSSL_malloc(rctx->iobuflen); + if (!rctx->iobuf) + return 0; if (!path) path = "/"; - if (BIO_printf(rctx->mem, post_hdr, path, - i2d_OCSP_REQUEST(req, NULL)) <= 0) - { - rctx->state = OHS_ERROR; + if (BIO_printf(rctx->mem, post_hdr, path) <= 0) return 0; - } - if (i2d_OCSP_REQUEST_bio(rctx->mem, req) <= 0) - { - rctx->state = OHS_ERROR; + + if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) return 0; - } - rctx->state = OHS_ASN1_WRITE; - rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL); return rctx; } diff --git a/src/lib/libcrypto/ocsp/ocsp_lib.c b/src/lib/libcrypto/ocsp/ocsp_lib.c index 27450811d7..36905d76cd 100644 --- a/src/lib/libcrypto/ocsp/ocsp_lib.c +++ b/src/lib/libcrypto/ocsp/ocsp_lib.c @@ -69,6 +69,7 @@ #include #include #include +#include /* Convert a certificate and its issuer to an OCSP_CERTID */ @@ -260,3 +261,5 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss return 0; } + +IMPLEMENT_ASN1_DUP_FUNCTION(OCSP_CERTID) diff --git a/src/lib/libcrypto/ocsp/ocsp_prn.c b/src/lib/libcrypto/ocsp/ocsp_prn.c index 3dfb51c1e4..1695c9c4ad 100644 --- a/src/lib/libcrypto/ocsp/ocsp_prn.c +++ b/src/lib/libcrypto/ocsp/ocsp_prn.c @@ -85,21 +85,21 @@ static int ocsp_certid_print(BIO *bp, OCSP_CERTID* a, int indent) typedef struct { long t; - char *m; + const char *m; } OCSP_TBLSTR; -static char *table2string(long s, OCSP_TBLSTR *ts, int len) +static const char *table2string(long s, const OCSP_TBLSTR *ts, int len) { - OCSP_TBLSTR *p; + const OCSP_TBLSTR *p; for (p=ts; p < ts + len; p++) if (p->t == s) return p->m; return "(UNKNOWN)"; } -char *OCSP_response_status_str(long s) +const char *OCSP_response_status_str(long s) { - static OCSP_TBLSTR rstat_tbl[] = { + static const OCSP_TBLSTR rstat_tbl[] = { { OCSP_RESPONSE_STATUS_SUCCESSFUL, "successful" }, { OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, "malformedrequest" }, { OCSP_RESPONSE_STATUS_INTERNALERROR, "internalerror" }, @@ -109,18 +109,18 @@ char *OCSP_response_status_str(long s) return table2string(s, rstat_tbl, 6); } -char *OCSP_cert_status_str(long s) +const char *OCSP_cert_status_str(long s) { - static OCSP_TBLSTR cstat_tbl[] = { + static const OCSP_TBLSTR cstat_tbl[] = { { V_OCSP_CERTSTATUS_GOOD, "good" }, { V_OCSP_CERTSTATUS_REVOKED, "revoked" }, { V_OCSP_CERTSTATUS_UNKNOWN, "unknown" } }; return table2string(s, cstat_tbl, 3); } -char *OCSP_crl_reason_str(long s) +const char *OCSP_crl_reason_str(long s) { - OCSP_TBLSTR reason_tbl[] = { + static const OCSP_TBLSTR reason_tbl[] = { { OCSP_REVOKED_STATUS_UNSPECIFIED, "unspecified" }, { OCSP_REVOKED_STATUS_KEYCOMPROMISE, "keyCompromise" }, { OCSP_REVOKED_STATUS_CACOMPROMISE, "cACompromise" }, @@ -266,15 +266,16 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags) if (!ASN1_GENERALIZEDTIME_print(bp,single->nextUpdate)) goto err; } - if (!BIO_write(bp,"\n",1)) goto err; + if (BIO_write(bp,"\n",1) <= 0) goto err; if (!X509V3_extensions_print(bp, "Response Single Extensions", single->singleExtensions, flags, 8)) goto err; - if (!BIO_write(bp,"\n",1)) goto err; + if (BIO_write(bp,"\n",1) <= 0) goto err; } if (!X509V3_extensions_print(bp, "Response Extensions", rd->responseExtensions, flags, 4)) + goto err; if(X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= 0) goto err; diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c index 4a0c3870d8..415d67e61c 100644 --- a/src/lib/libcrypto/ocsp/ocsp_vfy.c +++ b/src/lib/libcrypto/ocsp/ocsp_vfy.c @@ -308,6 +308,8 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, } mdlen = EVP_MD_size(dgst); + if (mdlen < 0) + return -1; if ((cid->issuerNameHash->length != mdlen) || (cid->issuerKeyHash->length != mdlen)) return 0; @@ -316,7 +318,7 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, return -1; if (memcmp(md, cid->issuerNameHash->data, mdlen)) return 0; - X509_pubkey_digest(cert, EVP_sha1(), md, NULL); + X509_pubkey_digest(cert, dgst, md, NULL); if (memcmp(md, cid->issuerKeyHash->data, mdlen)) return 0; diff --git a/src/lib/libcrypto/opensslconf.h.in b/src/lib/libcrypto/opensslconf.h.in index 1c77f03c3d..97e3745563 100644 --- a/src/lib/libcrypto/opensslconf.h.in +++ b/src/lib/libcrypto/opensslconf.h.in @@ -1,20 +1,5 @@ /* crypto/opensslconf.h.in */ -#ifdef OPENSSL_DOING_MAKEDEPEND - -/* Include any symbols here that have to be explicitly set to enable a feature - * that should be visible to makedepend. - * - * [Our "make depend" doesn't actually look at this, we use actual build settings - * instead; we want to make it easy to remove subdirectories with disabled algorithms.] - */ - -#ifndef OPENSSL_FIPS -#define OPENSSL_FIPS -#endif - -#endif - /* Generate 80386 code? */ #undef I386_ONLY @@ -78,14 +63,9 @@ /* Should we define BN_DIV2W here? */ /* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ #undef SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #define THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT #endif #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) diff --git a/src/lib/libcrypto/opensslv.h b/src/lib/libcrypto/opensslv.h index c6207f76b2..2fb110fa0e 100644 --- a/src/lib/libcrypto/opensslv.h +++ b/src/lib/libcrypto/opensslv.h @@ -12,7 +12,7 @@ * 0.9.3-beta2 0x00903002 (same as ...beta2-dev) * 0.9.3 0x0090300f * 0.9.3a 0x0090301f - * 0.9.4 0x0090400f + * 0.9.4 0x0090400f * 1.2.3z 0x102031af * * For continuity reasons (because 0.9.5 is already out, and is coded @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x009080bfL +#define OPENSSL_VERSION_NUMBER 0x1000001fL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8k-fips 25 Mar 2009" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0a-fips 1 Jun 2010" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8k 25 Mar 2009" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0a 1 Jun 2010" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT @@ -83,7 +83,7 @@ * should only keep the versions that are binary compatible with the current. */ #define SHLIB_VERSION_HISTORY "" -#define SHLIB_VERSION_NUMBER "0.9.8" +#define SHLIB_VERSION_NUMBER "1.0.0" #endif /* HEADER_OPENSSLV_H */ diff --git a/src/lib/libcrypto/ossl_typ.h b/src/lib/libcrypto/ossl_typ.h index 0e7a380880..12bd7014de 100644 --- a/src/lib/libcrypto/ossl_typ.h +++ b/src/lib/libcrypto/ossl_typ.h @@ -95,6 +95,8 @@ typedef int ASN1_BOOLEAN; typedef int ASN1_NULL; #endif +typedef struct asn1_pctx_st ASN1_PCTX; + #ifdef OPENSSL_SYS_WIN32 #undef X509_NAME #undef X509_EXTENSIONS @@ -122,6 +124,11 @@ typedef struct env_md_st EVP_MD; typedef struct env_md_ctx_st EVP_MD_CTX; typedef struct evp_pkey_st EVP_PKEY; +typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD; + +typedef struct evp_pkey_method_st EVP_PKEY_METHOD; +typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; + typedef struct dh_st DH; typedef struct dh_method DH_METHOD; @@ -139,11 +146,14 @@ typedef struct ecdsa_method ECDSA_METHOD; typedef struct x509_st X509; typedef struct X509_algor_st X509_ALGOR; typedef struct X509_crl_st X509_CRL; +typedef struct x509_crl_method_st X509_CRL_METHOD; +typedef struct x509_revoked_st X509_REVOKED; typedef struct X509_name_st X509_NAME; +typedef struct X509_pubkey_st X509_PUBKEY; typedef struct x509_store_st X509_STORE; typedef struct x509_store_ctx_st X509_STORE_CTX; -typedef struct ssl_st SSL; -typedef struct ssl_ctx_st SSL_CTX; + +typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO; typedef struct v3_ext_ctx X509V3_CTX; typedef struct conf_st CONF; @@ -157,12 +167,19 @@ typedef struct ui_method_st UI_METHOD; typedef struct st_ERR_FNS ERR_FNS; typedef struct engine_st ENGINE; +typedef struct ssl_st SSL; +typedef struct ssl_ctx_st SSL_CTX; typedef struct X509_POLICY_NODE_st X509_POLICY_NODE; typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL; typedef struct X509_POLICY_TREE_st X509_POLICY_TREE; typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE; +typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID; +typedef struct DIST_POINT_st DIST_POINT; +typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT; +typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS; + /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ #define DECLARE_PKCS12_STACK_OF(type) /* Nothing */ #define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */ diff --git a/src/lib/libcrypto/pem/Makefile.ssl b/src/lib/libcrypto/pem/Makefile.ssl deleted file mode 100644 index d3043eb401..0000000000 --- a/src/lib/libcrypto/pem/Makefile.ssl +++ /dev/null @@ -1,336 +0,0 @@ -# -# SSLeay/crypto/pem/Makefile -# - -DIR= pem -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \ - pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c - -LIBOBJ= pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \ - pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o - -SRC= $(LIBSRC) - -EXHEADER= pem.h pem2.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: $(EXHEADER) - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -pem_all.o: ../../e_os.h ../../include/openssl/aes.h -pem_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -pem_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_all.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c -pem_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -pem_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pem_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pem_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pem_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pem_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pem_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pem_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pem_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_err.o: pem_err.c -pem_info.o: ../../e_os.h ../../include/openssl/aes.h -pem_info.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_info.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_info.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_info.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_info.o: ../../include/openssl/opensslconf.h -pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_info.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_info.o: ../cryptlib.h pem_info.c -pem_lib.o: ../../e_os.h ../../include/openssl/aes.h -pem_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -pem_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -pem_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h -pem_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_lib.c -pem_oth.o: ../../e_os.h ../../include/openssl/aes.h -pem_oth.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_oth.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_oth.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_oth.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_oth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_oth.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_oth.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_oth.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_oth.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -pem_oth.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_oth.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_oth.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_oth.o: ../cryptlib.h pem_oth.c -pem_pk8.o: ../../e_os.h ../../include/openssl/aes.h -pem_pk8.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_pk8.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_pk8.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_pk8.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_pk8.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_pk8.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_pk8.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_pk8.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_pk8.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h -pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_pk8.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_pk8.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_pk8.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_pk8.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c -pem_pkey.o: ../../e_os.h ../../include/openssl/aes.h -pem_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_pkey.o: ../../include/openssl/opensslconf.h -pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -pem_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_pkey.o: ../cryptlib.h pem_pkey.c -pem_seal.o: ../../e_os.h ../../include/openssl/aes.h -pem_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_seal.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_seal.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_seal.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_seal.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_seal.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_seal.o: ../../include/openssl/opensslconf.h -pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_seal.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c -pem_sign.o: ../../e_os.h ../../include/openssl/aes.h -pem_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_sign.o: ../../include/openssl/opensslconf.h -pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_sign.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_sign.c -pem_x509.o: ../../e_os.h ../../include/openssl/aes.h -pem_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_x509.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_x509.o: ../../include/openssl/opensslconf.h -pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_x509.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_x509.o: ../cryptlib.h pem_x509.c -pem_xaux.o: ../../e_os.h ../../include/openssl/aes.h -pem_xaux.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_xaux.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_xaux.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_xaux.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_xaux.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_xaux.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_xaux.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_xaux.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_xaux.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_xaux.o: ../../include/openssl/opensslconf.h -pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_xaux.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_xaux.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_xaux.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_xaux.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_xaux.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_xaux.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_xaux.o: ../cryptlib.h pem_xaux.c diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h index 6c193f1cbf..8a6ababe3a 100644 --- a/src/lib/libcrypto/pem/pem.h +++ b/src/lib/libcrypto/pem/pem.h @@ -134,6 +134,7 @@ extern "C" { #define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" #define PEM_STRING_ECPARAMETERS "EC PARAMETERS" #define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" +#define PEM_STRING_PARAMETERS "PARAMETERS" #define PEM_STRING_CMS "CMS" /* Note that this structure is initialised by PEM_SealInit and cleaned up @@ -183,11 +184,8 @@ typedef struct pem_ctx_st int num_recipient; PEM_USER **recipient; -#ifndef OPENSSL_NO_STACK - STACK *x509_chain; /* certificate chain */ -#else - char *x509_chain; /* certificate chain */ -#endif + /* XXX(ben): don#t think this is used! + STACK *x509_chain; / * certificate chain */ EVP_MD *md; /* signature type */ int md_enc; /* is the md encrypted or not? */ @@ -224,28 +222,19 @@ typedef struct pem_ctx_st #define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ { \ - return (type*)PEM_ASN1_read(CHECKED_D2I_OF(type, d2i_##asn1), \ - str, fp, \ - CHECKED_PPTR_OF(type, x), \ - cb, u); \ +return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \ } #define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ int PEM_write_##name(FILE *fp, type *x) \ { \ - return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \ - str, fp, \ - CHECKED_PTR_OF(type, x), \ - NULL, NULL, 0, NULL, NULL); \ +return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \ } #define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ int PEM_write_##name(FILE *fp, const type *x) \ { \ - return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \ - str, fp, \ - CHECKED_PTR_OF(const type, x), \ - NULL, NULL, 0, NULL, NULL); \ +return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \ } #define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ @@ -253,10 +242,7 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, \ void *u) \ { \ - return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \ - str, fp, \ - CHECKED_PTR_OF(type, x), \ - enc, kstr, klen, cb, u); \ + return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ } #define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \ @@ -264,10 +250,7 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, \ void *u) \ { \ - return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \ - str, fp, \ - CHECKED_PTR_OF(const type, x), \ - enc, kstr, klen, cb, u); \ + return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ } #endif @@ -275,48 +258,33 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ #define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ { \ - return (type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i_##asn1), \ - str, bp, \ - CHECKED_PPTR_OF(type, x), \ - cb, u); \ +return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \ } #define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ int PEM_write_bio_##name(BIO *bp, type *x) \ { \ - return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \ - str, bp, \ - CHECKED_PTR_OF(type, x), \ - NULL, NULL, 0, NULL, NULL); \ +return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \ } #define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ int PEM_write_bio_##name(BIO *bp, const type *x) \ { \ - return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \ - str, bp, \ - CHECKED_PTR_OF(const type, x), \ - NULL, NULL, 0, NULL, NULL); \ +return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \ } #define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ { \ - return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \ - str, bp, \ - CHECKED_PTR_OF(type, x), \ - enc, kstr, klen, cb, u); \ + return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \ } #define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ { \ - return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \ - str, bp, \ - CHECKED_PTR_OF(const type, x), \ - enc, kstr, klen, cb, u); \ + return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \ } #define IMPLEMENT_PEM_write(name, type, str, asn1) \ @@ -353,11 +321,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ /* These are the same except they are for the declarations */ -#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_NO_FP_API) +#if defined(OPENSSL_NO_FP_API) #define DECLARE_PEM_read_fp(name, type) /**/ #define DECLARE_PEM_write_fp(name, type) /**/ -#define DECLARE_PEM_write_fp_const(name, type) /**/ #define DECLARE_PEM_write_cb_fp(name, type) /**/ #else @@ -428,138 +395,6 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ DECLARE_PEM_read(name, type) \ DECLARE_PEM_write_cb(name, type) -#ifdef SSLEAY_MACROS - -#define PEM_write_SSL_SESSION(fp,x) \ - PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \ - PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_X509(fp,x) \ - PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \ - (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \ - (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \ - NULL,NULL,0,NULL,NULL) -#define PEM_write_X509_CRL(fp,x) \ - PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \ - fp,(char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\ - (char *)x,enc,kstr,klen,cb,u) -#define PEM_write_RSAPublicKey(fp,x) \ - PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\ - PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL) -#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\ - (char *)x,enc,kstr,klen,cb,u) -#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write((int (*)())i2d_PrivateKey,\ - (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\ - bp,(char *)x,enc,kstr,klen,cb,u) -#define PEM_write_PKCS7(fp,x) \ - PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \ - (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_DHparams(fp,x) \ - PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\ - (char *)x,NULL,NULL,0,NULL,NULL) - -#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \ - PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \ - PEM_STRING_X509,fp, \ - (char *)x, NULL,NULL,0,NULL,NULL) - -#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \ - (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u) -#define PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \ - (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u) -#define PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \ - (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u) -#define PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \ - (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u) -#define PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \ - (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u) -#define PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \ - (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u) -#define PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \ - (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u) -#define PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \ - (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u) -#define PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \ - (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u) -#define PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \ - (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u) - -#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \ - (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \ - (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\ - (char **)x,cb,u) - -#define PEM_write_bio_X509(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \ - (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \ - (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \ - NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_X509_CRL(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\ - bp,(char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\ - bp,(char *)x,enc,kstr,klen,cb,u) -#define PEM_write_bio_RSAPublicKey(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \ - PEM_STRING_RSA_PUBLIC,\ - bp,(char *)x,NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\ - bp,(char *)x,enc,kstr,klen,cb,u) -#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\ - (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\ - bp,(char *)x,enc,kstr,klen,cb,u) -#define PEM_write_bio_PKCS7(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \ - (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_DHparams(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\ - bp,(char *)x,NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_DSAparams(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \ - PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL) - -#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \ - PEM_STRING_X509,bp, \ - (char *)x, NULL,NULL,0,NULL,NULL) - -#define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u) -#define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u) -#define PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u) -#define PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u) -#define PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u) -#define PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u) -#define PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u) - -#define PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u) -#define PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u) -#define PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u) - -#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \ - (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\ - (char **)x,cb,u) - -#endif - #if 1 /* "userdata": new with OpenSSL 0.9.4 */ typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata); @@ -581,40 +416,25 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char pem_password_cb *cb, void *u); void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, pem_password_cb *cb, void *u); - -#define PEM_ASN1_read_bio_of(type,d2i,name,bp,x,cb,u) \ - ((type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i), \ - name, bp, \ - CHECKED_PPTR_OF(type, x), \ - cb, u)) - -int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp,char *x, +int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp, void *x, const EVP_CIPHER *enc,unsigned char *kstr,int klen, pem_password_cb *cb, void *u); -#define PEM_ASN1_write_bio_of(type,i2d,name,bp,x,enc,kstr,klen,cb,u) \ - (PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d), \ - name, bp, \ - CHECKED_PTR_OF(type, x), \ - enc, kstr, klen, cb, u)) - STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cd, void *u); #endif -#ifndef OPENSSL_SYS_WIN16 int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,long *len); int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len); void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, pem_password_cb *cb, void *u); int PEM_ASN1_write(i2d_of_void *i2d,const char *name,FILE *fp, - char *x,const EVP_CIPHER *enc,unsigned char *kstr, + void *x,const EVP_CIPHER *enc,unsigned char *kstr, int klen,pem_password_cb *callback, void *u); STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); -#endif int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, unsigned char **ek, int *ekl, @@ -633,7 +453,6 @@ int PEM_def_callback(char *buf, int num, int w, void *key); void PEM_proc_type(char *buf, int type); void PEM_dek_info(char *buf, const char *type, int len, char *str); -#ifndef SSLEAY_MACROS #include @@ -719,7 +538,21 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, vo int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc, char *kstr,int klen, pem_password_cb *cd, void *u); -#endif /* SSLEAY_MACROS */ +EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x); +int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x); + + +EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length); +EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length); +EVP_PKEY *b2i_PrivateKey_bio(BIO *in); +EVP_PKEY *b2i_PublicKey_bio(BIO *in); +int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk); +int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk); +#ifndef OPENSSL_NO_RC4 +EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u); +int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, + pem_password_cb *cb, void *u); +#endif /* BEGIN ERROR CODES */ @@ -731,10 +564,22 @@ void ERR_load_PEM_strings(void); /* Error codes for the PEM functions. */ /* Function codes. */ +#define PEM_F_B2I_DSS 127 +#define PEM_F_B2I_PVK_BIO 128 +#define PEM_F_B2I_RSA 129 +#define PEM_F_CHECK_BITLEN_DSA 130 +#define PEM_F_CHECK_BITLEN_RSA 131 #define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120 #define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121 +#define PEM_F_DO_B2I 132 +#define PEM_F_DO_B2I_BIO 133 +#define PEM_F_DO_BLOB_HEADER 134 #define PEM_F_DO_PK8PKEY 126 #define PEM_F_DO_PK8PKEY_FP 125 +#define PEM_F_DO_PVK_BODY 135 +#define PEM_F_DO_PVK_HEADER 136 +#define PEM_F_I2B_PVK 137 +#define PEM_F_I2B_PVK_BIO 138 #define PEM_F_LOAD_IV 101 #define PEM_F_PEM_ASN1_READ 102 #define PEM_F_PEM_ASN1_READ_BIO 103 @@ -747,6 +592,7 @@ void ERR_load_PEM_strings(void); #define PEM_F_PEM_PK8PKEY 119 #define PEM_F_PEM_READ 108 #define PEM_F_PEM_READ_BIO 109 +#define PEM_F_PEM_READ_BIO_PARAMETERS 140 #define PEM_F_PEM_READ_BIO_PRIVATEKEY 123 #define PEM_F_PEM_READ_PRIVATEKEY 124 #define PEM_F_PEM_SEALFINAL 110 @@ -754,6 +600,7 @@ void ERR_load_PEM_strings(void); #define PEM_F_PEM_SIGNFINAL 112 #define PEM_F_PEM_WRITE 113 #define PEM_F_PEM_WRITE_BIO 114 +#define PEM_F_PEM_WRITE_PRIVATEKEY 139 #define PEM_F_PEM_X509_INFO_READ 115 #define PEM_F_PEM_X509_INFO_READ_BIO 116 #define PEM_F_PEM_X509_INFO_WRITE_BIO 117 @@ -763,18 +610,30 @@ void ERR_load_PEM_strings(void); #define PEM_R_BAD_DECRYPT 101 #define PEM_R_BAD_END_LINE 102 #define PEM_R_BAD_IV_CHARS 103 +#define PEM_R_BAD_MAGIC_NUMBER 116 #define PEM_R_BAD_PASSWORD_READ 104 +#define PEM_R_BAD_VERSION_NUMBER 117 +#define PEM_R_BIO_WRITE_FAILURE 118 +#define PEM_R_CIPHER_IS_NULL 127 #define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115 +#define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119 +#define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120 +#define PEM_R_INCONSISTENT_HEADER 121 +#define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122 +#define PEM_R_KEYBLOB_TOO_SHORT 123 #define PEM_R_NOT_DEK_INFO 105 #define PEM_R_NOT_ENCRYPTED 106 #define PEM_R_NOT_PROC_TYPE 107 #define PEM_R_NO_START_LINE 108 #define PEM_R_PROBLEMS_GETTING_PASSWORD 109 #define PEM_R_PUBLIC_KEY_NO_RSA 110 +#define PEM_R_PVK_DATA_TOO_SHORT 124 +#define PEM_R_PVK_TOO_SHORT 125 #define PEM_R_READ_KEY 111 #define PEM_R_SHORT_HEADER 112 #define PEM_R_UNSUPPORTED_CIPHER 113 #define PEM_R_UNSUPPORTED_ENCRYPTION 114 +#define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126 #ifdef __cplusplus } diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c index 69dd19bf2e..3e7a6093ad 100644 --- a/src/lib/libcrypto/pem/pem_all.c +++ b/src/lib/libcrypto/pem/pem_all.c @@ -110,7 +110,6 @@ */ #include -#undef SSLEAY_MACROS #include "cryptlib.h" #include #include @@ -194,49 +193,7 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, #endif -#ifdef OPENSSL_FIPS - -int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_RSA(k, x); - - ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; -} - -#ifndef OPENSSL_NO_FP_API -int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - - EVP_PKEY_set1_RSA(k, x); - - ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; -} -#endif - -#else - IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) - -#endif - IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) @@ -263,50 +220,10 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, { EVP_PKEY *pktmp; pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); - return pkey_get_dsa(pktmp, dsa); + return pkey_get_dsa(pktmp, dsa); /* will free pktmp */ } -#ifdef OPENSSL_FIPS - -int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_DSA(k, x); - - ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; -} - -#ifndef OPENSSL_NO_FP_API -int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_DSA(k, x); - ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; -} -#endif - -#else - IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) - -#endif - IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) #ifndef OPENSSL_NO_FP_API @@ -316,7 +233,7 @@ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, { EVP_PKEY *pktmp; pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); - return pkey_get_dsa(pktmp, dsa); + return pkey_get_dsa(pktmp, dsa); /* will free pktmp */ } #endif @@ -347,54 +264,13 @@ EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, { EVP_PKEY *pktmp; pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); - return pkey_get_eckey(pktmp, key); + return pkey_get_eckey(pktmp, key); /* will free pktmp */ } IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) - - -#ifdef OPENSSL_FIPS - -int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_EC_KEY(k, x); - - ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; -} - -#ifndef OPENSSL_NO_FP_API -int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_EC_KEY(k, x); - ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; -} -#endif - -#else - IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) -#endif - IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) #ifndef OPENSSL_NO_FP_API @@ -404,7 +280,7 @@ EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, { EVP_PKEY *pktmp; pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); - return pkey_get_eckey(pktmp, eckey); + return pkey_get_eckey(pktmp, eckey); /* will free pktmp */ } #endif @@ -417,66 +293,4 @@ IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) #endif - -/* The PrivateKey case is not that straightforward. - * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey) - * does not work, RSA and DSA keys have specific strings. - * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything - * appropriate.) - */ - -#ifdef OPENSSL_FIPS - -static const char *pkey_str(EVP_PKEY *x) - { - switch (x->type) - { - case EVP_PKEY_RSA: - return PEM_STRING_RSA; - - case EVP_PKEY_DSA: - return PEM_STRING_DSA; - - case EVP_PKEY_EC: - return PEM_STRING_ECPRIVATEKEY; - - default: - return NULL; - } - } - - -int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) - { - if (FIPS_mode()) - return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, - (char *)kstr, klen, cb, u); - else - return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, - pkey_str(x), bp,(char *)x,enc,kstr,klen,cb,u); - } - -#ifndef OPENSSL_NO_FP_API -int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) - { - if (FIPS_mode()) - return PEM_write_PKCS8PrivateKey(fp, x, enc, - (char *)kstr, klen, cb, u); - else - return PEM_ASN1_write((i2d_of_void *)i2d_PrivateKey, - pkey_str(x), fp,(char *)x,enc,kstr,klen,cb,u); - } -#endif - -#else -IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\ - (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey) - -#endif - IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) - diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c index 3133563d77..d644aeedd4 100644 --- a/src/lib/libcrypto/pem/pem_err.c +++ b/src/lib/libcrypto/pem/pem_err.c @@ -1,6 +1,6 @@ /* crypto/pem/pem_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,10 +70,22 @@ static ERR_STRING_DATA PEM_str_functs[]= { +{ERR_FUNC(PEM_F_B2I_DSS), "B2I_DSS"}, +{ERR_FUNC(PEM_F_B2I_PVK_BIO), "b2i_PVK_bio"}, +{ERR_FUNC(PEM_F_B2I_RSA), "B2I_RSA"}, +{ERR_FUNC(PEM_F_CHECK_BITLEN_DSA), "CHECK_BITLEN_DSA"}, +{ERR_FUNC(PEM_F_CHECK_BITLEN_RSA), "CHECK_BITLEN_RSA"}, {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"}, {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"}, +{ERR_FUNC(PEM_F_DO_B2I), "DO_B2I"}, +{ERR_FUNC(PEM_F_DO_B2I_BIO), "DO_B2I_BIO"}, +{ERR_FUNC(PEM_F_DO_BLOB_HEADER), "DO_BLOB_HEADER"}, {ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"}, {ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"}, +{ERR_FUNC(PEM_F_DO_PVK_BODY), "DO_PVK_BODY"}, +{ERR_FUNC(PEM_F_DO_PVK_HEADER), "DO_PVK_HEADER"}, +{ERR_FUNC(PEM_F_I2B_PVK), "I2B_PVK"}, +{ERR_FUNC(PEM_F_I2B_PVK_BIO), "i2b_PVK_bio"}, {ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"}, {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"}, {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"}, @@ -86,6 +98,7 @@ static ERR_STRING_DATA PEM_str_functs[]= {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"}, {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"}, {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"}, +{ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS), "PEM_read_bio_Parameters"}, {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"}, {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"}, {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"}, @@ -93,6 +106,7 @@ static ERR_STRING_DATA PEM_str_functs[]= {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"}, {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"}, {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"}, +{ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY), "PEM_WRITE_PRIVATEKEY"}, {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"}, {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"}, {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"}, @@ -105,18 +119,30 @@ static ERR_STRING_DATA PEM_str_reasons[]= {ERR_REASON(PEM_R_BAD_DECRYPT) ,"bad decrypt"}, {ERR_REASON(PEM_R_BAD_END_LINE) ,"bad end line"}, {ERR_REASON(PEM_R_BAD_IV_CHARS) ,"bad iv chars"}, +{ERR_REASON(PEM_R_BAD_MAGIC_NUMBER) ,"bad magic number"}, {ERR_REASON(PEM_R_BAD_PASSWORD_READ) ,"bad password read"}, +{ERR_REASON(PEM_R_BAD_VERSION_NUMBER) ,"bad version number"}, +{ERR_REASON(PEM_R_BIO_WRITE_FAILURE) ,"bio write failure"}, +{ERR_REASON(PEM_R_CIPHER_IS_NULL) ,"cipher is null"}, {ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),"error converting private key"}, +{ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB),"expecting private key blob"}, +{ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB),"expecting public key blob"}, +{ERR_REASON(PEM_R_INCONSISTENT_HEADER) ,"inconsistent header"}, +{ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR),"keyblob header parse error"}, +{ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT) ,"keyblob too short"}, {ERR_REASON(PEM_R_NOT_DEK_INFO) ,"not dek info"}, {ERR_REASON(PEM_R_NOT_ENCRYPTED) ,"not encrypted"}, {ERR_REASON(PEM_R_NOT_PROC_TYPE) ,"not proc type"}, {ERR_REASON(PEM_R_NO_START_LINE) ,"no start line"}, {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),"problems getting password"}, {ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA) ,"public key no rsa"}, +{ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT) ,"pvk data too short"}, +{ERR_REASON(PEM_R_PVK_TOO_SHORT) ,"pvk too short"}, {ERR_REASON(PEM_R_READ_KEY) ,"read key"}, {ERR_REASON(PEM_R_SHORT_HEADER) ,"short header"}, {ERR_REASON(PEM_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, {ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION),"unsupported encryption"}, +{ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS),"unsupported key components"}, {0,NULL} }; diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c index 3a273f6f70..1b2be527ed 100644 --- a/src/lib/libcrypto/pem/pem_info.c +++ b/src/lib/libcrypto/pem/pem_info.c @@ -98,8 +98,8 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pe long len,error=0; int ok=0; STACK_OF(X509_INFO) *ret=NULL; - unsigned int i,raw; - d2i_of_void *d2i; + unsigned int i,raw,ptype; + d2i_of_void *d2i = 0; if (sk == NULL) { @@ -116,6 +116,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pe for (;;) { raw=0; + ptype = 0; i=PEM_read_bio(bp,&name,&header,&data,&len); if (i == 0) { @@ -166,7 +167,6 @@ start: #ifndef OPENSSL_NO_RSA if (strcmp(name,PEM_STRING_RSA) == 0) { - d2i=(D2I_OF(void))d2i_RSAPrivateKey; if (xi->x_pkey != NULL) { if (!sk_X509_INFO_push(ret,xi)) goto err; @@ -178,10 +178,8 @@ start: xi->enc_len=0; xi->x_pkey=X509_PKEY_new(); - if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) - goto err; - xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA; - pp=&(xi->x_pkey->dec_pkey->pkey.rsa); + ptype=EVP_PKEY_RSA; + pp=&xi->x_pkey->dec_pkey; if ((int)strlen(header) > 10) /* assume encrypted */ raw=1; } @@ -202,10 +200,8 @@ start: xi->enc_len=0; xi->x_pkey=X509_PKEY_new(); - if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) - goto err; - xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA; - pp=&xi->x_pkey->dec_pkey->pkey.dsa; + ptype = EVP_PKEY_DSA; + pp=&xi->x_pkey->dec_pkey; if ((int)strlen(header) > 10) /* assume encrypted */ raw=1; } @@ -226,10 +222,8 @@ start: xi->enc_len=0; xi->x_pkey=X509_PKEY_new(); - if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) - goto err; - xi->x_pkey->dec_pkey->type=EVP_PKEY_EC; - pp=&(xi->x_pkey->dec_pkey->pkey.ec); + ptype = EVP_PKEY_EC; + pp=&xi->x_pkey->dec_pkey; if ((int)strlen(header) > 10) /* assume encrypted */ raw=1; } @@ -251,7 +245,15 @@ start: if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err; p=data; - if (d2i(pp,&p,len) == NULL) + if (ptype) + { + if (!d2i_PrivateKey(ptype, pp, &p, len)) + { + PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB); + goto err; + } + } + else if (d2i(pp,&p,len) == NULL) { PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB); goto err; @@ -337,6 +339,12 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, { if ( (xi->enc_data!=NULL) && (xi->enc_len>0) ) { + if (enc == NULL) + { + PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_CIPHER_IS_NULL); + goto err; + } + /* copy from weirdo names into more normal things */ iv=xi->enc_cipher.iv; data=(unsigned char *)xi->enc_data; diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c index cbafefe416..42e4861bc1 100644 --- a/src/lib/libcrypto/pem/pem_lib.c +++ b/src/lib/libcrypto/pem/pem_lib.c @@ -57,6 +57,7 @@ */ #include +#include #include "cryptlib.h" #include #include @@ -65,9 +66,13 @@ #include #include #include +#include "asn1_locl.h" #ifndef OPENSSL_NO_DES #include #endif +#ifndef OPENSSL_NO_ENGINE +#include +#endif const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT; @@ -75,6 +80,7 @@ const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT; static int load_iv(char **fromp,unsigned char *to, int num); static int check_pem(const char *nm, const char *name); +int pem_check_suffix(const char *pem_str, const char *suffix); int PEM_def_callback(char *buf, int num, int w, void *key) { @@ -99,7 +105,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key) for (;;) { - i=EVP_read_pw_string(buf,num,prompt,w); + i=EVP_read_pw_string_min(buf,MIN_LENGTH,num,prompt,w); if (i != 0) { PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); @@ -183,20 +189,54 @@ static int check_pem(const char *nm, const char *name) /* Make PEM_STRING_EVP_PKEY match any private key */ - if(!strcmp(nm,PEM_STRING_PKCS8) && - !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; - - if(!strcmp(nm,PEM_STRING_PKCS8INF) && - !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; - - if(!strcmp(nm,PEM_STRING_RSA) && - !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; + if(!strcmp(name,PEM_STRING_EVP_PKEY)) + { + int slen; + const EVP_PKEY_ASN1_METHOD *ameth; + if(!strcmp(nm,PEM_STRING_PKCS8)) + return 1; + if(!strcmp(nm,PEM_STRING_PKCS8INF)) + return 1; + slen = pem_check_suffix(nm, "PRIVATE KEY"); + if (slen > 0) + { + /* NB: ENGINE implementations wont contain + * a deprecated old private key decode function + * so don't look for them. + */ + ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen); + if (ameth && ameth->old_priv_decode) + return 1; + } + return 0; + } - if(!strcmp(nm,PEM_STRING_DSA) && - !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; + if(!strcmp(name,PEM_STRING_PARAMETERS)) + { + int slen; + const EVP_PKEY_ASN1_METHOD *ameth; + slen = pem_check_suffix(nm, "PARAMETERS"); + if (slen > 0) + { + ENGINE *e; + ameth = EVP_PKEY_asn1_find_str(&e, nm, slen); + if (ameth) + { + int r; + if (ameth->param_decode) + r = 1; + else + r = 0; +#ifndef OPENSSL_NO_ENGINE + if (e) + ENGINE_finish(e); +#endif + return r; + } + } + return 0; + } - if(!strcmp(nm,PEM_STRING_ECPRIVATEKEY) && - !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; /* Permit older strings */ if(!strcmp(nm,PEM_STRING_X509_OLD) && @@ -219,6 +259,14 @@ static int check_pem(const char *nm, const char *name) if(!strcmp(nm, PEM_STRING_PKCS7_SIGNED) && !strcmp(name, PEM_STRING_PKCS7)) return 1; +#ifndef OPENSSL_NO_CMS + if(!strcmp(nm, PEM_STRING_X509) && + !strcmp(name, PEM_STRING_CMS)) return 1; + /* Allow CMS to be read from PKCS#7 headers */ + if(!strcmp(nm, PEM_STRING_PKCS7) && + !strcmp(name, PEM_STRING_CMS)) return 1; +#endif + return 0; } @@ -264,7 +312,7 @@ err: #ifndef OPENSSL_NO_FP_API int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, - char *x, const EVP_CIPHER *enc, unsigned char *kstr, + void *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *callback, void *u) { BIO *b; @@ -283,7 +331,7 @@ int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, #endif int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, - char *x, const EVP_CIPHER *enc, unsigned char *kstr, + void *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *callback, void *u) { EVP_CIPHER_CTX ctx; @@ -782,3 +830,25 @@ err: BUF_MEM_free(dataB); return(0); } + +/* Check pem string and return prefix length. + * If for example the pem_str == "RSA PRIVATE KEY" and suffix = "PRIVATE KEY" + * the return value is 3 for the string "RSA". + */ + +int pem_check_suffix(const char *pem_str, const char *suffix) + { + int pem_len = strlen(pem_str); + int suffix_len = strlen(suffix); + const char *p; + if (suffix_len + 1 >= pem_len) + return 0; + p = pem_str + pem_len - suffix_len; + if (strcmp(p, suffix)) + return 0; + p--; + if (*p != ' ') + return 0; + return p - pem_str; + } + diff --git a/src/lib/libcrypto/pem/pem_pkey.c b/src/lib/libcrypto/pem/pem_pkey.c index 4da4c31ce5..8ecf24903b 100644 --- a/src/lib/libcrypto/pem/pem_pkey.c +++ b/src/lib/libcrypto/pem/pem_pkey.c @@ -65,7 +65,12 @@ #include #include #include +#ifndef OPENSSL_NO_ENGINE +#include +#endif +#include "asn1_locl.h" +int pem_check_suffix(const char *pem_str, const char *suffix); EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) { @@ -73,19 +78,14 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo const unsigned char *p=NULL; unsigned char *data=NULL; long len; + int slen; EVP_PKEY *ret=NULL; if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u)) return NULL; p = data; - if (strcmp(nm,PEM_STRING_RSA) == 0) - ret=d2i_PrivateKey(EVP_PKEY_RSA,x,&p,len); - else if (strcmp(nm,PEM_STRING_DSA) == 0) - ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len); - else if (strcmp(nm,PEM_STRING_ECPRIVATEKEY) == 0) - ret=d2i_PrivateKey(EVP_PKEY_EC,x,&p,len); - else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) { + if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) { PKCS8_PRIV_KEY_INFO *p8inf; p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len); if(!p8inf) goto p8err; @@ -119,7 +119,14 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo *x = ret; } PKCS8_PRIV_KEY_INFO_free(p8inf); - } + } else if ((slen = pem_check_suffix(nm, "PRIVATE KEY")) > 0) + { + const EVP_PKEY_ASN1_METHOD *ameth; + ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen); + if (!ameth || !ameth->old_priv_decode) + goto p8err; + ret=d2i_PrivateKey(ameth->pkey_id,x,&p,len); + } p8err: if (ret == NULL) PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB); @@ -130,6 +137,74 @@ err: return(ret); } +int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) + { + char pem_str[80]; + if (!x->ameth || x->ameth->priv_encode) + return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, + (char *)kstr, klen, + cb, u); + + BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str); + return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, + pem_str,bp,x,enc,kstr,klen,cb,u); + } + +EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x) + { + char *nm=NULL; + const unsigned char *p=NULL; + unsigned char *data=NULL; + long len; + int slen; + EVP_PKEY *ret=NULL; + + if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS, + bp, 0, NULL)) + return NULL; + p = data; + + if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0) + { + ret = EVP_PKEY_new(); + if (!ret) + goto err; + if (!EVP_PKEY_set_type_str(ret, nm, slen) + || !ret->ameth->param_decode + || !ret->ameth->param_decode(ret, &p, len)) + { + EVP_PKEY_free(ret); + ret = NULL; + goto err; + } + if(x) + { + if(*x) EVP_PKEY_free((EVP_PKEY *)*x); + *x = ret; + } + } +err: + if (ret == NULL) + PEMerr(PEM_F_PEM_READ_BIO_PARAMETERS,ERR_R_ASN1_LIB); + OPENSSL_free(nm); + OPENSSL_free(data); + return(ret); + } + +int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x) + { + char pem_str[80]; + if (!x->ameth || !x->ameth->param_encode) + return 0; + + BIO_snprintf(pem_str, 80, "%s PARAMETERS", x->ameth->pem_str); + return PEM_ASN1_write_bio( + (i2d_of_void *)x->ameth->param_encode, + pem_str,bp,x,NULL,NULL,0,0,NULL); + } + #ifndef OPENSSL_NO_FP_API EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u) { @@ -146,4 +221,22 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void BIO_free(b); return(ret); } + +int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) + { + BIO *b; + int ret; + + if ((b=BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) + { + PEMerr(PEM_F_PEM_WRITE_PRIVATEKEY,ERR_R_BUF_LIB); + return 0; + } + ret=PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u); + BIO_free(b); + return ret; + } + #endif diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c index 4e554e5481..59690b56ae 100644 --- a/src/lib/libcrypto/pem/pem_seal.c +++ b/src/lib/libcrypto/pem/pem_seal.c @@ -100,7 +100,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, EVP_CIPHER_CTX_init(&ctx->cipher); ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk); - if (!ret) goto err; + if (ret <= 0) goto err; /* base64 encode the keys */ for (i=0; i -#undef SSLEAY_MACROS #include "cryptlib.h" #include #include diff --git a/src/lib/libcrypto/pem/pem_xaux.c b/src/lib/libcrypto/pem/pem_xaux.c index 7cc7491009..328f796200 100644 --- a/src/lib/libcrypto/pem/pem_xaux.c +++ b/src/lib/libcrypto/pem/pem_xaux.c @@ -57,7 +57,6 @@ */ #include -#undef SSLEAY_MACROS #include "cryptlib.h" #include #include diff --git a/src/lib/libcrypto/perlasm/alpha.pl b/src/lib/libcrypto/perlasm/alpha.pl deleted file mode 100644 index 3dac571743..0000000000 --- a/src/lib/libcrypto/perlasm/alpha.pl +++ /dev/null @@ -1,434 +0,0 @@ -#!/usr/local/bin/perl - -package alpha; -use Carp qw(croak cluck); - -$label="100"; - -$n_debug=0; -$smear_regs=1; -$reg_alloc=1; - -$align="3"; -$com_start="#"; - -sub main'asm_init_output { @out=(); } -sub main'asm_get_output { return(@out); } -sub main'get_labels { return(@labels); } -sub main'external_label { push(@labels,@_); } - -# General registers - -%regs=( 'r0', '$0', - 'r1', '$1', - 'r2', '$2', - 'r3', '$3', - 'r4', '$4', - 'r5', '$5', - 'r6', '$6', - 'r7', '$7', - 'r8', '$8', - 'r9', '$22', - 'r10', '$23', - 'r11', '$24', - 'r12', '$25', - 'r13', '$27', - 'r14', '$28', - 'r15', '$21', # argc == 5 - 'r16', '$20', # argc == 4 - 'r17', '$19', # argc == 3 - 'r18', '$18', # argc == 2 - 'r19', '$17', # argc == 1 - 'r20', '$16', # argc == 0 - 'r21', '$9', # save 0 - 'r22', '$10', # save 1 - 'r23', '$11', # save 2 - 'r24', '$12', # save 3 - 'r25', '$13', # save 4 - 'r26', '$14', # save 5 - - 'a0', '$16', - 'a1', '$17', - 'a2', '$18', - 'a3', '$19', - 'a4', '$20', - 'a5', '$21', - - 's0', '$9', - 's1', '$10', - 's2', '$11', - 's3', '$12', - 's4', '$13', - 's5', '$14', - 'zero', '$31', - 'sp', '$30', - ); - -$main'reg_s0="r21"; -$main'reg_s1="r22"; -$main'reg_s2="r23"; -$main'reg_s3="r24"; -$main'reg_s4="r25"; -$main'reg_s5="r26"; - -@reg=( '$0', '$1' ,'$2' ,'$3' ,'$4' ,'$5' ,'$6' ,'$7' ,'$8', - '$22','$23','$24','$25','$20','$21','$27','$28'); - - -sub main'sub { &out3("subq",@_); } -sub main'add { &out3("addq",@_); } -sub main'mov { &out3("bis",$_[0],$_[0],$_[1]); } -sub main'or { &out3("bis",@_); } -sub main'bis { &out3("bis",@_); } -sub main'br { &out1("br",@_); } -sub main'ld { &out2("ldq",@_); } -sub main'st { &out2("stq",@_); } -sub main'cmpult { &out3("cmpult",@_); } -sub main'cmplt { &out3("cmplt",@_); } -sub main'bgt { &out2("bgt",@_); } -sub main'ble { &out2("ble",@_); } -sub main'blt { &out2("blt",@_); } -sub main'mul { &out3("mulq",@_); } -sub main'muh { &out3("umulh",@_); } - -$main'QWS=8; - -sub main'asm_add - { - push(@out,@_); - } - -sub main'asm_finish - { - &main'file_end(); - print &main'asm_get_output(); - } - -sub main'asm_init - { - ($type,$fn)=@_; - $filename=$fn; - - &main'asm_init_output(); - &main'comment("Don't even think of reading this code"); - &main'comment("It was automatically generated by $filename"); - &main'comment("Which is a perl program used to generate the alpha assember."); - &main'comment("eric "); - &main'comment(""); - - $filename =~ s/\.pl$//; - &main'file($filename); - } - -sub conv - { - local($r)=@_; - local($v); - - return($regs{$r}) if defined($regs{$r}); - return($r); - } - -sub main'QWPw - { - local($off,$reg)=@_; - - return(&main'QWP($off*8,$reg)); - } - -sub main'QWP - { - local($off,$reg)=@_; - - $ret="$off(".&conv($reg).")"; - return($ret); - } - -sub out3 - { - local($name,$p1,$p2,$p3)=@_; - - $p1=&conv($p1); - $p2=&conv($p2); - $p3=&conv($p3); - push(@out,"\t$name\t"); - $l=length($p1)+1; - push(@out,$p1.","); - $ll=3-($l+9)/8; - $tmp1=sprintf("\t" x $ll); - push(@out,$tmp1); - - $l=length($p2)+1; - push(@out,$p2.","); - $ll=3-($l+9)/8; - $tmp1=sprintf("\t" x $ll); - push(@out,$tmp1); - - push(@out,&conv($p3)."\n"); - } - -sub out2 - { - local($name,$p1,$p2,$p3)=@_; - - $p1=&conv($p1); - $p2=&conv($p2); - push(@out,"\t$name\t"); - $l=length($p1)+1; - push(@out,$p1.","); - $ll=3-($l+9)/8; - $tmp1=sprintf("\t" x $ll); - push(@out,$tmp1); - - push(@out,&conv($p2)."\n"); - } - -sub out1 - { - local($name,$p1)=@_; - - $p1=&conv($p1); - push(@out,"\t$name\t".$p1."\n"); - } - -sub out0 - { - push(@out,"\t$_[0]\n"); - } - -sub main'file - { - local($file)=@_; - - local($tmp)=<<"EOF"; - # DEC Alpha assember - # Generated from perl scripts contains in SSLeay - .file 1 "$file.s" - .set noat -EOF - push(@out,$tmp); - } - -sub main'function_begin - { - local($func)=@_; - -print STDERR "$func\n"; - local($tmp)=<<"EOF"; - .text - .align $align - .globl $func - .ent $func -${func}: -${func}..ng: - .frame \$30,0,\$26,0 - .prologue 0 -EOF - push(@out,$tmp); - $stack=0; - } - -sub main'function_end - { - local($func)=@_; - - local($tmp)=<<"EOF"; - ret \$31,(\$26),1 - .end $func -EOF - push(@out,$tmp); - $stack=0; - %label=(); - } - -sub main'function_end_A - { - local($func)=@_; - - local($tmp)=<<"EOF"; - ret \$31,(\$26),1 -EOF - push(@out,$tmp); - } - -sub main'function_end_B - { - local($func)=@_; - - $func=$under.$func; - - push(@out,"\t.end $func\n"); - $stack=0; - %label=(); - } - -sub main'wparam - { - local($num)=@_; - - if ($num < 6) - { - $num=20-$num; - return("r$num"); - } - else - { return(&main'QWP($stack+$num*8,"sp")); } - } - -sub main'stack_push - { - local($num)=@_; - $stack+=$num*8; - &main'sub("sp",$num*8,"sp"); - } - -sub main'stack_pop - { - local($num)=@_; - $stack-=$num*8; - &main'add("sp",$num*8,"sp"); - } - -sub main'swtmp - { - return(&main'QWP(($_[0])*8,"sp")); - } - -# Should use swtmp, which is above sp. Linix can trash the stack above esp -#sub main'wtmp -# { -# local($num)=@_; -# -# return(&main'QWP(-($num+1)*4,"esp","",0)); -# } - -sub main'comment - { - foreach (@_) - { - if (/^\s*$/) - { push(@out,"\n"); } - else - { push(@out,"\t$com_start $_ $com_end\n"); } - } - } - -sub main'label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}=$label; - $label++; - } - return('$'.$label{$_[0]}); - } - -sub main'set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}=$label; - $label++; - } -# push(@out,".align $align\n") if ($_[1] != 0); - push(@out,'$'."$label{$_[0]}:\n"); - } - -sub main'file_end - { - } - -sub main'data_word - { - push(@out,"\t.long $_[0]\n"); - } - -@pool_free=(); -@pool_taken=(); -$curr_num=0; -$max=0; - -sub main'init_pool - { - local($args)=@_; - local($i); - - @pool_free=(); - for ($i=(14+(6-$args)); $i >= 0; $i--) - { - push(@pool_free,"r$i"); - } - print STDERR "START :register pool:@pool_free\n"; - $curr_num=$max=0; - } - -sub main'fin_pool - { - printf STDERR "END %2d:register pool:@pool_free\n",$max; - } - -sub main'GR - { - local($r)=@_; - local($i,@n,$_); - - foreach (@pool_free) - { - if ($r ne $_) - { push(@n,$_); } - else - { - $curr_num++; - $max=$curr_num if ($curr_num > $max); - } - } - @pool_free=@n; -print STDERR "GR:@pool_free\n" if $reg_alloc; - return(@_); - } - -sub main'NR - { - local($num)=@_; - local(@ret); - - $num=1 if $num == 0; - ($#pool_free >= ($num-1)) || croak "out of registers: want $num, have @pool_free"; - while ($num > 0) - { - push(@ret,pop @pool_free); - $curr_num++; - $max=$curr_num if ($curr_num > $max); - $num-- - } - print STDERR "nr @ret\n" if $n_debug; -print STDERR "NR:@pool_free\n" if $reg_alloc; - return(@ret); - - } - -sub main'FR - { - local(@r)=@_; - local(@a,$v,$w); - - print STDERR "fr @r\n" if $n_debug; -# cluck "fr @r"; - for $w (@pool_free) - { - foreach $v (@r) - { - croak "double register free of $v (@pool_free)" if $w eq $v; - } - } - foreach $v (@r) - { - croak "bad argument to FR" if ($v !~ /^r\d+$/); - if ($smear_regs) - { unshift(@pool_free,$v); } - else { push(@pool_free,$v); } - $curr_num--; - } -print STDERR "FR:@pool_free\n" if $reg_alloc; - } -1; diff --git a/src/lib/libcrypto/perlasm/x86_64-xlate.pl b/src/lib/libcrypto/perlasm/x86_64-xlate.pl index 74153b017d..8153a92a7b 100755 --- a/src/lib/libcrypto/perlasm/x86_64-xlate.pl +++ b/src/lib/libcrypto/perlasm/x86_64-xlate.pl @@ -1,6 +1,6 @@ #!/usr/bin/env perl -# Ascetic x86_64 AT&T to MASM assembler translator by . +# Ascetic x86_64 AT&T to MASM/NASM assembler translator by . # # Why AT&T to MASM and not vice versa? Several reasons. Because AT&T # format is way easier to parse. Because it's simpler to "gear" from @@ -20,12 +20,11 @@ # Currently recognized limitations: # # - can't use multiple ops per line; -# - indirect calls and jumps are not supported; # # Dual-ABI styling rules. # -# 1. Adhere to Unix register and stack layout [see the end for -# explanation]. +# 1. Adhere to Unix register and stack layout [see cross-reference +# ABI "card" at the end for explanation]. # 2. Forget about "red zone," stick to more traditional blended # stack frame allocation. If volatile storage is actually required # that is. If not, just leave the stack as is. @@ -42,21 +41,26 @@ # 6. Don't use [or hand-code with .byte] "rep ret." "ret" mnemonic is # required to identify the spots, where to inject Win64 epilogue! # But on the pros, it's then prefixed with rep automatically:-) -# 7. Due to MASM limitations [and certain general counter-intuitivity -# of ip-relative addressing] generation of position-independent -# code is assisted by synthetic directive, .picmeup, which puts -# address of the *next* instruction into target register. +# 7. Stick to explicit ip-relative addressing. If you have to use +# GOTPCREL addressing, stick to mov symbol@GOTPCREL(%rip),%r??. +# Both are recognized and translated to proper Win64 addressing +# modes. To support legacy code a synthetic directive, .picmeup, +# is implemented. It puts address of the *next* instruction into +# target register, e.g.: # -# Example 1: # .picmeup %rax # lea .Label-.(%rax),%rax -# Example 2: -# .picmeup %rcx -# .Lpic_point: -# ... -# lea .Label-.Lpic_point(%rcx),%rbp - -my $output = shift; +# +# 8. In order to provide for structured exception handling unified +# Win64 prologue copies %rsp value to %rax. For further details +# see SEH paragraph at the end. +# 9. .init segment is allowed to contain calls to functions only. +# a. If function accepts more than 4 arguments *and* >4th argument +# is declared as non 64-bit value, do clear its upper part. + +my $flavour = shift; +my $output = shift; +if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } { my ($stddev,$stdino,@junk)=stat(STDOUT); my ($outdev,$outino,@junk)=stat($output); @@ -65,13 +69,40 @@ my $output = shift; if ($stddev!=$outdev || $stdino!=$outino); } +my $gas=1; $gas=0 if ($output =~ /\.asm$/); +my $elf=1; $elf=0 if (!$gas); +my $win64=0; +my $prefix=""; +my $decor=".L"; + my $masmref=8 + 50727*2**-32; # 8.00.50727 shipped with VS2005 -my $masm=$masmref if ($output =~ /\.asm/); -if ($masm && `ml64 2>&1` =~ m/Version ([0-9]+)\.([0-9]+)(\.([0-9]+))?/) -{ $masm=$1 + $2*2**-16 + $4*2**-32; } +my $masm=0; +my $PTR=" PTR"; + +my $nasmref=2.03; +my $nasm=0; + +if ($flavour eq "mingw64") { $gas=1; $elf=0; $win64=1; + $prefix=`echo __USER_LABEL_PREFIX__ | $ENV{CC} -E -P -`; + chomp($prefix); + } +elsif ($flavour eq "macosx") { $gas=1; $elf=0; $prefix="_"; $decor="L\$"; } +elsif ($flavour eq "masm") { $gas=0; $elf=0; $masm=$masmref; $win64=1; $decor="\$L\$"; } +elsif ($flavour eq "nasm") { $gas=0; $elf=0; $nasm=$nasmref; $win64=1; $decor="\$L\$"; $PTR=""; } +elsif (!$gas) +{ if ($ENV{ASM} =~ m/nasm/ && `nasm -v` =~ m/version ([0-9]+)\.([0-9]+)/i) + { $nasm = $1 + $2*0.01; $PTR=""; } + elsif (`ml64 2>&1` =~ m/Version ([0-9]+)\.([0-9]+)(\.([0-9]+))?/) + { $masm = $1 + $2*2**-16 + $4*2**-32; } + die "no assembler found on %PATH" if (!($nasm || $masm)); + $win64=1; + $elf=0; + $decor="\$L\$"; +} my $current_segment; my $current_function; +my %globals; { package opcode; # pick up opcodes sub re { @@ -88,8 +119,10 @@ my $current_function; if ($self->{op} =~ /^(movz)b.*/) { # movz is pain... $self->{op} = $1; $self->{sz} = "b"; - } elsif ($self->{op} =~ /call/) { - $self->{sz} = "" + } elsif ($self->{op} =~ /call|jmp/) { + $self->{sz} = ""; + } elsif ($self->{op} =~ /^p/ && $' !~ /^(ush|op)/) { # SSEn + $self->{sz} = ""; } elsif ($self->{op} =~ /([a-z]{3,})([qlwb])$/) { $self->{op} = $1; $self->{sz} = $2; @@ -105,13 +138,20 @@ my $current_function; } sub out { my $self = shift; - if (!$masm) { + if ($gas) { if ($self->{op} eq "movz") { # movz is pain... sprintf "%s%s%s",$self->{op},$self->{sz},shift; } elsif ($self->{op} =~ /^set/) { "$self->{op}"; } elsif ($self->{op} eq "ret") { - ".byte 0xf3,0xc3"; + my $epilogue = ""; + if ($win64 && $current_function->{abi} eq "svr4") { + $epilogue = "movq 8(%rsp),%rdi\n\t" . + "movq 16(%rsp),%rsi\n\t"; + } + $epilogue . ".byte 0xf3,0xc3"; + } elsif ($self->{op} eq "call" && !$elf && $current_segment eq ".init") { + ".p2align\t3\n\t.quad"; } else { "$self->{op}$self->{sz}"; } @@ -119,15 +159,25 @@ my $current_function; $self->{op} =~ s/^movz/movzx/; if ($self->{op} eq "ret") { $self->{op} = ""; - if ($current_function->{abi} eq "svr4") { - $self->{op} = "mov rdi,QWORD PTR 8[rsp]\t;WIN64 epilogue\n\t". - "mov rsi,QWORD PTR 16[rsp]\n\t"; + if ($win64 && $current_function->{abi} eq "svr4") { + $self->{op} = "mov rdi,QWORD${PTR}[8+rsp]\t;WIN64 epilogue\n\t". + "mov rsi,QWORD${PTR}[16+rsp]\n\t"; } $self->{op} .= "DB\t0F3h,0C3h\t\t;repret"; - } + } elsif ($self->{op} =~ /^(pop|push)f/) { + $self->{op} .= $self->{sz}; + } elsif ($self->{op} eq "call" && $current_segment eq ".CRT\$XCU") { + $self->{op} = "ALIGN\t8\n\tDQ"; + } $self->{op}; } } + sub mnemonic { + my $self=shift; + my $op=shift; + $self->{op}=$op if (defined($op)); + $self->{op}; + } } { package const; # pick up constants, which start with $ sub re { @@ -145,14 +195,15 @@ my $current_function; sub out { my $self = shift; - if (!$masm) { + if ($gas) { # Solaris /usr/ccs/bin/as can't handle multiplications # in $self->{value} - $self->{value} =~ s/(?{value} =~ s/(?{value} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg; sprintf "\$%s",$self->{value}; } else { - $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig; + $self->{value} =~ s/(0b[0-1]+)/oct($1)/eig; + $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm); sprintf "%s",$self->{value}; } } @@ -163,14 +214,20 @@ my $current_function; local *line = shift; undef $ret; - if ($line =~ /^([^\(,]*)\(([%\w,]+)\)/ && + # optional * ---vvv--- appears in indirect jmp/call + if ($line =~ /^(\*?)([^\(,]*)\(([%\w,]+)\)/ && !($line =~ /^PIC_(GOT|PLT)/)) { - $self->{label} = $1; - ($self->{base},$self->{index},$self->{scale})=split(/,/,$2); + $self->{asterisk} = $1; + $self->{label} = $2; + ($self->{base},$self->{index},$self->{scale})=split(/,/,$3); $self->{scale} = 1 if (!defined($self->{scale})); $ret = $self; $line = substr($line,@+[0]); $line =~ s/^\s+//; + if ($win64 && $self->{label} =~ s/\@GOTPCREL//) { + die if (opcode->mnemonic() ne "mov"); + opcode->mnemonic("lea"); + } $self->{base} =~ s/^%//; $self->{index} =~ s/^%// if (defined($self->{index})); } @@ -181,42 +238,50 @@ my $current_function; my $self = shift; my $sz = shift; + $self->{label} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei; + $self->{label} =~ s/\.L/$decor/g; + # Silently convert all EAs to 64-bit. This is required for # elder GNU assembler and results in more compact code, # *but* most importantly AES module depends on this feature! $self->{index} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/; $self->{base} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/; - if (!$masm) { + if ($gas) { # Solaris /usr/ccs/bin/as can't handle multiplications - # in $self->{label} - $self->{label} =~ s/(?{label}, new gas requires sign extension... + use integer; + $self->{label} =~ s/(?{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg; + $self->{label} =~ s/([0-9]+)/$1<<32>>32/eg; + $self->{label} =~ s/^___imp_/__imp__/ if ($flavour eq "mingw64"); if (defined($self->{index})) { - sprintf "%s(%%%s,%%%s,%d)", + sprintf "%s%s(%%%s,%%%s,%d)",$self->{asterisk}, $self->{label},$self->{base}, $self->{index},$self->{scale}; } else { - sprintf "%s(%%%s)", $self->{label},$self->{base}; + sprintf "%s%s(%%%s)", $self->{asterisk},$self->{label},$self->{base}; } } else { - %szmap = ( b=>"BYTE", w=>"WORD", l=>"DWORD", q=>"QWORD" ); + %szmap = ( b=>"BYTE$PTR", w=>"WORD$PTR", l=>"DWORD$PTR", q=>"QWORD$PTR" ); $self->{label} =~ s/\./\$/g; - $self->{label} =~ s/0x([0-9a-f]+)/0$1h/ig; + $self->{label} =~ s/(?{label} = "($self->{label})" if ($self->{label} =~ /[\*\+\-\/]/); + $sz="q" if ($self->{asterisk}); if (defined($self->{index})) { - sprintf "%s PTR %s[%s*%d+%s]",$szmap{$sz}, - $self->{label}, + sprintf "%s[%s%s*%d+%s]",$szmap{$sz}, + $self->{label}?"$self->{label}+":"", $self->{index},$self->{scale}, $self->{base}; } elsif ($self->{base} eq "rip") { - sprintf "%s PTR %s",$szmap{$sz},$self->{label}; + sprintf "%s[%s]",$szmap{$sz},$self->{label}; } else { - sprintf "%s PTR %s[%s]",$szmap{$sz}, - $self->{label},$self->{base}; + sprintf "%s[%s%s]",$szmap{$sz}, + $self->{label}?"$self->{label}+":"", + $self->{base}; } } } @@ -228,9 +293,11 @@ my $current_function; local *line = shift; undef $ret; - if ($line =~ /^%(\w+)/) { + # optional * ---vvv--- appears in indirect jmp/call + if ($line =~ /^(\*?)%(\w+)/) { bless $self,$class; - $self->{value} = $1; + $self->{asterisk} = $1; + $self->{value} = $2; $ret = $self; $line = substr($line,@+[0]); $line =~ s/^\s+//; } @@ -253,7 +320,8 @@ my $current_function; } sub out { my $self = shift; - sprintf $masm?"%s":"%%%s",$self->{value}; + if ($gas) { sprintf "%s%%%s",$self->{asterisk},$self->{value}; } + else { $self->{value}; } } } { package label; # pick up labels, which end with : @@ -262,37 +330,63 @@ my $current_function; local *line = shift; undef $ret; - if ($line =~ /(^[\.\w]+\:)/) { + if ($line =~ /(^[\.\w]+)\:/) { $self->{value} = $1; $ret = $self; $line = substr($line,@+[0]); $line =~ s/^\s+//; - $self->{value} =~ s/\.L/\$L/ if ($masm); + $self->{value} =~ s/^\.L/$decor/; } $ret; } sub out { my $self = shift; - if (!$masm) { - $self->{value}; - } elsif ($self->{value} ne "$current_function->{name}:") { - $self->{value}; - } elsif ($current_function->{abi} eq "svr4") { - my $func = "$current_function->{name} PROC\n". - " mov QWORD PTR 8[rsp],rdi\t;WIN64 prologue\n". - " mov QWORD PTR 16[rsp],rsi\n"; + if ($gas) { + my $func = ($globals{$self->{value}} or $self->{value}) . ":"; + if ($win64 && + $current_function->{name} eq $self->{value} && + $current_function->{abi} eq "svr4") { + $func .= "\n"; + $func .= " movq %rdi,8(%rsp)\n"; + $func .= " movq %rsi,16(%rsp)\n"; + $func .= " movq %rsp,%rax\n"; + $func .= "${decor}SEH_begin_$current_function->{name}:\n"; + my $narg = $current_function->{narg}; + $narg=6 if (!defined($narg)); + $func .= " movq %rcx,%rdi\n" if ($narg>0); + $func .= " movq %rdx,%rsi\n" if ($narg>1); + $func .= " movq %r8,%rdx\n" if ($narg>2); + $func .= " movq %r9,%rcx\n" if ($narg>3); + $func .= " movq 40(%rsp),%r8\n" if ($narg>4); + $func .= " movq 48(%rsp),%r9\n" if ($narg>5); + } + $func; + } elsif ($self->{value} ne "$current_function->{name}") { + $self->{value} .= ":" if ($masm && $ret!~m/^\$/); + $self->{value} . ":"; + } elsif ($win64 && $current_function->{abi} eq "svr4") { + my $func = "$current_function->{name}" . + ($nasm ? ":" : "\tPROC $current_function->{scope}") . + "\n"; + $func .= " mov QWORD${PTR}[8+rsp],rdi\t;WIN64 prologue\n"; + $func .= " mov QWORD${PTR}[16+rsp],rsi\n"; + $func .= " mov rax,rsp\n"; + $func .= "${decor}SEH_begin_$current_function->{name}:"; + $func .= ":" if ($masm); + $func .= "\n"; my $narg = $current_function->{narg}; $narg=6 if (!defined($narg)); $func .= " mov rdi,rcx\n" if ($narg>0); $func .= " mov rsi,rdx\n" if ($narg>1); $func .= " mov rdx,r8\n" if ($narg>2); $func .= " mov rcx,r9\n" if ($narg>3); - $func .= " mov r8,QWORD PTR 40[rsp]\n" if ($narg>4); - $func .= " mov r9,QWORD PTR 48[rsp]\n" if ($narg>5); + $func .= " mov r8,QWORD${PTR}[40+rsp]\n" if ($narg>4); + $func .= " mov r9,QWORD${PTR}[48+rsp]\n" if ($narg>5); $func .= "\n"; } else { - "$current_function->{name} PROC"; + "$current_function->{name}". + ($nasm ? ":" : "\tPROC $current_function->{scope}"); } } } @@ -307,13 +401,19 @@ my $current_function; $ret = $self; $line = substr($line,@+[0]); $line =~ s/^\s+//; - $self->{value} =~ s/\.L/\$L/g if ($masm); + $self->{value} =~ s/\@PLT// if (!$elf); + $self->{value} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei; + $self->{value} =~ s/\.L/$decor/g; } $ret; } sub out { my $self = shift; - $self->{value}; + if ($nasm && opcode->mnemonic()=~m/^j/) { + "NEAR ".$self->{value}; + } else { + $self->{value}; + } } } { package directive; # pick up directives, which start with . @@ -333,89 +433,181 @@ my $current_function; "%r14"=>0x01358d4c, "%r15"=>0x013d8d4c ); if ($line =~ /^\s*(\.\w+)/) { - if (!$masm) { - $self->{value} = $1; - $line =~ s/\@abi\-omnipotent/\@function/; - $line =~ s/\@function.*/\@function/; - if ($line =~ /\.picmeup\s+(%r[\w]+)/i) { - $self->{value} = sprintf "\t.long\t0x%x,0x90000000",$opcode{$1}; - } elsif ($line =~ /\.asciz\s+"(.*)"$/) { - $self->{value} = ".byte\t".join(",",unpack("C*",$1),0); - } elsif ($line =~ /\.extern/) { - $self->{value} = ""; # swallow extern - } else { - $self->{value} = $line; - } - $line = ""; - return $self; - } - $dir = $1; $ret = $self; undef $self->{value}; $line = substr($line,@+[0]); $line =~ s/^\s+//; + SWITCH: for ($dir) { - /\.(text)/ - && do { my $v=undef; - $v="$current_segment\tENDS\n" if ($current_segment); - $current_segment = "_$1\$"; - $current_segment =~ tr/[a-z]/[A-Z]/; - $v.="$current_segment\tSEGMENT "; - $v.=$masm>=$masmref ? "ALIGN(64)" : "PAGE"; - $v.=" 'CODE'"; - $self->{value} = $v; + /\.picmeup/ && do { if ($line =~ /(%r[\w]+)/i) { + $dir="\t.long"; + $line=sprintf "0x%x,0x90000000",$opcode{$1}; + } + last; + }; + /\.global|\.globl|\.extern/ + && do { $globals{$line} = $prefix . $line; + $line = $globals{$line} if ($prefix); last; }; - /\.extern/ && do { $self->{value} = "EXTRN\t".$line.":BYTE"; last; }; - /\.globl/ && do { $self->{value} = "PUBLIC\t".$line; last; }; /\.type/ && do { ($sym,$type,$narg) = split(',',$line); if ($type eq "\@function") { undef $current_function; $current_function->{name} = $sym; $current_function->{abi} = "svr4"; $current_function->{narg} = $narg; + $current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE"; } elsif ($type eq "\@abi-omnipotent") { undef $current_function; $current_function->{name} = $sym; + $current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE"; + } + $line =~ s/\@abi\-omnipotent/\@function/; + $line =~ s/\@function.*/\@function/; + last; + }; + /\.asciz/ && do { if ($line =~ /^"(.*)"$/) { + $dir = ".byte"; + $line = join(",",unpack("C*",$1),0); } last; }; + /\.rva|\.long|\.quad/ + && do { $line =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei; + $line =~ s/\.L/$decor/g; + last; + }; + } + + if ($gas) { + $self->{value} = $dir . "\t" . $line; + + if ($dir =~ /\.extern/) { + $self->{value} = ""; # swallow extern + } elsif (!$elf && $dir =~ /\.type/) { + $self->{value} = ""; + $self->{value} = ".def\t" . ($globals{$1} or $1) . ";\t" . + (defined($globals{$1})?".scl 2;":".scl 3;") . + "\t.type 32;\t.endef" + if ($win64 && $line =~ /([^,]+),\@function/); + } elsif (!$elf && $dir =~ /\.size/) { + $self->{value} = ""; + if (defined($current_function)) { + $self->{value} .= "${decor}SEH_end_$current_function->{name}:" + if ($win64 && $current_function->{abi} eq "svr4"); + undef $current_function; + } + } elsif (!$elf && $dir =~ /\.align/) { + $self->{value} = ".p2align\t" . (log($line)/log(2)); + } elsif ($dir eq ".section") { + $current_segment=$line; + if (!$elf && $current_segment eq ".init") { + if ($flavour eq "macosx") { $self->{value} = ".mod_init_func"; } + elsif ($flavour eq "mingw64") { $self->{value} = ".section\t.ctors"; } + } + } elsif ($dir =~ /\.(text|data)/) { + $current_segment=".$1"; + } + $line = ""; + return $self; + } + + # non-gas case or nasm/masm + SWITCH: for ($dir) { + /\.text/ && do { my $v=undef; + if ($nasm) { + $v="section .text code align=64\n"; + } else { + $v="$current_segment\tENDS\n" if ($current_segment); + $current_segment = ".text\$"; + $v.="$current_segment\tSEGMENT "; + $v.=$masm>=$masmref ? "ALIGN(64)" : "PAGE"; + $v.=" 'CODE'"; + } + $self->{value} = $v; + last; + }; + /\.data/ && do { my $v=undef; + if ($nasm) { + $v="section .data data align=8\n"; + } else { + $v="$current_segment\tENDS\n" if ($current_segment); + $current_segment = "_DATA"; + $v.="$current_segment\tSEGMENT"; + } + $self->{value} = $v; + last; + }; + /\.section/ && do { my $v=undef; + $line =~ s/([^,]*).*/$1/; + $line = ".CRT\$XCU" if ($line eq ".init"); + if ($nasm) { + $v="section $line"; + if ($line=~/\.([px])data/) { + $v.=" rdata align="; + $v.=$1 eq "p"? 4 : 8; + } + } else { + $v="$current_segment\tENDS\n" if ($current_segment); + $v.="$line\tSEGMENT"; + if ($line=~/\.([px])data/) { + $v.=" READONLY"; + $v.=" ALIGN(".($1 eq "p" ? 4 : 8).")" if ($masm>=$masmref); + } + } + $current_segment = $line; + $self->{value} = $v; + last; + }; + /\.extern/ && do { $self->{value} = "EXTERN\t".$line; + $self->{value} .= ":NEAR" if ($masm); + last; + }; + /\.globl|.global/ + && do { $self->{value} = $masm?"PUBLIC":"global"; + $self->{value} .= "\t".$line; + last; + }; /\.size/ && do { if (defined($current_function)) { - $self->{value}="$current_function->{name}\tENDP"; + undef $self->{value}; + if ($current_function->{abi} eq "svr4") { + $self->{value}="${decor}SEH_end_$current_function->{name}:"; + $self->{value}.=":\n" if($masm); + } + $self->{value}.="$current_function->{name}\tENDP" if($masm); undef $current_function; } last; }; /\.align/ && do { $self->{value} = "ALIGN\t".$line; last; }; - /\.(byte|value|long|quad)/ - && do { my @arr = split(',',$line); - my $sz = substr($1,0,1); + /\.(value|long|rva|quad)/ + && do { my $sz = substr($1,0,1); + my @arr = split(/,\s*/,$line); my $last = pop(@arr); my $conv = sub { my $var=shift; - if ($var=~s/0x([0-9a-f]+)/0$1h/i) { $var; } - else { sprintf"0%Xh",$var; } + $var=~s/^(0b[0-1]+)/oct($1)/eig; + $var=~s/^0x([0-9a-f]+)/0$1h/ig if ($masm); + if ($sz eq "D" && ($current_segment=~/.[px]data/ || $dir eq ".rva")) + { $var=~s/([_a-z\$\@][_a-z0-9\$\@]*)/$nasm?"$1 wrt ..imagebase":"imagerel $1"/egi; } + $var; }; - $sz =~ tr/bvlq/BWDQ/; + $sz =~ tr/bvlrq/BWDDQ/; $self->{value} = "\tD$sz\t"; for (@arr) { $self->{value} .= &$conv($_).","; } $self->{value} .= &$conv($last); last; }; - /\.picmeup/ && do { $self->{value} = sprintf"\tDD\t 0%Xh,090000000h",$opcode{$line}; - last; - }; - /\.asciz/ && do { if ($line =~ /^"(.*)"$/) { - my @str=unpack("C*",$1); - push @str,0; - while ($#str>15) { - $self->{value}.="DB\t" - .join(",",@str[0..15])."\n"; - foreach (0..15) { shift @str; } - } + /\.byte/ && do { my @str=split(/,\s*/,$line); + map(s/(0b[0-1]+)/oct($1)/eig,@str); + map(s/0x([0-9a-f]+)/0$1h/ig,@str) if ($masm); + while ($#str>15) { $self->{value}.="DB\t" - .join(",",@str) if (@str); + .join(",",@str[0..15])."\n"; + foreach (0..15) { shift @str; } } + $self->{value}.="DB\t" + .join(",",@str) if (@str); last; }; } @@ -432,6 +624,15 @@ my $current_function; print "#include \n"; +if ($nasm) { + print <<___; +default rel +___ +} elsif ($masm) { + print <<___; +OPTION DOTNAME +___ +} while($line=<>) { chomp($line); @@ -442,43 +643,42 @@ while($line=<>) { undef $label; undef $opcode; - undef $dst; - undef $src; undef $sz; + undef @args; if ($label=label->re(\$line)) { print $label->out(); } if (directive->re(\$line)) { printf "%s",directive->out(); - } elsif ($opcode=opcode->re(\$line)) { ARGUMENT: { - - if ($src=register->re(\$line)) { opcode->size($src->size()); } - elsif ($src=const->re(\$line)) { } - elsif ($src=ea->re(\$line)) { } - elsif ($src=expr->re(\$line)) { } + } elsif ($opcode=opcode->re(\$line)) { ARGUMENT: while (1) { + my $arg; - last ARGUMENT if ($line !~ /^,/); + if ($arg=register->re(\$line)) { opcode->size($arg->size()); } + elsif ($arg=const->re(\$line)) { } + elsif ($arg=ea->re(\$line)) { } + elsif ($arg=expr->re(\$line)) { } + else { last ARGUMENT; } - $line = substr($line,1); $line =~ s/^\s+//; + push @args,$arg; - if ($dst=register->re(\$line)) { opcode->size($dst->size()); } - elsif ($dst=const->re(\$line)) { } - elsif ($dst=ea->re(\$line)) { } + last ARGUMENT if ($line !~ /^,/); + $line =~ s/^,\s*//; } # ARGUMENT: $sz=opcode->size(); - if (defined($dst)) { - if (!$masm) { - printf "\t%s\t%s,%s", $opcode->out($dst->size()), - $src->out($sz),$dst->out($sz); + if ($#args>=0) { + my $insn; + if ($gas) { + $insn = $opcode->out($#args>=1?$args[$#args]->size():$sz); } else { - printf "\t%s\t%s,%s", $opcode->out(), - $dst->out($sz),$src->out($sz); + $insn = $opcode->out(); + $insn .= $sz if (map($_->out() =~ /x?mm/,@args)); + @args = reverse(@args); + undef $sz if ($nasm && $opcode->mnemonic() eq "lea"); } - } elsif (defined($src)) { - printf "\t%s\t%s",$opcode->out(),$src->out($sz); + printf "\t%s\t%s",$insn,join(",",map($_->out($sz),@args)); } else { printf "\t%s",$opcode->out(); } @@ -487,11 +687,12 @@ while($line=<>) { print $line,"\n"; } -print "\n$current_segment\tENDS\nEND\n" if ($masm); +print "\n$current_segment\tENDS\n" if ($current_segment && $masm); +print "END\n" if ($masm); close STDOUT; -################################################# + ################################################# # Cross-reference x86_64 ABI "card" # # Unix Win64 @@ -555,3 +756,161 @@ close STDOUT; # movq 16(%rsp),%rsi # endif # ret +# + ################################################# +# Win64 SEH, Structured Exception Handling. +# +# Unlike on Unix systems(*) lack of Win64 stack unwinding information +# has undesired side-effect at run-time: if an exception is raised in +# assembler subroutine such as those in question (basically we're +# referring to segmentation violations caused by malformed input +# parameters), the application is briskly terminated without invoking +# any exception handlers, most notably without generating memory dump +# or any user notification whatsoever. This poses a problem. It's +# possible to address it by registering custom language-specific +# handler that would restore processor context to the state at +# subroutine entry point and return "exception is not handled, keep +# unwinding" code. Writing such handler can be a challenge... But it's +# doable, though requires certain coding convention. Consider following +# snippet: +# +# .type function,@function +# function: +# movq %rsp,%rax # copy rsp to volatile register +# pushq %r15 # save non-volatile registers +# pushq %rbx +# pushq %rbp +# movq %rsp,%r11 +# subq %rdi,%r11 # prepare [variable] stack frame +# andq $-64,%r11 +# movq %rax,0(%r11) # check for exceptions +# movq %r11,%rsp # allocate [variable] stack frame +# movq %rax,0(%rsp) # save original rsp value +# magic_point: +# ... +# movq 0(%rsp),%rcx # pull original rsp value +# movq -24(%rcx),%rbp # restore non-volatile registers +# movq -16(%rcx),%rbx +# movq -8(%rcx),%r15 +# movq %rcx,%rsp # restore original rsp +# ret +# .size function,.-function +# +# The key is that up to magic_point copy of original rsp value remains +# in chosen volatile register and no non-volatile register, except for +# rsp, is modified. While past magic_point rsp remains constant till +# the very end of the function. In this case custom language-specific +# exception handler would look like this: +# +# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, +# CONTEXT *context,DISPATCHER_CONTEXT *disp) +# { ULONG64 *rsp = (ULONG64 *)context->Rax; +# if (context->Rip >= magic_point) +# { rsp = ((ULONG64 **)context->Rsp)[0]; +# context->Rbp = rsp[-3]; +# context->Rbx = rsp[-2]; +# context->R15 = rsp[-1]; +# } +# context->Rsp = (ULONG64)rsp; +# context->Rdi = rsp[1]; +# context->Rsi = rsp[2]; +# +# memcpy (disp->ContextRecord,context,sizeof(CONTEXT)); +# RtlVirtualUnwind(UNW_FLAG_NHANDLER,disp->ImageBase, +# dips->ControlPc,disp->FunctionEntry,disp->ContextRecord, +# &disp->HandlerData,&disp->EstablisherFrame,NULL); +# return ExceptionContinueSearch; +# } +# +# It's appropriate to implement this handler in assembler, directly in +# function's module. In order to do that one has to know members' +# offsets in CONTEXT and DISPATCHER_CONTEXT structures and some constant +# values. Here they are: +# +# CONTEXT.Rax 120 +# CONTEXT.Rcx 128 +# CONTEXT.Rdx 136 +# CONTEXT.Rbx 144 +# CONTEXT.Rsp 152 +# CONTEXT.Rbp 160 +# CONTEXT.Rsi 168 +# CONTEXT.Rdi 176 +# CONTEXT.R8 184 +# CONTEXT.R9 192 +# CONTEXT.R10 200 +# CONTEXT.R11 208 +# CONTEXT.R12 216 +# CONTEXT.R13 224 +# CONTEXT.R14 232 +# CONTEXT.R15 240 +# CONTEXT.Rip 248 +# CONTEXT.Xmm6 512 +# sizeof(CONTEXT) 1232 +# DISPATCHER_CONTEXT.ControlPc 0 +# DISPATCHER_CONTEXT.ImageBase 8 +# DISPATCHER_CONTEXT.FunctionEntry 16 +# DISPATCHER_CONTEXT.EstablisherFrame 24 +# DISPATCHER_CONTEXT.TargetIp 32 +# DISPATCHER_CONTEXT.ContextRecord 40 +# DISPATCHER_CONTEXT.LanguageHandler 48 +# DISPATCHER_CONTEXT.HandlerData 56 +# UNW_FLAG_NHANDLER 0 +# ExceptionContinueSearch 1 +# +# In order to tie the handler to the function one has to compose +# couple of structures: one for .xdata segment and one for .pdata. +# +# UNWIND_INFO structure for .xdata segment would be +# +# function_unwind_info: +# .byte 9,0,0,0 +# .rva handler +# +# This structure designates exception handler for a function with +# zero-length prologue, no stack frame or frame register. +# +# To facilitate composing of .pdata structures, auto-generated "gear" +# prologue copies rsp value to rax and denotes next instruction with +# .LSEH_begin_{function_name} label. This essentially defines the SEH +# styling rule mentioned in the beginning. Position of this label is +# chosen in such manner that possible exceptions raised in the "gear" +# prologue would be accounted to caller and unwound from latter's frame. +# End of function is marked with respective .LSEH_end_{function_name} +# label. To summarize, .pdata segment would contain +# +# .rva .LSEH_begin_function +# .rva .LSEH_end_function +# .rva function_unwind_info +# +# Reference to functon_unwind_info from .xdata segment is the anchor. +# In case you wonder why references are 32-bit .rvas and not 64-bit +# .quads. References put into these two segments are required to be +# *relative* to the base address of the current binary module, a.k.a. +# image base. No Win64 module, be it .exe or .dll, can be larger than +# 2GB and thus such relative references can be and are accommodated in +# 32 bits. +# +# Having reviewed the example function code, one can argue that "movq +# %rsp,%rax" above is redundant. It is not! Keep in mind that on Unix +# rax would contain an undefined value. If this "offends" you, use +# another register and refrain from modifying rax till magic_point is +# reached, i.e. as if it was a non-volatile register. If more registers +# are required prior [variable] frame setup is completed, note that +# nobody says that you can have only one "magic point." You can +# "liberate" non-volatile registers by denoting last stack off-load +# instruction and reflecting it in finer grade unwind logic in handler. +# After all, isn't it why it's called *language-specific* handler... +# +# Attentive reader can notice that exceptions would be mishandled in +# auto-generated "gear" epilogue. Well, exception effectively can't +# occur there, because if memory area used by it was subject to +# segmentation violation, then it would be raised upon call to the +# function (and as already mentioned be accounted to caller, which is +# not a problem). If you're still not comfortable, then define tail +# "magic point" just prior ret instruction and have handler treat it... +# +# (*) Note that we're talking about run-time, not debug-time. Lack of +# unwind information makes debugging hard on both Windows and +# Unix. "Unlike" referes to the fact that on Unix signal handler +# will always be invoked, core dumped and appropriate exit code +# returned to parent (for user notification). diff --git a/src/lib/libcrypto/perlasm/x86asm.pl b/src/lib/libcrypto/perlasm/x86asm.pl index f535c9c7fa..4756a28e59 100644 --- a/src/lib/libcrypto/perlasm/x86asm.pl +++ b/src/lib/libcrypto/perlasm/x86asm.pl @@ -1,136 +1,221 @@ -#!/usr/local/bin/perl +#!/usr/bin/env perl # require 'x86asm.pl'; -# &asm_init("cpp","des-586.pl"); -# XXX -# XXX -# main'asm_finish - -sub main'asm_finish - { - &file_end(); - &asm_finish_cpp() if $cpp; - print &asm_get_output(); - } - -sub main'asm_init - { - ($type,$fn,$i386)=@_; - $filename=$fn; - - $elf=$cpp=$coff=$aout=$win32=$netware=$mwerks=$openbsd=0; - if ( ($type eq "elf")) - { $elf=1; require "x86unix.pl"; } - elsif ( ($type eq "openbsd-elf")) - { $openbsd=$elf=1; require "x86unix.pl"; } - elsif ( ($type eq "openbsd-a.out")) - { $openbsd=1; require "x86unix.pl"; } - elsif ( ($type eq "a.out")) - { $aout=1; require "x86unix.pl"; } - elsif ( ($type eq "coff" or $type eq "gaswin")) - { $coff=1; require "x86unix.pl"; } - elsif ( ($type eq "cpp")) - { $cpp=1; require "x86unix.pl"; } - elsif ( ($type eq "win32")) - { $win32=1; require "x86ms.pl"; } - elsif ( ($type eq "win32n")) - { $win32=1; require "x86nasm.pl"; } - elsif ( ($type eq "nw-nasm")) - { $netware=1; require "x86nasm.pl"; } - elsif ( ($type eq "nw-mwasm")) - { $netware=1; $mwerks=1; require "x86nasm.pl"; } - else - { - print STDERR <<"EOF"; +# &asm_init(,"des-586.pl"[,$i386only]); +# &function_begin("foo"); +# ... +# &function_end("foo"); +# &asm_finish + +$out=(); +$i386=0; + +# AUTOLOAD is this context has quite unpleasant side effect, namely +# that typos in function calls effectively go to assembler output, +# but on the pros side we don't have to implement one subroutine per +# each opcode... +sub ::AUTOLOAD +{ my $opcode = $AUTOLOAD; + + die "more than 4 arguments passed to $opcode" if ($#_>3); + + $opcode =~ s/.*:://; + if ($opcode =~ /^push/) { $stack+=4; } + elsif ($opcode =~ /^pop/) { $stack-=4; } + + &generic($opcode,@_) or die "undefined subroutine \&$AUTOLOAD"; +} + +sub ::emit +{ my $opcode=shift; + + if ($#_==-1) { push(@out,"\t$opcode\n"); } + else { push(@out,"\t$opcode\t".join(',',@_)."\n"); } +} + +sub ::emitraw +{ my $opcode=shift; + + if ($#_==-1) { push(@out,"$opcode\n"); } + else { push(@out,"$opcode\t".join(',',@_)."\n"); } +} + +sub ::LB +{ $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'low byte'"; + $1."l"; +} +sub ::HB +{ $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'high byte'"; + $1."h"; +} +sub ::stack_push{ my $num=$_[0]*4; $stack+=$num; &sub("esp",$num); } +sub ::stack_pop { my $num=$_[0]*4; $stack-=$num; &add("esp",$num); } +sub ::blindpop { &pop($_[0]); $stack+=4; } +sub ::wparam { &DWP($stack+4*$_[0],"esp"); } +sub ::swtmp { &DWP(4*$_[0],"esp"); } + +sub ::bswap +{ if ($i386) # emulate bswap for i386 + { &comment("bswap @_"); + &xchg(&HB(@_),&LB(@_)); + &ror (@_,16); + &xchg(&HB(@_),&LB(@_)); + } + else + { &generic("bswap",@_); } +} +# These are made-up opcodes introduced over the years essentially +# by ignorance, just alias them to real ones... +sub ::movb { &mov(@_); } +sub ::xorb { &xor(@_); } +sub ::rotl { &rol(@_); } +sub ::rotr { &ror(@_); } +sub ::exch { &xchg(@_); } +sub ::halt { &hlt; } +sub ::movz { &movzx(@_); } +sub ::pushf { &pushfd; } +sub ::popf { &popfd; } + +# 3 argument instructions +sub ::movq +{ my($p1,$p2,$optimize)=@_; + + if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/) + # movq between mmx registers can sink Intel CPUs + { &::pshufw($p1,$p2,0xe4); } + else + { &::generic("movq",@_); } +} + +# label management +$lbdecor="L"; # local label decoration, set by package +$label="000"; + +sub ::islabel # see is argument is a known label +{ my $i; + foreach $i (values %label) { return $i if ($i eq $_[0]); } + $label{$_[0]}; # can be undef +} + +sub ::label # instantiate a function-scope label +{ if (!defined($label{$_[0]})) + { $label{$_[0]}="${lbdecor}${label}${_[0]}"; $label++; } + $label{$_[0]}; +} + +sub ::LABEL # instantiate a file-scope label +{ $label{$_[0]}=$_[1] if (!defined($label{$_[0]})); + $label{$_[0]}; +} + +sub ::static_label { &::LABEL($_[0],$lbdecor.$_[0]); } + +sub ::set_label_B { push(@out,"@_:\n"); } +sub ::set_label +{ my $label=&::label($_[0]); + &::align($_[1]) if ($_[1]>1); + &::set_label_B($label); + $label; +} + +sub ::wipe_labels # wipes function-scope labels +{ foreach $i (keys %label) + { delete $label{$i} if ($label{$i} =~ /^\Q${lbdecor}\E[0-9]{3}/); } +} + +# subroutine management +sub ::function_begin +{ &function_begin_B(@_); + $stack=4; + &push("ebp"); + &push("ebx"); + &push("esi"); + &push("edi"); +} + +sub ::function_end +{ &pop("edi"); + &pop("esi"); + &pop("ebx"); + &pop("ebp"); + &ret(); + &function_end_B(@_); + $stack=0; + &wipe_labels(); +} + +sub ::function_end_A +{ &pop("edi"); + &pop("esi"); + &pop("ebx"); + &pop("ebp"); + &ret(); + $stack+=16; # readjust esp as if we didn't pop anything +} + +sub ::asciz +{ my @str=unpack("C*",shift); + push @str,0; + while ($#str>15) { + &data_byte(@str[0..15]); + foreach (0..15) { shift @str; } + } + &data_byte(@str) if (@str); +} + +sub ::asm_finish +{ &file_end(); + print @out; +} + +sub ::asm_init +{ my ($type,$fn,$cpu)=@_; + + $filename=$fn; + $i386=$cpu; + + $elf=$cpp=$coff=$aout=$macosx=$win32=$netware=$mwerks=$openbsd=0; + if (($type eq "elf")) + { $elf=1; require "x86gas.pl"; } + elsif (($type eq "a\.out")) + { $aout=1; require "x86gas.pl"; } + elsif (($type eq "coff" or $type eq "gaswin")) + { $coff=1; require "x86gas.pl"; } + elsif (($type eq "win32n")) + { $win32=1; require "x86nasm.pl"; } + elsif (($type eq "nw-nasm")) + { $netware=1; require "x86nasm.pl"; } + #elsif (($type eq "nw-mwasm")) + #{ $netware=1; $mwerks=1; require "x86nasm.pl"; } + elsif (($type eq "win32")) + { $win32=1; require "x86masm.pl"; } + elsif (($type eq "macosx")) + { $aout=1; $macosx=1; require "x86gas.pl"; } + elsif (($type eq "openbsd-elf")) + { $openbsd=$elf=1; require "x86gas.pl"; } + elsif (($type eq "openbsd-a.out")) + { $openbsd=1; require "x86gas.pl"; } + else + { print STDERR <<"EOF"; Pick one target type from elf - Linux, FreeBSD, Solaris x86, etc. - a.out - OpenBSD, DJGPP, etc. + a.out - DJGPP, elder OpenBSD, etc. coff - GAS/COFF such as Win32 targets - win32 - Windows 95/Windows NT win32n - Windows 95/Windows NT NASM format openbsd-elf - OpenBSD elf openbsd-a.out - OpenBSD a.out nw-nasm - NetWare NASM format - nw-mwasm- NetWare Metrowerks Assembler + macosx - Mac OS X EOF - exit(1); - } - - $pic=0; - for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); } - - &asm_init_output(); - -&comment("Don't even think of reading this code"); -&comment("It was automatically generated by $filename"); -&comment("Which is a perl program used to generate the x86 assember for"); -&comment("any of ELF, a.out, COFF, Win32, ..."); -&comment("eric "); -&comment(""); - - $filename =~ s/\.pl$//; - &file($filename); - } - -sub asm_finish_cpp - { - return unless $cpp; - - local($tmp,$i); - foreach $i (&get_labels()) - { - $tmp.="#define $i _$i\n"; - } - print <<"EOF"; -/* Run the C pre-processor over this file with one of the following defined - * ELF - elf object files, - * OUT - a.out object files, - * BSDI - BSDI style a.out object files - * SOL - Solaris style elf - */ - -#define TYPE(a,b) .type a,b -#define SIZE(a,b) .size a,b - -#if defined(OUT) || (defined(BSDI) && !defined(ELF)) -$tmp -#endif - -#ifdef OUT -#define OK 1 -#define ALIGN 4 -#if defined(__CYGWIN__) || defined(__DJGPP__) || (__MINGW32__) -#undef SIZE -#undef TYPE -#define SIZE(a,b) -#define TYPE(a,b) .def a; .scl 2; .type 32; .endef -#endif /* __CYGWIN || __DJGPP */ -#endif - -#if defined(BSDI) && !defined(ELF) -#define OK 1 -#define ALIGN 4 -#undef SIZE -#undef TYPE -#define SIZE(a,b) -#define TYPE(a,b) -#endif - -#if defined(ELF) || defined(SOL) -#define OK 1 -#define ALIGN 16 -#endif - -#ifndef OK -You need to define one of -ELF - elf systems - linux-elf, NetBSD and DG-UX -OUT - a.out systems - linux-a.out and FreeBSD -SOL - solaris systems, which are elf with strange comment lines -BSDI - a.out with a very primative version of as. -#endif - -/* Let the Assembler begin :-) */ -EOF - } + exit(1); + } + + $pic=0; + for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); } + + ::emitraw("#include \n") if $openbsd; + $filename =~ s/\.pl$//; + &file($filename); +} 1; diff --git a/src/lib/libcrypto/perlasm/x86gas.pl b/src/lib/libcrypto/perlasm/x86gas.pl index 6eab727fd4..15e17f25d0 100644 --- a/src/lib/libcrypto/perlasm/x86gas.pl +++ b/src/lib/libcrypto/perlasm/x86gas.pl @@ -180,7 +180,16 @@ sub ::align sub ::picmeup { my($dst,$sym,$base,$reflabel)=@_; - if ($::pic && ($::elf || $::aout)) + if ($::openbsd) + { &::emitraw("#ifdef PIC"); + &::emitraw("PIC_PROLOGUE"); + &::mov($dst, &::DWP("PIC_GOT($sym)")); + &::emitraw("PIC_EPILOGUE"); + &::emitraw("#else /* PIC */"); + &::lea($dst,&::DWP($sym)); + &::emitraw("#endif /* PIC */"); + } + elsif ($::pic && ($::elf || $::aout)) { if (!defined($base)) { &::call(&::label("PIC_me_up")); &::set_label("PIC_me_up"); @@ -206,7 +215,18 @@ sub ::picmeup sub ::initseg { my $f=$nmdecor.shift; - if ($::elf) + if ($::openbsd) + { $initseg.=<<___; +.section .init +PIC_PROLOGUE + call PIC_PLT($f) +PIC_EPILOGUE + jmp .Linitalign +.align $align +.Linitalign: +___ + } + elsif ($::elf) { $initseg.=<<___; .section .init call $f diff --git a/src/lib/libcrypto/perlasm/x86ms.pl b/src/lib/libcrypto/perlasm/x86ms.pl deleted file mode 100644 index a0be2934c2..0000000000 --- a/src/lib/libcrypto/perlasm/x86ms.pl +++ /dev/null @@ -1,472 +0,0 @@ -#!/usr/local/bin/perl - -package x86ms; - -$label="L000"; - -%lb=( 'eax', 'al', - 'ebx', 'bl', - 'ecx', 'cl', - 'edx', 'dl', - 'ax', 'al', - 'bx', 'bl', - 'cx', 'cl', - 'dx', 'dl', - ); - -%hb=( 'eax', 'ah', - 'ebx', 'bh', - 'ecx', 'ch', - 'edx', 'dh', - 'ax', 'ah', - 'bx', 'bh', - 'cx', 'ch', - 'dx', 'dh', - ); - -sub main'asm_init_output { @out=(); } -sub main'asm_get_output { return(@out); } -sub main'get_labels { return(@labels); } -sub main'external_label -{ - push(@labels,@_); - foreach (@_) { - push(@out, "EXTRN\t_$_:DWORD\n"); - } -} - -sub main'LB - { - (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n"; - return($lb{$_[0]}); - } - -sub main'HB - { - (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n"; - return($hb{$_[0]}); - } - -sub main'BP - { - &get_mem("BYTE",@_); - } - -sub main'DWP - { - &get_mem("DWORD",@_); - } - -sub main'QWP - { - &get_mem("QWORD",@_); - } - -sub main'BC - { - return @_; - } - -sub main'DWC - { - return @_; - } - -sub main'stack_push - { - local($num)=@_; - $stack+=$num*4; - &main'sub("esp",$num*4); - } - -sub main'stack_pop - { - local($num)=@_; - $stack-=$num*4; - &main'add("esp",$num*4); - } - -sub get_mem - { - local($size,$addr,$reg1,$reg2,$idx)=@_; - local($t,$post); - local($ret)="$size PTR "; - - $addr =~ s/^\s+//; - if ($addr =~ /^(.+)\+(.+)$/) - { - $reg2=&conv($1); - $addr="_$2"; - } - elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i) - { - $addr="_$addr"; - } - - if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; } - - $reg1="$regs{$reg1}" if defined($regs{$reg1}); - $reg2="$regs{$reg2}" if defined($regs{$reg2}); - if (($addr ne "") && ($addr ne 0)) - { - if ($addr !~ /^-/) - { $ret.=$addr; } - else { $post=$addr; } - } - if ($reg2 ne "") - { - $t=""; - $t="*$idx" if ($idx != 0); - $reg1="+".$reg1 if ("$reg1$post" ne ""); - $ret.="[$reg2$t$reg1$post]"; - } - else - { - $ret.="[$reg1$post]" - } - $ret =~ s/\[\]//; # in case $addr was the only argument - return($ret); - } - -sub main'mov { &out2("mov",@_); } -sub main'movb { &out2("mov",@_); } -sub main'and { &out2("and",@_); } -sub main'or { &out2("or",@_); } -sub main'shl { &out2("shl",@_); } -sub main'shr { &out2("shr",@_); } -sub main'xor { &out2("xor",@_); } -sub main'xorb { &out2("xor",@_); } -sub main'add { &out2("add",@_); } -sub main'adc { &out2("adc",@_); } -sub main'sub { &out2("sub",@_); } -sub main'sbb { &out2("sbb",@_); } -sub main'rotl { &out2("rol",@_); } -sub main'rotr { &out2("ror",@_); } -sub main'exch { &out2("xchg",@_); } -sub main'cmp { &out2("cmp",@_); } -sub main'lea { &out2("lea",@_); } -sub main'mul { &out1("mul",@_); } -sub main'imul { &out2("imul",@_); } -sub main'div { &out1("div",@_); } -sub main'dec { &out1("dec",@_); } -sub main'inc { &out1("inc",@_); } -sub main'jmp { &out1("jmp",@_); } -sub main'jmp_ptr { &out1p("jmp",@_); } -sub main'je { &out1("je",@_); } -sub main'jle { &out1("jle",@_); } -sub main'jz { &out1("jz",@_); } -sub main'jge { &out1("jge",@_); } -sub main'jl { &out1("jl",@_); } -sub main'ja { &out1("ja",@_); } -sub main'jae { &out1("jae",@_); } -sub main'jb { &out1("jb",@_); } -sub main'jbe { &out1("jbe",@_); } -sub main'jc { &out1("jc",@_); } -sub main'jnc { &out1("jnc",@_); } -sub main'jnz { &out1("jnz",@_); } -sub main'jne { &out1("jne",@_); } -sub main'jno { &out1("jno",@_); } -sub main'push { &out1("push",@_); $stack+=4; } -sub main'pop { &out1("pop",@_); $stack-=4; } -sub main'pushf { &out0("pushfd"); $stack+=4; } -sub main'popf { &out0("popfd"); $stack-=4; } -sub main'bswap { &out1("bswap",@_); &using486(); } -sub main'not { &out1("not",@_); } -sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } -sub main'call_ptr { &out1p("call",@_); } -sub main'ret { &out0("ret"); } -sub main'nop { &out0("nop"); } -sub main'test { &out2("test",@_); } -sub main'bt { &out2("bt",@_); } -sub main'leave { &out0("leave"); } -sub main'cpuid { &out0("DW\t0A20Fh"); } -sub main'rdtsc { &out0("DW\t0310Fh"); } -sub main'halt { &out0("hlt"); } -sub main'movz { &out2("movzx",@_); } -sub main'neg { &out1("neg",@_); } -sub main'cld { &out0("cld"); } - -# SSE2 -sub main'emms { &out0("emms"); } -sub main'movd { &out2("movd",@_); } -sub main'movq { &out2("movq",@_); } -sub main'movdqu { &out2("movdqu",@_); } -sub main'movdqa { &out2("movdqa",@_); } -sub main'movdq2q{ &out2("movdq2q",@_); } -sub main'movq2dq{ &out2("movq2dq",@_); } -sub main'paddq { &out2("paddq",@_); } -sub main'pmuludq{ &out2("pmuludq",@_); } -sub main'psrlq { &out2("psrlq",@_); } -sub main'psllq { &out2("psllq",@_); } -sub main'pxor { &out2("pxor",@_); } -sub main'por { &out2("por",@_); } -sub main'pand { &out2("pand",@_); } - -sub out2 - { - local($name,$p1,$p2)=@_; - local($l,$t,$line); - - $line="\t$name\t"; - $t=&conv($p1).","; - $l=length($t); - $line.="$t"; - $l=4-($l+9)/8; - $line.="\t" x $l; - $line.=&conv($p2); - if ($line=~/\bxmm[0-7]\b/i) { $line=~s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i; } - push(@out,$line."\n"); - } - -sub out0 - { - local($name)=@_; - - push(@out,"\t$name\n"); - } - -sub out1 - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t".&conv($p1)."\n"); - } - -sub conv - { - local($p)=@_; - - $p =~ s/0x([0-9A-Fa-f]+)/0$1h/; - return $p; - } - -sub using486 - { - return if $using486; - $using486++; - grep(s/\.386/\.486/,@out); - } - -sub main'file - { - local($file)=@_; - - local($tmp)=<<"EOF"; - TITLE $file.asm - .386 -.model FLAT -_TEXT\$ SEGMENT PAGE 'CODE' - -EOF - push(@out,$tmp); - } - -sub main'function_begin - { - local($func,$extra)=@_; - - push(@labels,$func); - - local($tmp)=<<"EOF"; -PUBLIC _$func -$extra -_$func PROC NEAR - push ebp - push ebx - push esi - push edi -EOF - push(@out,$tmp); - $stack=20; - } - -sub main'function_begin_B - { - local($func,$extra)=@_; - - local($tmp)=<<"EOF"; -PUBLIC _$func -$extra -_$func PROC NEAR -EOF - push(@out,$tmp); - $stack=4; - } - -sub main'function_end - { - local($func)=@_; - - local($tmp)=<<"EOF"; - pop edi - pop esi - pop ebx - pop ebp - ret -_$func ENDP -EOF - push(@out,$tmp); - $stack=0; - %label=(); - } - -sub main'function_end_B - { - local($func)=@_; - - local($tmp)=<<"EOF"; -_$func ENDP -EOF - push(@out,$tmp); - $stack=0; - %label=(); - } - -sub main'function_end_A - { - local($func)=@_; - - local($tmp)=<<"EOF"; - pop edi - pop esi - pop ebx - pop ebp - ret -EOF - push(@out,$tmp); - } - -sub main'file_end - { - # try to detect if SSE2 or MMX extensions were used... - my $xmmheader=<<___; -.686 -.XMM -IF \@Version LT 800 -XMMWORD STRUCT 16 - DQ 2 dup (?) -XMMWORD ENDS -ENDIF -___ - if (grep {/\b[x]?mm[0-7]\b/i} @out) { - grep {s/\.[3-7]86/$xmmheader/} @out; - } - push(@out,"_TEXT\$ ENDS\n"); - push(@out,"END\n"); - } - -sub main'wparam - { - local($num)=@_; - - return(&main'DWP($stack+$num*4,"esp","",0)); - } - -sub main'swtmp - { - return(&main'DWP($_[0]*4,"esp","",0)); - } - -# Should use swtmp, which is above esp. Linix can trash the stack above esp -#sub main'wtmp -# { -# local($num)=@_; -# -# return(&main'DWP(-(($num+1)*4),"esp","",0)); -# } - -sub main'comment - { - foreach (@_) - { - push(@out,"\t; $_\n"); - } - } - -sub main'public_label - { - $label{$_[0]}="_$_[0]" if (!defined($label{$_[0]})); - push(@out,"PUBLIC\t$label{$_[0]}\n"); - } - -sub main'label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="\$${label}${_[0]}"; - $label++; - } - return($label{$_[0]}); - } - -sub main'set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="\$${label}${_[0]}"; - $label++; - } - if ($_[1]!=0 && $_[1]>1) - { - main'align($_[1]); - } - if((defined $_[2]) && ($_[2] == 1)) - { - push(@out,"$label{$_[0]}::\n"); - } - elsif ($label{$_[0]} !~ /^\$/) - { - push(@out,"$label{$_[0]}\tLABEL PTR\n"); - } - else - { - push(@out,"$label{$_[0]}:\n"); - } - } - -sub main'data_byte - { - push(@out,"\tDB\t".join(',',@_)."\n"); - } - -sub main'data_word - { - push(@out,"\tDD\t".join(',',@_)."\n"); - } - -sub main'align - { - push(@out,"\tALIGN\t$_[0]\n"); - } - -sub out1p - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t".&conv($p1)."\n"); - } - -sub main'picmeup - { - local($dst,$sym)=@_; - &main'lea($dst,&main'DWP($sym)); - } - -sub main'blindpop { &out1("pop",@_); } - -sub main'initseg - { - local($f)=@_; - local($tmp)=<<___; -OPTION DOTNAME -.CRT\$XCU SEGMENT DWORD PUBLIC 'DATA' -EXTRN _$f:NEAR -DD _$f -.CRT\$XCU ENDS -___ - push(@out,$tmp); - } - -1; diff --git a/src/lib/libcrypto/perlasm/x86nasm.pl b/src/lib/libcrypto/perlasm/x86nasm.pl index fa38f89c09..ce2bed9bb2 100644 --- a/src/lib/libcrypto/perlasm/x86nasm.pl +++ b/src/lib/libcrypto/perlasm/x86nasm.pl @@ -1,455 +1,166 @@ -#!/usr/local/bin/perl +#!/usr/bin/env perl package x86nasm; -$label="L000"; -$under=($main'netware)?'':'_'; +*out=\@::out; -%lb=( 'eax', 'al', - 'ebx', 'bl', - 'ecx', 'cl', - 'edx', 'dl', - 'ax', 'al', - 'bx', 'bl', - 'cx', 'cl', - 'dx', 'dl', - ); +$::lbdecor="L\$"; # local label decoration +$nmdecor=$::netware?"":"_"; # external name decoration +$drdecor=$::mwerks?".":""; # directive decoration -%hb=( 'eax', 'ah', - 'ebx', 'bh', - 'ecx', 'ch', - 'edx', 'dh', - 'ax', 'ah', - 'bx', 'bh', - 'cx', 'ch', - 'dx', 'dh', - ); +$initseg=""; -sub main'asm_init_output { @out=(); } -sub main'asm_get_output { return(@out); } -sub main'get_labels { return(@labels); } +sub ::generic +{ my $opcode=shift; + my $tmp; -sub main'external_label -{ - push(@labels,@_); - foreach (@_) { - push(@out,".") if ($main'mwerks); - push(@out, "extern\t${under}$_\n"); - } + if (!$::mwerks) + { if ($opcode =~ m/^j/o && $#_==0) # optimize jumps + { $_[0] = "NEAR $_[0]"; } + elsif ($opcode eq "lea" && $#_==1) # wipe storage qualifier from lea + { $_[1] =~ s/^[^\[]*\[/\[/o; } + } + &::emit($opcode,@_); + 1; } - -sub main'LB - { - (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n"; - return($lb{$_[0]}); - } - -sub main'HB - { - (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n"; - return($hb{$_[0]}); - } - -sub main'BP - { - &get_mem("BYTE",@_); - } - -sub main'DWP - { - &get_mem("DWORD",@_); - } - -sub main'QWP - { - &get_mem("",@_); - } - -sub main'BC - { - return (($main'mwerks)?"":"BYTE ")."@_"; - } - -sub main'DWC - { - return (($main'mwerks)?"":"DWORD ")."@_"; - } - -sub main'stack_push - { - my($num)=@_; - $stack+=$num*4; - &main'sub("esp",$num*4); - } - -sub main'stack_pop - { - my($num)=@_; - $stack-=$num*4; - &main'add("esp",$num*4); - } +# +# opcodes not covered by ::generic above, mostly inconsistent namings... +# +sub ::call { &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); } +sub ::call_ptr { &::emit("call",@_); } +sub ::jmp_ptr { &::emit("jmp",@_); } sub get_mem - { - my($size,$addr,$reg1,$reg2,$idx)=@_; - my($t,$post); - my($ret)=$size; - if ($ret ne "") - { - $ret .= " PTR" if ($main'mwerks); - $ret .= " "; - } - $ret .= "["; - $addr =~ s/^\s+//; - if ($addr =~ /^(.+)\+(.+)$/) - { - $reg2=&conv($1); - $addr="$under$2"; - } - elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i) - { - $addr="$under$addr"; - } - - if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; } - - $reg1="$regs{$reg1}" if defined($regs{$reg1}); - $reg2="$regs{$reg2}" if defined($regs{$reg2}); - if (($addr ne "") && ($addr ne 0)) - { - if ($addr !~ /^-/) - { $ret.="${addr}+"; } - else { $post=$addr; } - } - if ($reg2 ne "") - { - $t=""; - $t="*$idx" if ($idx != 0); - $reg1="+".$reg1 if ("$reg1$post" ne ""); - $ret.="$reg2$t$reg1$post]"; - } - else - { - $ret.="$reg1$post]" - } - $ret =~ s/\+\]/]/; # in case $addr was the only argument - return($ret); - } - -sub main'mov { &out2("mov",@_); } -sub main'movb { &out2("mov",@_); } -sub main'and { &out2("and",@_); } -sub main'or { &out2("or",@_); } -sub main'shl { &out2("shl",@_); } -sub main'shr { &out2("shr",@_); } -sub main'xor { &out2("xor",@_); } -sub main'xorb { &out2("xor",@_); } -sub main'add { &out2("add",@_); } -sub main'adc { &out2("adc",@_); } -sub main'sub { &out2("sub",@_); } -sub main'sbb { &out2("sbb",@_); } -sub main'rotl { &out2("rol",@_); } -sub main'rotr { &out2("ror",@_); } -sub main'exch { &out2("xchg",@_); } -sub main'cmp { &out2("cmp",@_); } -sub main'lea { &out2("lea",@_); } -sub main'mul { &out1("mul",@_); } -sub main'imul { &out2("imul",@_); } -sub main'div { &out1("div",@_); } -sub main'dec { &out1("dec",@_); } -sub main'inc { &out1("inc",@_); } -sub main'jmp { &out1("jmp",@_); } -sub main'jmp_ptr { &out1p("jmp",@_); } - -# This is a bit of a kludge: declare all branches as NEAR. -$near=($main'mwerks)?'':'NEAR'; -sub main'je { &out1("je $near",@_); } -sub main'jle { &out1("jle $near",@_); } -sub main'jz { &out1("jz $near",@_); } -sub main'jge { &out1("jge $near",@_); } -sub main'jl { &out1("jl $near",@_); } -sub main'ja { &out1("ja $near",@_); } -sub main'jae { &out1("jae $near",@_); } -sub main'jb { &out1("jb $near",@_); } -sub main'jbe { &out1("jbe $near",@_); } -sub main'jc { &out1("jc $near",@_); } -sub main'jnc { &out1("jnc $near",@_); } -sub main'jnz { &out1("jnz $near",@_); } -sub main'jne { &out1("jne $near",@_); } -sub main'jno { &out1("jno $near",@_); } - -sub main'push { &out1("push",@_); $stack+=4; } -sub main'pop { &out1("pop",@_); $stack-=4; } -sub main'pushf { &out0("pushfd"); $stack+=4; } -sub main'popf { &out0("popfd"); $stack-=4; } -sub main'bswap { &out1("bswap",@_); &using486(); } -sub main'not { &out1("not",@_); } -sub main'call { &out1("call",($_[0]=~/^\@L/?'':$under).$_[0]); } -sub main'call_ptr { &out1p("call",@_); } -sub main'ret { &out0("ret"); } -sub main'nop { &out0("nop"); } -sub main'test { &out2("test",@_); } -sub main'bt { &out2("bt",@_); } -sub main'leave { &out0("leave"); } -sub main'cpuid { &out0("cpuid"); } -sub main'rdtsc { &out0("rdtsc"); } -sub main'halt { &out0("hlt"); } -sub main'movz { &out2("movzx",@_); } -sub main'neg { &out1("neg",@_); } -sub main'cld { &out0("cld"); } - -# SSE2 -sub main'emms { &out0("emms"); } -sub main'movd { &out2("movd",@_); } -sub main'movq { &out2("movq",@_); } -sub main'movdqu { &out2("movdqu",@_); } -sub main'movdqa { &out2("movdqa",@_); } -sub main'movdq2q{ &out2("movdq2q",@_); } -sub main'movq2dq{ &out2("movq2dq",@_); } -sub main'paddq { &out2("paddq",@_); } -sub main'pmuludq{ &out2("pmuludq",@_); } -sub main'psrlq { &out2("psrlq",@_); } -sub main'psllq { &out2("psllq",@_); } -sub main'pxor { &out2("pxor",@_); } -sub main'por { &out2("por",@_); } -sub main'pand { &out2("pand",@_); } - -sub out2 - { - my($name,$p1,$p2)=@_; - my($l,$t); - - push(@out,"\t$name\t"); - if (!$main'mwerks and $name eq "lea") - { - $p1 =~ s/^[^\[]*\[/\[/; - $p2 =~ s/^[^\[]*\[/\[/; - } - $t=&conv($p1).","; - $l=length($t); - push(@out,$t); - $l=4-($l+9)/8; - push(@out,"\t" x $l); - push(@out,&conv($p2)); - push(@out,"\n"); - } - -sub out0 - { - my($name)=@_; - - push(@out,"\t$name\n"); - } - -sub out1 - { - my($name,$p1)=@_; - my($l,$t); - push(@out,"\t$name\t".&conv($p1)."\n"); - } - -sub conv - { - my($p)=@_; - $p =~ s/0x([0-9A-Fa-f]+)/0$1h/; - return $p; - } - -sub using486 - { - return if $using486; - $using486++; - grep(s/\.386/\.486/,@out); - } - -sub main'file - { - if ($main'mwerks) { push(@out,".section\t.text\n"); } - else { - local $tmp=<<___; -%ifdef __omf__ -section code use32 class=code +{ my($size,$addr,$reg1,$reg2,$idx)=@_; + my($post,$ret); + + if ($size ne "") + { $ret .= "$size"; + $ret .= " PTR" if ($::mwerks); + $ret .= " "; + } + $ret .= "["; + + $addr =~ s/^\s+//; + # prepend global references with optional underscore + $addr =~ s/^([^\+\-0-9][^\+\-]*)/::islabel($1) or "$nmdecor$1"/ige; + # put address arithmetic expression in parenthesis + $addr="($addr)" if ($addr =~ /^.+[\-\+].+$/); + + if (($addr ne "") && ($addr ne 0)) + { if ($addr !~ /^-/) { $ret .= "$addr+"; } + else { $post=$addr; } + } + + if ($reg2 ne "") + { $idx!=0 or $idx=1; + $ret .= "$reg2*$idx"; + $ret .= "+$reg1" if ($reg1 ne ""); + } + else + { $ret .= "$reg1"; } + + $ret .= "$post]"; + $ret =~ s/\+\]/]/; # in case $addr was the only argument + + $ret; +} +sub ::BP { &get_mem("BYTE",@_); } +sub ::DWP { &get_mem("DWORD",@_); } +sub ::QWP { &get_mem("",@_); } +sub ::BC { (($::mwerks)?"":"BYTE ")."@_"; } +sub ::DWC { (($::mwerks)?"":"DWORD ")."@_"; } + +sub ::file +{ if ($::mwerks) { push(@out,".section\t.text,64\n"); } + else + { my $tmp=<<___; +%ifidn __OUTPUT_FORMAT__,obj +section code use32 class=code align=64 +%elifidn __OUTPUT_FORMAT__,win32 +\$\@feat.00 equ 1 +section .text code align=64 %else -section .text +section .text code %endif ___ - push(@out,$tmp); - } - } - -sub main'function_begin - { - my($func,$extra)=@_; - - push(@labels,$func); - push(@out,".") if ($main'mwerks); - my($tmp)=<<"EOF"; -global $under$func -$under$func: - push ebp - push ebx - push esi - push edi -EOF - push(@out,$tmp); - $stack=20; - } - -sub main'function_begin_B - { - my($func,$extra)=@_; - push(@out,".") if ($main'mwerks); - my($tmp)=<<"EOF"; -global $under$func -$under$func: -EOF - push(@out,$tmp); - $stack=4; - } - -sub main'function_end - { - my($func)=@_; - - my($tmp)=<<"EOF"; - pop edi - pop esi - pop ebx - pop ebp - ret -EOF push(@out,$tmp); - $stack=0; - %label=(); - } - -sub main'function_end_B - { - $stack=0; - %label=(); - } - -sub main'function_end_A - { - my($func)=@_; - - my($tmp)=<<"EOF"; - pop edi - pop esi - pop ebx - pop ebp - ret -EOF - push(@out,$tmp); - } - -sub main'file_end - { - } - -sub main'wparam - { - my($num)=@_; - - return(&main'DWP($stack+$num*4,"esp","",0)); - } + } +} -sub main'swtmp - { - return(&main'DWP($_[0]*4,"esp","",0)); - } +sub ::function_begin_B +{ my $func=shift; + my $global=($func !~ /^_/); + my $begin="${::lbdecor}_${func}_begin"; -# Should use swtmp, which is above esp. Linix can trash the stack above esp -#sub main'wtmp -# { -# my($num)=@_; -# -# return(&main'DWP(-(($num+1)*4),"esp","",0)); -# } + $begin =~ s/^\@/./ if ($::mwerks); # the torture never stops -sub main'comment - { - foreach (@_) - { - push(@out,"\t; $_\n"); - } - } + &::LABEL($func,$global?"$begin":"$nmdecor$func"); + $func=$nmdecor.$func; -sub main'public_label - { - $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]})); - push(@out,".") if ($main'mwerks); - push(@out,"global\t$label{$_[0]}\n"); - } + push(@out,"${drdecor}global $func\n") if ($global); + push(@out,"${drdecor}align 16\n"); + push(@out,"$func:\n"); + push(@out,"$begin:\n") if ($global); + $::stack=4; +} -sub main'label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="\@${label}${_[0]}"; - $label++; - } - return($label{$_[0]}); - } +sub ::function_end_B +{ $::stack=0; + &::wipe_labels(); +} -sub main'set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="\@${label}${_[0]}"; - $label++; - } - if ($_[1]!=0 && $_[1]>1) - { - main'align($_[1]); - } - push(@out,"$label{$_[0]}:\n"); - } +sub ::file_end +{ if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out) + { my $comm=<<___; +${drdecor}segment .bss +${drdecor}common ${nmdecor}OPENSSL_ia32cap_P 4 +___ + # comment out OPENSSL_ia32cap_P declarations + grep {s/(^extern\s+${nmdecor}OPENSSL_ia32cap_P)/\;$1/} @out; + push (@out,$comm) + } + push (@out,$initseg) if ($initseg); +} -sub main'data_byte - { - push(@out,(($main'mwerks)?".byte\t":"DB\t").join(',',@_)."\n"); - } +sub ::comment { foreach (@_) { push(@out,"\t; $_\n"); } } -sub main'data_word - { - push(@out,(($main'mwerks)?".long\t":"DD\t").join(',',@_)."\n"); - } +sub ::external_label +{ foreach(@_) + { push(@out,"${drdecor}extern\t".&::LABEL($_,$nmdecor.$_)."\n"); } +} -sub main'align - { - push(@out,".") if ($main'mwerks); - push(@out,"align\t$_[0]\n"); - } +sub ::public_label +{ push(@out,"${drdecor}global\t".&::LABEL($_[0],$nmdecor.$_[0])."\n"); } -sub out1p - { - my($name,$p1)=@_; - my($l,$t); +sub ::data_byte +{ push(@out,(($::mwerks)?".byte\t":"db\t").join(',',@_)."\n"); } - push(@out,"\t$name\t".&conv($p1)."\n"); - } +sub ::data_word +{ push(@out,(($::mwerks)?".long\t":"dd\t").join(',',@_)."\n"); } -sub main'picmeup - { - local($dst,$sym)=@_; - &main'lea($dst,&main'DWP($sym)); - } +sub ::align +{ push(@out,"${drdecor}align\t$_[0]\n"); } -sub main'blindpop { &out1("pop",@_); } +sub ::picmeup +{ my($dst,$sym)=@_; + &::lea($dst,&::DWP($sym)); +} -sub main'initseg - { - local($f)=@_; - if ($main'win32) - { - local($tmp)=<<___; -segment .CRT\$XCU data -extern $under$f -DD $under$f +sub ::initseg +{ my $f=$nmdecor.shift; + if ($::win32) + { $initseg=<<___; +segment .CRT\$XCU data align=4 +extern $f +dd $f ___ - push(@out,$tmp); - } - } + } +} + +sub ::dataseg +{ if ($mwerks) { push(@out,".section\t.data,4\n"); } + else { push(@out,"section\t.data align=4\n"); } +} 1; diff --git a/src/lib/libcrypto/perlasm/x86unix.pl b/src/lib/libcrypto/perlasm/x86unix.pl deleted file mode 100644 index ae8f0964dc..0000000000 --- a/src/lib/libcrypto/perlasm/x86unix.pl +++ /dev/null @@ -1,808 +0,0 @@ -#!/usr/local/bin/perl - -package x86unix; # GAS actually... - -$label="L000"; -$const=""; -$constl=0; - -$align=($main'aout)?"4":"16"; -$under=($main'aout or $main'coff)?"_":""; -$dot=($main'aout)?"":"."; -$com_start="#" if ($main'aout or $main'coff); - -sub main'asm_init_output { @out=(); } -sub main'asm_get_output { return(@out); } -sub main'get_labels { return(@labels); } -sub main'external_label { push(@labels,@_); } - -if ($main'openbsd) - { - $com_start='/*'; - $com_end='*/'; - } - -if ($main'cpp) - { - $align="ALIGN"; - $under=""; - $com_start='/*'; - $com_end='*/'; - } - -%lb=( 'eax', '%al', - 'ebx', '%bl', - 'ecx', '%cl', - 'edx', '%dl', - 'ax', '%al', - 'bx', '%bl', - 'cx', '%cl', - 'dx', '%dl', - ); - -%hb=( 'eax', '%ah', - 'ebx', '%bh', - 'ecx', '%ch', - 'edx', '%dh', - 'ax', '%ah', - 'bx', '%bh', - 'cx', '%ch', - 'dx', '%dh', - ); - -%regs=( 'eax', '%eax', - 'ebx', '%ebx', - 'ecx', '%ecx', - 'edx', '%edx', - 'esi', '%esi', - 'edi', '%edi', - 'ebp', '%ebp', - 'esp', '%esp', - - 'mm0', '%mm0', - 'mm1', '%mm1', - 'mm2', '%mm2', - 'mm3', '%mm3', - 'mm4', '%mm4', - 'mm5', '%mm5', - 'mm6', '%mm6', - 'mm7', '%mm7', - - 'xmm0', '%xmm0', - 'xmm1', '%xmm1', - 'xmm2', '%xmm2', - 'xmm3', '%xmm3', - 'xmm4', '%xmm4', - 'xmm5', '%xmm5', - 'xmm6', '%xmm6', - 'xmm7', '%xmm7', - ); - -%reg_val=( - 'eax', 0x00, - 'ebx', 0x03, - 'ecx', 0x01, - 'edx', 0x02, - 'esi', 0x06, - 'edi', 0x07, - 'ebp', 0x05, - 'esp', 0x04, - ); - -sub main'LB - { - (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n"; - return($lb{$_[0]}); - } - -sub main'HB - { - (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n"; - return($hb{$_[0]}); - } - -sub main'DWP - { - local($addr,$reg1,$reg2,$idx)=@_; - - $ret=""; - $addr =~ s/(^|[+ \t])([A-Za-z_]+[A-Za-z0-9_]+)($|[+ \t])/$1$under$2$3/; - $reg1="$regs{$reg1}" if defined($regs{$reg1}); - $reg2="$regs{$reg2}" if defined($regs{$reg2}); - $ret.=$addr if ($addr ne "") && ($addr ne 0); - if ($reg2 ne "") - { - if($idx ne "" && $idx != 0) - { $ret.="($reg1,$reg2,$idx)"; } - else - { $ret.="($reg1,$reg2)"; } - } - elsif ($reg1 ne "") - { $ret.="($reg1)" } - return($ret); - } - -sub main'QWP - { - return(&main'DWP(@_)); - } - -sub main'BP - { - return(&main'DWP(@_)); - } - -sub main'BC - { - return @_; - } - -sub main'DWC - { - return @_; - } - -#sub main'BP -# { -# local($addr,$reg1,$reg2,$idx)=@_; -# -# $ret=""; -# -# $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/; -# $reg1="$regs{$reg1}" if defined($regs{$reg1}); -# $reg2="$regs{$reg2}" if defined($regs{$reg2}); -# $ret.=$addr if ($addr ne "") && ($addr ne 0); -# if ($reg2 ne "") -# { $ret.="($reg1,$reg2,$idx)"; } -# else -# { $ret.="($reg1)" } -# return($ret); -# } - -sub main'mov { &out2("movl",@_); } -sub main'movb { &out2("movb",@_); } -sub main'and { &out2("andl",@_); } -sub main'or { &out2("orl",@_); } -sub main'shl { &out2("sall",@_); } -sub main'shr { &out2("shrl",@_); } -sub main'xor { &out2("xorl",@_); } -sub main'xorb { &out2("xorb",@_); } -sub main'add { &out2($_[0]=~/%[a-d][lh]/?"addb":"addl",@_); } -sub main'adc { &out2("adcl",@_); } -sub main'sub { &out2("subl",@_); } -sub main'sbb { &out2("sbbl",@_); } -sub main'rotl { &out2("roll",@_); } -sub main'rotr { &out2("rorl",@_); } -sub main'exch { &out2($_[0]=~/%[a-d][lh]/?"xchgb":"xchgl",@_); } -sub main'cmp { &out2("cmpl",@_); } -sub main'lea { &out2("leal",@_); } -sub main'mul { &out1("mull",@_); } -sub main'imul { &out2("imull",@_); } -sub main'div { &out1("divl",@_); } -sub main'jmp { &out1("jmp",@_); } -sub main'jmp_ptr { &out1p("jmp",@_); } -sub main'je { &out1("je",@_); } -sub main'jle { &out1("jle",@_); } -sub main'jne { &out1("jne",@_); } -sub main'jnz { &out1("jnz",@_); } -sub main'jz { &out1("jz",@_); } -sub main'jge { &out1("jge",@_); } -sub main'jl { &out1("jl",@_); } -sub main'ja { &out1("ja",@_); } -sub main'jae { &out1("jae",@_); } -sub main'jb { &out1("jb",@_); } -sub main'jbe { &out1("jbe",@_); } -sub main'jc { &out1("jc",@_); } -sub main'jnc { &out1("jnc",@_); } -sub main'jno { &out1("jno",@_); } -sub main'dec { &out1("decl",@_); } -sub main'inc { &out1($_[0]=~/%[a-d][hl]/?"incb":"incl",@_); } -sub main'push { &out1("pushl",@_); $stack+=4; } -sub main'pop { &out1("popl",@_); $stack-=4; } -sub main'pushf { &out0("pushfl"); $stack+=4; } -sub main'popf { &out0("popfl"); $stack-=4; } -sub main'not { &out1("notl",@_); } -sub main'call { my $pre=$under; - foreach $i (%label) - { if ($label{$i} eq $_[0]) { $pre=''; last; } } - &out1("call",$pre.$_[0]); - } -sub main'call_ptr { &out1p("call",@_); } -sub main'ret { &out0("ret"); } -sub main'nop { &out0("nop"); } -sub main'test { &out2("testl",@_); } -sub main'bt { &out2("btl",@_); } -sub main'leave { &out0("leave"); } -sub main'cpuid { &out0(".byte\t0x0f,0xa2"); } -sub main'rdtsc { &out0(".byte\t0x0f,0x31"); } -sub main'halt { &out0("hlt"); } -sub main'movz { &out2("movzbl",@_); } -sub main'neg { &out1("negl",@_); } -sub main'cld { &out0("cld"); } - -# SSE2 -sub main'emms { &out0("emms"); } -sub main'movd { &out2("movd",@_); } -sub main'movdqu { &out2("movdqu",@_); } -sub main'movdqa { &out2("movdqa",@_); } -sub main'movdq2q{ &out2("movdq2q",@_); } -sub main'movq2dq{ &out2("movq2dq",@_); } -sub main'paddq { &out2("paddq",@_); } -sub main'pmuludq{ &out2("pmuludq",@_); } -sub main'psrlq { &out2("psrlq",@_); } -sub main'psllq { &out2("psllq",@_); } -sub main'pxor { &out2("pxor",@_); } -sub main'por { &out2("por",@_); } -sub main'pand { &out2("pand",@_); } -sub main'movq { - local($p1,$p2,$optimize)=@_; - if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/) - # movq between mmx registers can sink Intel CPUs - { push(@out,"\tpshufw\t\$0xe4,%$p2,%$p1\n"); } - else { &out2("movq",@_); } - } - -# The bswapl instruction is new for the 486. Emulate if i386. -sub main'bswap - { - if ($main'i386) - { - &main'comment("bswapl @_"); - &main'exch(main'HB(@_),main'LB(@_)); - &main'rotr(@_,16); - &main'exch(main'HB(@_),main'LB(@_)); - } - else - { - &out1("bswapl",@_); - } - } - -sub out2 - { - local($name,$p1,$p2)=@_; - local($l,$ll,$t); - local(%special)=( "roll",0xD1C0,"rorl",0xD1C8, - "rcll",0xD1D0,"rcrl",0xD1D8, - "shll",0xD1E0,"shrl",0xD1E8, - "sarl",0xD1F8); - - if ((defined($special{$name})) && defined($regs{$p1}) && ($p2 == 1)) - { - $op=$special{$name}|$reg_val{$p1}; - $tmp1=sprintf(".byte %d\n",($op>>8)&0xff); - $tmp2=sprintf(".byte %d\t",$op &0xff); - push(@out,$tmp1); - push(@out,$tmp2); - - $p2=&conv($p2); - $p1=&conv($p1); - &main'comment("$name $p2 $p1"); - return; - } - - push(@out,"\t$name\t"); - $t=&conv($p2).","; - $l=length($t); - push(@out,$t); - $ll=4-($l+9)/8; - $tmp1=sprintf("\t" x $ll); - push(@out,$tmp1); - push(@out,&conv($p1)."\n"); - } - -sub out1 - { - local($name,$p1)=@_; - local($l,$t); - local(%special)=("bswapl",0x0FC8); - - if ((defined($special{$name})) && defined($regs{$p1})) - { - $op=$special{$name}|$reg_val{$p1}; - $tmp1=sprintf(".byte %d\n",($op>>8)&0xff); - $tmp2=sprintf(".byte %d\t",$op &0xff); - push(@out,$tmp1); - push(@out,$tmp2); - - $p2=&conv($p2); - $p1=&conv($p1); - &main'comment("$name $p2 $p1"); - return; - } - - push(@out,"\t$name\t".&conv($p1)."\n"); - } - -sub out1p - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t*".&conv($p1)."\n"); - } - -sub out0 - { - push(@out,"\t$_[0]\n"); - } - -sub conv - { - local($p)=@_; - -# $p =~ s/0x([0-9A-Fa-f]+)/0$1h/; - - $p=$regs{$p} if (defined($regs{$p})); - - $p =~ s/^(-{0,1}[0-9A-Fa-f]+)$/\$$1/; - $p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/; - return $p; - } - -sub main'file - { - local($file)=@_; - - if ($main'openbsd) - { push(@out,"#include \n"); } - - local($tmp)=<<"EOF"; - .file "$file.s" -EOF - push(@out,$tmp); - } - -sub main'function_begin - { - local($func,$junk,$llabel)=@_; - - &main'external_label($func); - $func=$under.$func; - - if ($main'openbsd) - { - push (@out, "\nENTRY($func)\n"); - push (@out, "$llabel:\n") if $llabel; - goto skip; - } - - local($tmp)=<<"EOF"; -.text -.globl $func -EOF - push(@out,$tmp); - if ($main'cpp) - { $tmp=push(@out,"TYPE($func,\@function)\n"); } - elsif ($main'coff) - { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - elsif ($main'aout and !$main'pic) - { } - else { $tmp=push(@out,".type\t$func,\@function\n"); } - push(@out,".align\t$align\n"); - push(@out,"$func:\n"); -skip: - $tmp=<<"EOF"; - pushl %ebp - pushl %ebx - pushl %esi - pushl %edi - -EOF - push(@out,$tmp); - $stack=20; - } - -sub main'function_begin_B - { - local($func,$extra)=@_; - - &main'external_label($func); - $func=$under.$func; - - if ($main'openbsd) - { push(@out, "\nENTRY($func)\n"); goto skip; } - - local($tmp)=<<"EOF"; -.text -.globl $func -EOF - push(@out,$tmp); - if ($main'cpp) - { push(@out,"TYPE($func,\@function)\n"); } - elsif ($main'coff) - { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - elsif ($main'aout and !$main'pic) - { } - else { push(@out,".type $func,\@function\n"); } - push(@out,".align\t$align\n"); - push(@out,"$func:\n"); -skip: - $stack=4; - } - -# Like function_begin_B but with static linkage -sub main'function_begin_C - { - local($func,$extra)=@_; - - &main'external_label($func); - $func=$under.$func; - - if ($main'openbsd) - { - local($tmp)=<<"EOF"; -.text -_ALIGN_TEXT -.type $func,\@function -$func: -EOF - push(@out, $tmp); - goto skip; - } - - local($tmp)=<<"EOF"; -.text -.globl $func -EOF - push(@out,$tmp); - if ($main'cpp) - { push(@out,"TYPE($func,\@function)\n"); } - elsif ($main'coff) - { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - elsif ($main'aout and !$main'pic) - { } - else { push(@out,".type $func,\@function\n"); } - push(@out,".align\t$align\n"); - push(@out,"$func:\n"); -skip: - $stack=4; - } - -sub main'function_end - { - local($func)=@_; - - $func=$under.$func; - - local($tmp)=<<"EOF"; - popl %edi - popl %esi - popl %ebx - popl %ebp - ret -${dot}L_${func}_end: -EOF - push(@out,$tmp); - - if ($main'cpp) - { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); } - elsif ($main'coff or $main'aout) - { } - else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); } - push(@out,".ident \"$func\"\n"); - $stack=0; - %label=(); - } - -sub main'function_end_A - { - local($func)=@_; - - local($tmp)=<<"EOF"; - popl %edi - popl %esi - popl %ebx - popl %ebp - ret -EOF - push(@out,$tmp); - } - -sub main'function_end_B - { - local($func)=@_; - - $func=$under.$func; - - push(@out,"${dot}L_${func}_end:\n"); - if ($main'cpp) - { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); } - elsif ($main'coff or $main'aout) - { } - else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); } - push(@out,".ident \"$func\"\n"); - $stack=0; - %label=(); - } - -sub main'function_end_C { function_end_B(@_); } - -sub main'wparam - { - local($num)=@_; - - return(&main'DWP($stack+$num*4,"esp","",0)); - } - -sub main'stack_push - { - local($num)=@_; - $stack+=$num*4; - &main'sub("esp",$num*4); - } - -sub main'stack_pop - { - local($num)=@_; - $stack-=$num*4; - &main'add("esp",$num*4); - } - -sub main'swtmp - { - return(&main'DWP($_[0]*4,"esp","",0)); - } - -# Should use swtmp, which is above esp. Linix can trash the stack above esp -#sub main'wtmp -# { -# local($num)=@_; -# -# return(&main'DWP(-($num+1)*4,"esp","",0)); -# } - -sub main'comment - { - if (!defined($com_start) or (!$main'openbsd && $main'elf)) - { # Regarding $main'elf above... - # GNU and SVR4 as'es use different comment delimiters, - push(@out,"\n"); # so we just skip ELF comments... - return; - } - foreach (@_) - { - if (/^\s*$/) - { push(@out,"\n"); } - else - { push(@out,"\t$com_start $_ $com_end\n"); } - } - } - -sub main'public_label - { - $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]})); - push(@out,".globl\t$label{$_[0]}\n"); - } - -sub main'label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="${dot}${label}${_[0]}"; - $label++; - } - return($label{$_[0]}); - } - -sub main'set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="${dot}${label}${_[0]}"; - $label++; - } - if ($_[1]!=0) - { - if ($_[1]>1) { main'align($_[1]); } - else - { - if ($main'openbsd) - { push(@out,"_ALIGN_TEXT\n"); } - else - { push(@out,".align $align\n"); } - } - } - push(@out,"$label{$_[0]}:\n"); - } - -sub main'file_end - { - # try to detect if SSE2 or MMX extensions were used on ELF platform... - if ($main'elf && grep {/\b%[x]*mm[0-7]\b|OPENSSL_ia32cap_P\b/i} @out) { - local($tmp); - - push (@out,"\n.section\t.bss\n"); - push (@out,".comm\t${under}OPENSSL_ia32cap_P,4,4\n"); - - return; - } - - if ($const ne "") - { - push(@out,".section .rodata\n"); - push(@out,$const); - $const=""; - } - } - -sub main'data_byte - { - push(@out,"\t.byte\t".join(',',@_)."\n"); - } - -sub main'data_word - { - push(@out,"\t.long\t".join(',',@_)."\n"); - } - -sub main'align - { - my $val=$_[0],$p2,$i; - if ($main'aout) { - for ($p2=0;$val!=0;$val>>=1) { $p2++; } - $val=$p2-1; - $val.=",0x90"; - } - push(@out,".align\t$val\n"); - if ($main'openbsd) - { push(@out,"_ALIGN_TEXT\n"); } - else - { push(@out,".align $tval\n"); } - } - -# debug output functions: puts, putx, printf - -sub main'puts - { - &pushvars(); - &main'push('$Lstring' . ++$constl); - &main'call('puts'); - $stack-=4; - &main'add("esp",4); - &popvars(); - - $const .= "Lstring$constl:\n\t.string \"@_[0]\"\n"; - } - -sub main'putx - { - &pushvars(); - &main'push($_[0]); - &main'push('$Lstring' . ++$constl); - &main'call('printf'); - &main'add("esp",8); - $stack-=8; - &popvars(); - - $const .= "Lstring$constl:\n\t.string \"\%X\"\n"; - } - -sub main'printf - { - $ostack = $stack; - &pushvars(); - for ($i = @_ - 1; $i >= 0; $i--) - { - if ($i == 0) # change this to support %s format strings - { - &main'push('$Lstring' . ++$constl); - $const .= "Lstring$constl:\n\t.string \"@_[$i]\"\n"; - } - else - { - if ($_[$i] =~ /([0-9]*)\(%esp\)/) - { - &main'push(($1 + $stack - $ostack) . '(%esp)'); - } - else - { - &main'push($_[$i]); - } - } - } - &main'call('printf'); - $stack-=4*@_; - &main'add("esp",4*@_); - &popvars(); - } - -sub pushvars - { - &main'pushf(); - &main'push("edx"); - &main'push("ecx"); - &main'push("eax"); - } - -sub popvars - { - &main'pop("eax"); - &main'pop("ecx"); - &main'pop("edx"); - &main'popf(); - } - -sub main'picmeup - { - local($dst,$sym)=@_; - if ($main'cpp) - { - local($tmp)=<<___; -#if (defined(ELF) || defined(SOL)) && defined(PIC) - call 1f -1: popl $regs{$dst} - addl \$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst} - movl $sym\@GOT($regs{$dst}),$regs{$dst} -#else - leal $sym,$regs{$dst} -#endif -___ - push(@out,$tmp); - } - elsif ($main'openbsd) - { - push(@out, "#ifdef PIC\n"); - push(@out, "\tPIC_PROLOGUE\n"); - &main'mov($dst,"PIC_GOT($sym)"); - push(@out, "\tPIC_EPILOGUE\n"); - push(@out, "#else\n"); - &main'lea($dst,&main'DWP($sym)); - push(@out, "#endif\n"); - } - elsif ($main'pic && ($main'elf || $main'aout)) - { - &main'call(&main'label("PIC_me_up")); - &main'set_label("PIC_me_up"); - &main'blindpop($dst); - &main'add($dst,"\$${under}_GLOBAL_OFFSET_TABLE_+[.-". - &main'label("PIC_me_up") . "]"); - &main'mov($dst,&main'DWP($under.$sym."\@GOT",$dst)); - } - else - { - &main'lea($dst,&main'DWP($sym)); - } - } - -sub main'blindpop { &out1("popl",@_); } - -sub main'initseg - { - local($f)=@_; - local($tmp); - if ($main'elf) - { - $tmp=<<___; -.section .init - PIC_PROLOGUE - call PIC_PLT($under$f) - PIC_EPILOGUE - jmp .Linitalign -.align $align -.Linitalign: -___ - } - elsif ($main'coff) - { - $tmp=<<___; # applies to both Cygwin and Mingw -.section .ctors -.long $under$f -___ - } - elsif ($main'aout) - { - local($ctor)="${under}_GLOBAL_\$I\$$f"; - $tmp=".text\n"; - $tmp.=".type $ctor,\@function\n" if ($main'pic); - $tmp.=<<___; # OpenBSD way... -.globl $ctor -.align 2 -$ctor: - jmp $under$f -___ - } - push(@out,$tmp) if ($tmp); - } - -1; diff --git a/src/lib/libcrypto/pkcs12/Makefile.ssl b/src/lib/libcrypto/pkcs12/Makefile.ssl deleted file mode 100644 index a6e47b4085..0000000000 --- a/src/lib/libcrypto/pkcs12/Makefile.ssl +++ /dev/null @@ -1,417 +0,0 @@ -# -# SSLeay/crypto/pkcs12/Makefile -# - -DIR= pkcs12 -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \ - p12_init.c p12_key.c p12_kiss.c p12_mutl.c\ - p12_utl.c p12_npas.c pk12err.c p12_p8d.c p12_p8e.c -LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \ - p12_init.o p12_key.o p12_kiss.o p12_mutl.o\ - p12_utl.o p12_npas.o pk12err.o p12_p8d.o p12_p8e.o - -SRC= $(LIBSRC) - -EXHEADER= pkcs12.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -test: - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -p12_add.o: ../../e_os.h ../../include/openssl/aes.h -p12_add.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_add.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_add.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_add.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_add.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_add.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_add.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_add.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_add.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p12_add.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_add.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_add.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_add.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_add.o: ../cryptlib.h p12_add.c -p12_asn.o: ../../e_os.h ../../include/openssl/aes.h -p12_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -p12_asn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p12_asn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p12_asn.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p12_asn.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p12_asn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_asn.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_asn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p12_asn.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_asn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_asn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_asn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_asn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c -p12_attr.o: ../../e_os.h ../../include/openssl/aes.h -p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_attr.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_attr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_attr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_attr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_attr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_attr.o: ../../include/openssl/opensslconf.h -p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_attr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_attr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_attr.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_attr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_attr.c -p12_crpt.o: ../../e_os.h ../../include/openssl/aes.h -p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_crpt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_crpt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_crpt.o: ../../include/openssl/opensslconf.h -p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_crpt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_crpt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_crpt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crpt.c -p12_crt.o: ../../e_os.h ../../include/openssl/aes.h -p12_crt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_crt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_crt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_crt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_crt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_crt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_crt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_crt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_crt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p12_crt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_crt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_crt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_crt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_crt.o: ../cryptlib.h p12_crt.c -p12_decr.o: ../../e_os.h ../../include/openssl/aes.h -p12_decr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_decr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_decr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_decr.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_decr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_decr.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_decr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_decr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_decr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_decr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_decr.o: ../../include/openssl/opensslconf.h -p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_decr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_decr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_decr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_decr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_decr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_decr.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_decr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_decr.c -p12_init.o: ../../e_os.h ../../include/openssl/aes.h -p12_init.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_init.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_init.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_init.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_init.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_init.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_init.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_init.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_init.o: ../../include/openssl/opensslconf.h -p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_init.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_init.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_init.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_init.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_init.c -p12_key.o: ../../e_os.h ../../include/openssl/aes.h -p12_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_key.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_key.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_key.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_key.o: ../cryptlib.h p12_key.c -p12_kiss.o: ../../e_os.h ../../include/openssl/aes.h -p12_kiss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_kiss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_kiss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_kiss.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_kiss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_kiss.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_kiss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_kiss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_kiss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_kiss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_kiss.o: ../../include/openssl/opensslconf.h -p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_kiss.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_kiss.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_kiss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_kiss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_kiss.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_kiss.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_kiss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_kiss.c -p12_mutl.o: ../../e_os.h ../../include/openssl/aes.h -p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_mutl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_mutl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_mutl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h -p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_mutl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_mutl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -p12_mutl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_mutl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_mutl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_mutl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_mutl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_mutl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_mutl.o: ../cryptlib.h p12_mutl.c -p12_npas.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -p12_npas.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p12_npas.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p12_npas.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p12_npas.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p12_npas.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p12_npas.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_npas.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_npas.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p12_npas.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_npas.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_npas.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_npas.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_npas.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_npas.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_npas.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_npas.o: ../../include/openssl/x509_vfy.h p12_npas.c -p12_p8d.o: ../../e_os.h ../../include/openssl/aes.h -p12_p8d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_p8d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_p8d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_p8d.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_p8d.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_p8d.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_p8d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_p8d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_p8d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_p8d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_p8d.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p12_p8d.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_p8d.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_p8d.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_p8d.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_p8d.o: ../cryptlib.h p12_p8d.c -p12_p8e.o: ../../e_os.h ../../include/openssl/aes.h -p12_p8e.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_p8e.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_p8e.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_p8e.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_p8e.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_p8e.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_p8e.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_p8e.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_p8e.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_p8e.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_p8e.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p12_p8e.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_p8e.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_p8e.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_p8e.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_p8e.o: ../cryptlib.h p12_p8e.c -p12_utl.o: ../../e_os.h ../../include/openssl/aes.h -p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_utl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p12_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_utl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_utl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_utl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_utl.o: ../cryptlib.h p12_utl.c -pk12err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -pk12err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pk12err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pk12err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pk12err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk12err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk12err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk12err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk12err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pk12err.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -pk12err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk12err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk12err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk12err.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c diff --git a/src/lib/libcrypto/pkcs12/p12_add.c b/src/lib/libcrypto/pkcs12/p12_add.c index 1f3e378f5c..27ac5facfa 100644 --- a/src/lib/libcrypto/pkcs12/p12_add.c +++ b/src/lib/libcrypto/pkcs12/p12_add.c @@ -106,6 +106,7 @@ PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, PKCS8_PRIV_KEY_INFO *p8) { PKCS12_SAFEBAG *bag; + const EVP_CIPHER *pbe_ciph; /* Set up the safe bag */ if (!(bag = PKCS12_SAFEBAG_new())) { @@ -114,8 +115,14 @@ PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, } bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag); + + pbe_ciph = EVP_get_cipherbynid(pbe_nid); + + if (pbe_ciph) + pbe_nid = -1; + if (!(bag->value.shkeybag = - PKCS8_encrypt(pbe_nid, NULL, pass, passlen, salt, saltlen, iter, + PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter, p8))) { PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE); return NULL; @@ -164,6 +171,7 @@ PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, { PKCS7 *p7; X509_ALGOR *pbe; + const EVP_CIPHER *pbe_ciph; if (!(p7 = PKCS7_new())) { PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE); return NULL; @@ -173,7 +181,15 @@ PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE); return NULL; } - if (!(pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen))) { + + pbe_ciph = EVP_get_cipherbynid(pbe_nid); + + if (pbe_ciph) + pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen); + else + pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen); + + if (!pbe) { PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/lib/libcrypto/pkcs12/p12_attr.c b/src/lib/libcrypto/pkcs12/p12_attr.c index 68d6c5ad15..e4d9c25647 100644 --- a/src/lib/libcrypto/pkcs12/p12_attr.c +++ b/src/lib/libcrypto/pkcs12/p12_attr.c @@ -139,7 +139,7 @@ char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag) ASN1_TYPE *atype; if (!(atype = PKCS12_get_attr(bag, NID_friendlyName))) return NULL; if (atype->type != V_ASN1_BMPSTRING) return NULL; - return uni2asc(atype->value.bmpstring->data, + return OPENSSL_uni2asc(atype->value.bmpstring->data, atype->value.bmpstring->length); } diff --git a/src/lib/libcrypto/pkcs12/p12_crpt.c b/src/lib/libcrypto/pkcs12/p12_crpt.c index f8b952e27e..b71d07b4d0 100644 --- a/src/lib/libcrypto/pkcs12/p12_crpt.c +++ b/src/lib/libcrypto/pkcs12/p12_crpt.c @@ -60,28 +60,10 @@ #include "cryptlib.h" #include -/* PKCS#12 specific PBE functions */ +/* PKCS#12 PBE algorithms now in static table */ void PKCS12_PBE_add(void) { -#ifndef OPENSSL_NO_RC4 -EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC4, EVP_rc4(), EVP_sha1(), - PKCS12_PBE_keyivgen); -EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC4, EVP_rc4_40(), EVP_sha1(), - PKCS12_PBE_keyivgen); -#endif -#ifndef OPENSSL_NO_DES -EVP_PBE_alg_add(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, - EVP_des_ede3_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen); -EVP_PBE_alg_add(NID_pbe_WithSHA1And2_Key_TripleDES_CBC, - EVP_des_ede_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen); -#endif -#ifndef OPENSSL_NO_RC2 -EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC2_CBC, EVP_rc2_cbc(), - EVP_sha1(), PKCS12_PBE_keyivgen); -EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(), - EVP_sha1(), PKCS12_PBE_keyivgen); -#endif } int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, diff --git a/src/lib/libcrypto/pkcs12/p12_crt.c b/src/lib/libcrypto/pkcs12/p12_crt.c index 9522342fa5..96b131defa 100644 --- a/src/lib/libcrypto/pkcs12/p12_crt.c +++ b/src/lib/libcrypto/pkcs12/p12_crt.c @@ -59,10 +59,6 @@ #include #include "cryptlib.h" #include -#ifdef OPENSSL_FIPS -#include -#endif - static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag); @@ -94,14 +90,7 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, /* Set defaults */ if (!nid_cert) - { -#ifdef OPENSSL_FIPS - if (FIPS_mode()) - nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; - else -#endif nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; - } if (!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; if (!iter) diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c index 9e57eee4a4..a29794bbbc 100644 --- a/src/lib/libcrypto/pkcs12/p12_key.c +++ b/src/lib/libcrypto/pkcs12/p12_key.c @@ -81,15 +81,18 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, int ret; unsigned char *unipass; int uniplen; + if(!pass) { unipass = NULL; uniplen = 0; - } else if (!asc2uni(pass, passlen, &unipass, &uniplen)) { + } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) { PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE); return 0; } ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, id, iter, n, out, md_type); + if (ret <= 0) + return 0; if(unipass) { OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */ OPENSSL_free(unipass); @@ -129,6 +132,8 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, #endif v = EVP_MD_block_size (md_type); u = EVP_MD_size (md_type); + if (u < 0) + return 0; D = OPENSSL_malloc (v); Ai = OPENSSL_malloc (u); B = OPENSSL_malloc (v + 1); diff --git a/src/lib/libcrypto/pkcs12/p12_kiss.c b/src/lib/libcrypto/pkcs12/p12_kiss.c index 5c4c6ec988..292cc3ed4a 100644 --- a/src/lib/libcrypto/pkcs12/p12_kiss.c +++ b/src/lib/libcrypto/pkcs12/p12_kiss.c @@ -63,16 +63,13 @@ /* Simplified PKCS#12 routines */ static int parse_pk12( PKCS12 *p12, const char *pass, int passlen, - EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca); + EVP_PKEY **pkey, STACK_OF(X509) *ocerts); static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, - int passlen, EVP_PKEY **pkey, X509 **cert, - STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid, - char *keymatch); + int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts); static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen, - EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca, - ASN1_OCTET_STRING **keyid, char *keymatch); + EVP_PKEY **pkey, STACK_OF(X509) *ocerts); /* Parse and decrypt a PKCS#12 structure returning user key, user cert * and other (CA) certs. Note either ca should be NULL, *ca should be NULL, @@ -83,24 +80,20 @@ static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen, int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) { - + STACK_OF(X509) *ocerts = NULL; + X509 *x = NULL; /* Check for NULL PKCS12 structure */ - if(!p12) { + if(!p12) + { PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_INVALID_NULL_PKCS12_POINTER); return 0; - } - - /* Allocate stack for ca certificates if needed */ - if ((ca != NULL) && (*ca == NULL)) { - if (!(*ca = sk_X509_new_null())) { - PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE); - return 0; } - } - if(pkey) *pkey = NULL; - if(cert) *cert = NULL; + if(pkey) + *pkey = NULL; + if(cert) + *cert = NULL; /* Check the mac */ @@ -122,19 +115,61 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, goto err; } - if (!parse_pk12 (p12, pass, -1, pkey, cert, ca)) + /* Allocate stack for other certificates */ + ocerts = sk_X509_new_null(); + + if (!ocerts) + { + PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE); + return 0; + } + + if (!parse_pk12 (p12, pass, -1, pkey, ocerts)) { PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_PARSE_ERROR); goto err; } + while ((x = sk_X509_pop(ocerts))) + { + if (pkey && *pkey && cert && !*cert) + { + if (X509_check_private_key(x, *pkey)) + { + *cert = x; + x = NULL; + } + } + + if (ca && x) + { + if (!*ca) + *ca = sk_X509_new_null(); + if (!*ca) + goto err; + if (!sk_X509_push(*ca, x)) + goto err; + x = NULL; + } + if (x) + X509_free(x); + } + + if (ocerts) + sk_X509_pop_free(ocerts, X509_free); + return 1; err: - if (pkey && *pkey) EVP_PKEY_free(*pkey); - if (cert && *cert) X509_free(*cert); - if (ca) sk_X509_pop_free(*ca, X509_free); + if (pkey && *pkey) + EVP_PKEY_free(*pkey); + if (cert && *cert) + X509_free(*cert); + if (x) + X509_free(*cert); + if (ocerts) + sk_X509_pop_free(ocerts, X509_free); return 0; } @@ -142,15 +177,13 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, /* Parse the outer PKCS#12 structure */ static int parse_pk12(PKCS12 *p12, const char *pass, int passlen, - EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) + EVP_PKEY **pkey, STACK_OF(X509) *ocerts) { STACK_OF(PKCS7) *asafes; STACK_OF(PKCS12_SAFEBAG) *bags; int i, bagnid; PKCS7 *p7; - ASN1_OCTET_STRING *keyid = NULL; - char keymatch = 0; if (!(asafes = PKCS12_unpack_authsafes (p12))) return 0; for (i = 0; i < sk_PKCS7_num (asafes); i++) { p7 = sk_PKCS7_value (asafes, i); @@ -164,8 +197,7 @@ static int parse_pk12(PKCS12 *p12, const char *pass, int passlen, sk_PKCS7_pop_free(asafes, PKCS7_free); return 0; } - if (!parse_bags(bags, pass, passlen, pkey, cert, ca, - &keyid, &keymatch)) { + if (!parse_bags(bags, pass, passlen, pkey, ocerts)) { sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); sk_PKCS7_pop_free(asafes, PKCS7_free); return 0; @@ -173,89 +205,65 @@ static int parse_pk12(PKCS12 *p12, const char *pass, int passlen, sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); } sk_PKCS7_pop_free(asafes, PKCS7_free); - if (keyid) M_ASN1_OCTET_STRING_free(keyid); return 1; } static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, - int passlen, EVP_PKEY **pkey, X509 **cert, - STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid, - char *keymatch) + int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts) { int i; for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { if (!parse_bag(sk_PKCS12_SAFEBAG_value (bags, i), - pass, passlen, pkey, cert, ca, keyid, - keymatch)) return 0; + pass, passlen, pkey, ocerts)) + return 0; } return 1; } -#define MATCH_KEY 0x1 -#define MATCH_CERT 0x2 -#define MATCH_ALL 0x3 - static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, - EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca, - ASN1_OCTET_STRING **keyid, - char *keymatch) + EVP_PKEY **pkey, STACK_OF(X509) *ocerts) { PKCS8_PRIV_KEY_INFO *p8; X509 *x509; - ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL; ASN1_TYPE *attrib; ASN1_BMPSTRING *fname = NULL; + ASN1_OCTET_STRING *lkid = NULL; if ((attrib = PKCS12_get_attr (bag, NID_friendlyName))) fname = attrib->value.bmpstring; - if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) { - lkey = attrib->value.octet_string; - ckid = lkey; - } + if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) + lkid = attrib->value.octet_string; - /* Check for any local key id matching (if needed) */ - if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) { - if (*keyid) { - if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL; - } else { - if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) { - PKCS12err(PKCS12_F_PARSE_BAG,ERR_R_MALLOC_FAILURE); - return 0; - } - } - } - switch (M_PKCS12_bag_type(bag)) { case NID_keyBag: - if (!lkey || !pkey) return 1; - if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))) return 0; - *keymatch |= MATCH_KEY; + if (!pkey || *pkey) + return 1; + if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))) + return 0; break; case NID_pkcs8ShroudedKeyBag: - if (!lkey || !pkey) return 1; + if (!pkey || *pkey) + return 1; if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen))) return 0; *pkey = EVP_PKCS82PKEY(p8); PKCS8_PRIV_KEY_INFO_free(p8); if (!(*pkey)) return 0; - *keymatch |= MATCH_KEY; break; case NID_certBag: if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate ) - return 1; - if (!(x509 = PKCS12_certbag2x509(bag))) return 0; - if(ckid) + return 1; + if (!(x509 = PKCS12_certbag2x509(bag))) + return 0; + if(lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) { - if (!X509_keyid_set1(x509, ckid->data, ckid->length)) - { - X509_free(x509); - return 0; - } + X509_free(x509); + return 0; } if(fname) { int len, r; @@ -272,20 +280,17 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, } } + if(!sk_X509_push(ocerts, x509)) + { + X509_free(x509); + return 0; + } - if (lkey) { - *keymatch |= MATCH_CERT; - if (cert) *cert = x509; - else X509_free(x509); - } else { - if(ca) sk_X509_push (*ca, x509); - else X509_free(x509); - } break; case NID_safeContentsBag: return parse_bags(bag->value.safes, pass, passlen, - pkey, cert, ca, keyid, keymatch); + pkey, ocerts); break; default: diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c index 70bfef6e5d..9ab740d51f 100644 --- a/src/lib/libcrypto/pkcs12/p12_mutl.c +++ b/src/lib/libcrypto/pkcs12/p12_mutl.c @@ -71,6 +71,7 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, HMAC_CTX hmac; unsigned char key[EVP_MAX_MD_SIZE], *salt; int saltlen, iter; + int md_size; if (!PKCS7_type_is_data(p12->authsafes)) { @@ -87,13 +88,16 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_UNKNOWN_DIGEST_ALGORITHM); return 0; } + md_size = EVP_MD_size(md_type); + if (md_size < 0) + return 0; if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, - EVP_MD_size(md_type), key, md_type)) { + md_size, key, md_type)) { PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR); return 0; } HMAC_CTX_init(&hmac); - HMAC_Init_ex(&hmac, key, EVP_MD_size(md_type), md_type, NULL); + HMAC_Init_ex(&hmac, key, md_size, md_type, NULL); HMAC_Update(&hmac, p12->authsafes->d.data->data, p12->authsafes->d.data->length); HMAC_Final(&hmac, mac, maclen); diff --git a/src/lib/libcrypto/pkcs12/p12_npas.c b/src/lib/libcrypto/pkcs12/p12_npas.c index 47e5e9c377..2f71355150 100644 --- a/src/lib/libcrypto/pkcs12/p12_npas.c +++ b/src/lib/libcrypto/pkcs12/p12_npas.c @@ -120,8 +120,13 @@ static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass) bags = PKCS12_unpack_p7data(p7); } else if (bagnid == NID_pkcs7_encrypted) { bags = PKCS12_unpack_p7encdata(p7, oldpass, -1); - alg_get(p7->d.encrypted->enc_data->algorithm, - &pbe_nid, &pbe_iter, &pbe_saltlen); + if (!alg_get(p7->d.encrypted->enc_data->algorithm, + &pbe_nid, &pbe_iter, &pbe_saltlen)) + { + sk_PKCS12_SAFEBAG_pop_free(bags, + PKCS12_SAFEBAG_free); + bags = NULL; + } } else continue; if (!bags) { sk_PKCS7_pop_free(asafes, PKCS7_free); @@ -193,7 +198,9 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass) if(M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag) return 1; if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1))) return 0; - alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen); + if (!alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, + &p8_saltlen)) + return 0; if(!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen, p8_iter, p8))) return 0; X509_SIG_free(bag->value.shkeybag); @@ -208,9 +215,11 @@ static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen) p = alg->parameter->value.sequence->data; pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); + if (!pbe) + return 0; *pnid = OBJ_obj2nid(alg->algorithm); *piter = ASN1_INTEGER_get(pbe->iter); *psaltlen = pbe->salt->length; PBEPARAM_free(pbe); - return 0; + return 1; } diff --git a/src/lib/libcrypto/pkcs12/p12_utl.c b/src/lib/libcrypto/pkcs12/p12_utl.c index ca30ac4f6d..59c6f453f6 100644 --- a/src/lib/libcrypto/pkcs12/p12_utl.c +++ b/src/lib/libcrypto/pkcs12/p12_utl.c @@ -62,7 +62,7 @@ /* Cheap and nasty Unicode stuff */ -unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen) +unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen) { int ulen, i; unsigned char *unitmp; @@ -81,7 +81,7 @@ unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *un return unitmp; } -char *uni2asc(unsigned char *uni, int unilen) +char *OPENSSL_uni2asc(unsigned char *uni, int unilen) { int asclen, i; char *asctmp; diff --git a/src/lib/libcrypto/pkcs12/pk12err.c b/src/lib/libcrypto/pkcs12/pk12err.c index 07a1fb6907..f6ddf2df12 100644 --- a/src/lib/libcrypto/pkcs12/pk12err.c +++ b/src/lib/libcrypto/pkcs12/pk12err.c @@ -1,6 +1,6 @@ /* crypto/pkcs12/pk12err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/src/lib/libcrypto/pkcs12/pkcs12.h b/src/lib/libcrypto/pkcs12/pkcs12.h index 4bee605dc0..b17eb9f42b 100644 --- a/src/lib/libcrypto/pkcs12/pkcs12.h +++ b/src/lib/libcrypto/pkcs12/pkcs12.h @@ -108,8 +108,6 @@ PKCS12_MAC_DATA *mac; PKCS7 *authsafes; } PKCS12; -PREDECLARE_STACK_OF(PKCS12_SAFEBAG) - typedef struct { ASN1_OBJECT *type; union { @@ -232,8 +230,8 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, const EVP_MD *md_type); int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, const EVP_MD *md_type); -unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen); -char *uni2asc(unsigned char *uni, int unilen); +unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen); +char *OPENSSL_uni2asc(unsigned char *uni, int unilen); DECLARE_ASN1_FUNCTIONS(PKCS12) DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA) diff --git a/src/lib/libcrypto/pkcs7/Makefile.ssl b/src/lib/libcrypto/pkcs7/Makefile.ssl deleted file mode 100644 index c3bfc7d560..0000000000 --- a/src/lib/libcrypto/pkcs7/Makefile.ssl +++ /dev/null @@ -1,243 +0,0 @@ -# -# SSLeay/crypto/pkcs7/Makefile -# - -DIR= pkcs7 -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -PEX_LIBS= -EX_LIBS= - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile README -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \ - pk7_mime.c -LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \ - pk7_mime.o - -SRC= $(LIBSRC) - -EXHEADER= pkcs7.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -test: - -all: lib - -testapps: enc dec sign verify - -enc: enc.o lib - $(CC) $(CFLAGS) -o enc enc.o $(PEX_LIBS) $(LIB) $(EX_LIBS) - -dec: dec.o lib - $(CC) $(CFLAGS) -o dec dec.o $(PEX_LIBS) $(LIB) $(EX_LIBS) - -sign: sign.o lib - $(CC) $(CFLAGS) -o sign sign.o $(PEX_LIBS) $(LIB) $(EX_LIBS) - -verify: verify.o example.o lib - $(CC) $(CFLAGS) -o verify verify.o $(PEX_LIBS) example.o $(LIB) $(EX_LIBS) - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -pk7_asn1.o: ../../e_os.h ../../include/openssl/aes.h -pk7_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -pk7_asn1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pk7_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pk7_asn1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pk7_asn1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_asn1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_asn1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pk7_asn1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_asn1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pk7_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pk7_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pk7_asn1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pk7_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pk7_asn1.o: ../cryptlib.h pk7_asn1.c -pk7_attr.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -pk7_attr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pk7_attr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pk7_attr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pk7_attr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_attr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_attr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_attr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_attr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pk7_attr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_attr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pk7_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pk7_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pk7_attr.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pk7_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pk7_attr.o: pk7_attr.c -pk7_doit.o: ../../e_os.h ../../include/openssl/aes.h -pk7_doit.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_doit.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_doit.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -pk7_doit.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_doit.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_doit.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_doit.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_doit.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -pk7_doit.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pk7_doit.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_doit.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk7_doit.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_doit.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_doit.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk7_doit.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk7_doit.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -pk7_doit.o: ../cryptlib.h pk7_doit.c -pk7_lib.o: ../../e_os.h ../../include/openssl/aes.h -pk7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pk7_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pk7_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pk7_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pk7_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pk7_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pk7_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -pk7_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -pk7_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk7_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_lib.c -pk7_mime.o: ../../e_os.h ../../include/openssl/aes.h -pk7_mime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_mime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pk7_mime.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pk7_mime.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pk7_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pk7_mime.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pk7_mime.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pk7_mime.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pk7_mime.o: ../../include/openssl/opensslconf.h -pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pk7_mime.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_mime.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk7_mime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_mime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_mime.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk7_mime.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk7_mime.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_mime.c -pk7_smime.o: ../../e_os.h ../../include/openssl/aes.h -pk7_smime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_smime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -pk7_smime.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_smime.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_smime.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_smime.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_smime.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -pk7_smime.o: ../../include/openssl/objects.h -pk7_smime.o: ../../include/openssl/opensslconf.h -pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pk7_smime.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_smime.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pk7_smime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pk7_smime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pk7_smime.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pk7_smime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pk7_smime.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_smime.c -pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pkcs7err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -pkcs7err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pkcs7err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pkcs7err.o: pkcs7err.c diff --git a/src/lib/libcrypto/pkcs7/pk7_asn1.c b/src/lib/libcrypto/pkcs7/pk7_asn1.c index 1f70d31386..b7ec2883cb 100644 --- a/src/lib/libcrypto/pkcs7/pk7_asn1.c +++ b/src/lib/libcrypto/pkcs7/pk7_asn1.c @@ -77,10 +77,39 @@ ASN1_ADB(PKCS7) = { ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0)) } ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL); -ASN1_NDEF_SEQUENCE(PKCS7) = { +/* PKCS#7 streaming support */ +static int pk7_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) +{ + ASN1_STREAM_ARG *sarg = exarg; + PKCS7 **pp7 = (PKCS7 **)pval; + + switch(operation) + { + + case ASN1_OP_STREAM_PRE: + if (PKCS7_stream(&sarg->boundary, *pp7) <= 0) + return 0; + case ASN1_OP_DETACHED_PRE: + sarg->ndef_bio = PKCS7_dataInit(*pp7, sarg->out); + if (!sarg->ndef_bio) + return 0; + break; + + case ASN1_OP_STREAM_POST: + case ASN1_OP_DETACHED_POST: + if (PKCS7_dataFinal(*pp7, sarg->ndef_bio) <= 0) + return 0; + break; + + } + return 1; +} + +ASN1_NDEF_SEQUENCE_cb(PKCS7, pk7_cb) = { ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT), ASN1_ADB_OBJECT(PKCS7) -}ASN1_NDEF_SEQUENCE_END(PKCS7) +}ASN1_NDEF_SEQUENCE_END_cb(PKCS7, PKCS7) IMPLEMENT_ASN1_FUNCTIONS(PKCS7) IMPLEMENT_ASN1_NDEF_FUNCTION(PKCS7) @@ -98,7 +127,8 @@ ASN1_NDEF_SEQUENCE(PKCS7_SIGNED) = { IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED) /* Minor tweak to operation: free up EVP_PKEY */ -static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { if(operation == ASN1_OP_FREE_POST) { PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval; @@ -140,7 +170,8 @@ ASN1_NDEF_SEQUENCE(PKCS7_ENVELOPE) = { IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE) /* Minor tweak to operation: free up X509 */ -static int ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { if(operation == ASN1_OP_FREE_POST) { PKCS7_RECIP_INFO *ri = (PKCS7_RECIP_INFO *)*pval; @@ -161,7 +192,7 @@ IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO) ASN1_NDEF_SEQUENCE(PKCS7_ENC_CONTENT) = { ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT), ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR), - ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0) + ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING_NDEF, 0) } ASN1_NDEF_SEQUENCE_END(PKCS7_ENC_CONTENT) IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT) @@ -212,3 +243,5 @@ ASN1_ITEM_TEMPLATE(PKCS7_ATTR_VERIFY) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL, V_ASN1_SET, PKCS7_ATTRIBUTES, X509_ATTRIBUTE) ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_VERIFY) + +IMPLEMENT_ASN1_PRINT_FUNCTION(PKCS7) diff --git a/src/lib/libcrypto/pkcs7/pk7_attr.c b/src/lib/libcrypto/pkcs7/pk7_attr.c index d549717169..a97db51210 100644 --- a/src/lib/libcrypto/pkcs7/pk7_attr.c +++ b/src/lib/libcrypto/pkcs7/pk7_attr.c @@ -60,6 +60,7 @@ #include #include #include +#include #include #include #include @@ -68,27 +69,12 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) { ASN1_STRING *seq; - unsigned char *p, *pp; - int len; - len=i2d_ASN1_SET_OF_X509_ALGOR(cap,NULL,i2d_X509_ALGOR, - V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, - IS_SEQUENCE); - if(!(pp=(unsigned char *)OPENSSL_malloc(len))) { - PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); - return 0; - } - p=pp; - i2d_ASN1_SET_OF_X509_ALGOR(cap,&p,i2d_X509_ALGOR, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE); if(!(seq = ASN1_STRING_new())) { PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); return 0; } - if(!ASN1_STRING_set (seq, pp, len)) { - PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); - return 0; - } - OPENSSL_free (pp); + seq->length = ASN1_item_i2d((ASN1_VALUE *)cap,&seq->data, + ASN1_ITEM_rptr(X509_ALGORS)); return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities, V_ASN1_SEQUENCE, seq); } @@ -102,10 +88,9 @@ STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si) if (!cap || (cap->type != V_ASN1_SEQUENCE)) return NULL; p = cap->value.sequence->data; - return d2i_ASN1_SET_OF_X509_ALGOR(NULL, &p, - cap->value.sequence->length, - d2i_X509_ALGOR, X509_ALGOR_free, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); + return (STACK_OF(X509_ALGOR) *) + ASN1_item_d2i(NULL, &p, cap->value.sequence->length, + ASN1_ITEM_rptr(X509_ALGORS)); } /* Basic smime-capabilities OID and optional integer arg */ @@ -139,3 +124,42 @@ int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg) sk_X509_ALGOR_push (sk, alg); return 1; } + +int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid) + { + if (PKCS7_get_signed_attribute(si, NID_pkcs9_contentType)) + return 0; + if (!coid) + coid = OBJ_nid2obj(NID_pkcs7_data); + return PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, + V_ASN1_OBJECT, coid); + } + +int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t) + { + if (!t && !(t=X509_gmtime_adj(NULL,0))) + { + PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME, + ERR_R_MALLOC_FAILURE); + return 0; + } + return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime, + V_ASN1_UTCTIME, t); + } + +int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si, + const unsigned char *md, int mdlen) + { + ASN1_OCTET_STRING *os; + os = ASN1_OCTET_STRING_new(); + if (!os) + return 0; + if (!ASN1_STRING_set(os, md, mdlen) + || !PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest, + V_ASN1_OCTET_STRING, os)) + { + ASN1_OCTET_STRING_free(os); + return 0; + } + return 1; + } diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c index a03d7ebedf..451de84489 100644 --- a/src/lib/libcrypto/pkcs7/pk7_doit.c +++ b/src/lib/libcrypto/pkcs7/pk7_doit.c @@ -138,6 +138,121 @@ static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg) } +static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, + unsigned char *key, int keylen) + { + EVP_PKEY_CTX *pctx = NULL; + EVP_PKEY *pkey = NULL; + unsigned char *ek = NULL; + int ret = 0; + size_t eklen; + + pkey = X509_get_pubkey(ri->cert); + + if (!pkey) + return 0; + + pctx = EVP_PKEY_CTX_new(pkey, NULL); + if (!pctx) + return 0; + + if (EVP_PKEY_encrypt_init(pctx) <= 0) + goto err; + + if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT, + EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) + { + PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, PKCS7_R_CTRL_ERROR); + goto err; + } + + if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0) + goto err; + + ek = OPENSSL_malloc(eklen); + + if (ek == NULL) + { + PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, ERR_R_MALLOC_FAILURE); + goto err; + } + + if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0) + goto err; + + ASN1_STRING_set0(ri->enc_key, ek, eklen); + ek = NULL; + + ret = 1; + + err: + if (pkey) + EVP_PKEY_free(pkey); + if (pctx) + EVP_PKEY_CTX_free(pctx); + if (ek) + OPENSSL_free(ek); + return ret; + + } + + +static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, + PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey) + { + EVP_PKEY_CTX *pctx = NULL; + unsigned char *ek = NULL; + size_t eklen; + + int ret = 0; + + pctx = EVP_PKEY_CTX_new(pkey, NULL); + if (!pctx) + return 0; + + if (EVP_PKEY_decrypt_init(pctx) <= 0) + goto err; + + if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT, + EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) + { + PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR); + goto err; + } + + if (EVP_PKEY_decrypt(pctx, NULL, &eklen, + ri->enc_key->data, ri->enc_key->length) <= 0) + goto err; + + ek = OPENSSL_malloc(eklen); + + if (ek == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE); + goto err; + } + + if (EVP_PKEY_decrypt(pctx, ek, &eklen, + ri->enc_key->data, ri->enc_key->length) <= 0) + { + PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB); + goto err; + } + + ret = 1; + + *pek = ek; + *peklen = eklen; + + err: + if (pctx) + EVP_PKEY_CTX_free(pctx); + if (!ret && ek) + OPENSSL_free(ek); + + return ret; + } + BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) { int i; @@ -148,7 +263,6 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; X509_ALGOR *xalg=NULL; PKCS7_RECIP_INFO *ri=NULL; - EVP_PKEY *pkey; ASN1_OCTET_STRING *os=NULL; i=OBJ_obj2nid(p7->type); @@ -187,6 +301,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) xa = p7->d.digest->md; os = PKCS7_get_octet_string(p7->d.digest->contents); break; + case NID_pkcs7_data: + break; default: PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); goto err; @@ -204,8 +320,6 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) unsigned char key[EVP_MAX_KEY_LENGTH]; unsigned char iv[EVP_MAX_IV_LENGTH]; int keylen,ivlen; - int jj,max; - unsigned char *tmp; EVP_CIPHER_CTX *ctx; if ((btmp=BIO_new(BIO_f_cipher())) == NULL) @@ -234,52 +348,16 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) goto err; } if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0) - goto err; + goto err; } /* Lets do the pub key stuff :-) */ - max=0; for (i=0; icert == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO); - goto err; - } - if ((pkey=X509_get_pubkey(ri->cert)) == NULL) - goto err; - jj=EVP_PKEY_size(pkey); - EVP_PKEY_free(pkey); - if (max < jj) max=jj; - } - if ((tmp=(unsigned char *)OPENSSL_malloc(max)) == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE); - goto err; - } - for (i=0; icert)) == NULL) - goto err; - jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey); - EVP_PKEY_free(pkey); - if (jj <= 0) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB); - OPENSSL_free(tmp); + if (pkcs7_encode_rinfo(ri, key, keylen) <= 0) goto err; - } - if (!M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj)) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT, - ERR_R_MALLOC_FAILURE); - OPENSSL_free(tmp); - goto err; - } } - OPENSSL_free(tmp); OPENSSL_cleanse(key, keylen); if (out == NULL) @@ -303,7 +381,10 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) BIO_set_mem_eof_return(bio,0); } } - BIO_push(out,bio); + if (out) + BIO_push(out,bio); + else + out = bio; bio=NULL; if (0) { @@ -333,7 +414,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) { int i,j; BIO *out=NULL,*btmp=NULL,*etmp=NULL,*bio=NULL; - unsigned char *tmp=NULL; X509_ALGOR *xa; ASN1_OCTET_STRING *data_body=NULL; const EVP_MD *evp_md; @@ -423,7 +503,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) int max; X509_OBJECT ret; #endif - int jj; + unsigned char *ek = NULL; + int eklen; if ((etmp=BIO_new(BIO_f_cipher())) == NULL) { @@ -438,26 +519,21 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) * (if any) */ - if (pcert) { - for (i=0; ienc_key), - M_ASN1_STRING_length(ri->enc_key), - pkey); - if (jj > 0) + if (pkcs7_decrypt_rinfo(&ek, &eklen, + ri, pkey) > 0) break; ERR_clear_error(); ri = NULL; @@ -485,15 +558,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) } else { - jj=EVP_PKEY_decrypt(tmp, - M_ASN1_STRING_data(ri->enc_key), - M_ASN1_STRING_length(ri->enc_key), pkey); - if (jj <= 0) - { - PKCS7err(PKCS7_F_PKCS7_DATADECODE, - ERR_R_EVP_LIB); + if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) <= 0) goto err; - } } evp_ctx=NULL; @@ -503,22 +569,26 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0) goto err; - if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) { + if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) { /* Some S/MIME clients don't use the same key * and effective key length. The key length is * determined by the size of the decrypted RSA key. */ - if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, jj)) + if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) { PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH); goto err; } } - if (EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0) <= 0) + if (EVP_CipherInit_ex(evp_ctx,NULL,NULL,ek,NULL,0) <= 0) goto err; - OPENSSL_cleanse(tmp,jj); + if (ek) + { + OPENSSL_cleanse(ek,eklen); + OPENSSL_free(ek); + } if (out == NULL) out=etmp; @@ -566,8 +636,6 @@ err: if (bio != NULL) BIO_free_all(bio); out=NULL; } - if (tmp != NULL) - OPENSSL_free(tmp); return(out); } @@ -594,13 +662,43 @@ static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid) return NULL; } +static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx) + { + unsigned char md_data[EVP_MAX_MD_SIZE]; + unsigned int md_len; + + /* Add signing time if not already present */ + if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) + { + if (!PKCS7_add0_attrib_signing_time(si, NULL)) + { + PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, + ERR_R_MALLOC_FAILURE); + return 0; + } + } + + /* Add digest */ + EVP_DigestFinal_ex(mctx, md_data,&md_len); + if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) + { + PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE); + return 0; + } + + /* Now sign the attributes */ + if (!PKCS7_SIGNER_INFO_sign(si)) + return 0; + + return 1; + } + + int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) { int ret=0; int i,j; BIO *btmp; - BUF_MEM *buf_mem=NULL; - BUF_MEM *buf=NULL; PKCS7_SIGNER_INFO *si; EVP_MD_CTX *mdc,ctx_tmp; STACK_OF(X509_ATTRIBUTE) *sk; @@ -613,24 +711,37 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) switch (i) { + case NID_pkcs7_data: + os = p7->d.data; + break; case NID_pkcs7_signedAndEnveloped: /* XXXXXXXXXXXXXXXX */ si_sk=p7->d.signed_and_enveloped->signer_info; - if (!(os=M_ASN1_OCTET_STRING_new())) + os = p7->d.signed_and_enveloped->enc_data->enc_data; + if (!os) { - PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); - goto err; + os=M_ASN1_OCTET_STRING_new(); + if (!os) + { + PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); + goto err; + } + p7->d.signed_and_enveloped->enc_data->enc_data=os; } - p7->d.signed_and_enveloped->enc_data->enc_data=os; break; case NID_pkcs7_enveloped: /* XXXXXXXXXXXXXXXX */ - if (!(os=M_ASN1_OCTET_STRING_new())) + os = p7->d.enveloped->enc_data->enc_data; + if (!os) { - PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); - goto err; + os=M_ASN1_OCTET_STRING_new(); + if (!os) + { + PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); + goto err; + } + p7->d.enveloped->enc_data->enc_data=os; } - p7->d.enveloped->enc_data->enc_data=os; break; case NID_pkcs7_signed: si_sk=p7->d.sign->signer_info; @@ -652,21 +763,20 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) } break; + default: + PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); + goto err; } if (si_sk != NULL) { - if ((buf=BUF_MEM_new()) == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_BIO_LIB); - goto err; - } for (i=0; ipkey == NULL) continue; + if (si->pkey == NULL) + continue; - j=OBJ_obj2nid(si->digest_alg->algorithm); + j = OBJ_obj2nid(si->digest_alg->algorithm); btmp=bio; @@ -678,97 +788,33 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) /* We now have the EVP_MD_CTX, lets do the * signing. */ EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); - if (!BUF_MEM_grow_clean(buf,EVP_PKEY_size(si->pkey))) - { - PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_BIO_LIB); - goto err; - } sk=si->auth_attr; /* If there are attributes, we add the digest * attribute and only sign the attributes */ - if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) + if (sk_X509_ATTRIBUTE_num(sk) > 0) { - unsigned char md_data[EVP_MAX_MD_SIZE], *abuf=NULL; - unsigned int md_len, alen; - ASN1_OCTET_STRING *digest; - ASN1_UTCTIME *sign_time; - const EVP_MD *md_tmp; - - /* Add signing time if not already present */ - if (!PKCS7_get_signed_attribute(si, - NID_pkcs9_signingTime)) - { - if (!(sign_time=X509_gmtime_adj(NULL,0))) - { - PKCS7err(PKCS7_F_PKCS7_DATAFINAL, - ERR_R_MALLOC_FAILURE); - goto err; - } - if (!PKCS7_add_signed_attribute(si, - NID_pkcs9_signingTime, - V_ASN1_UTCTIME,sign_time)) - { - M_ASN1_UTCTIME_free(sign_time); - goto err; - } - } - - /* Add digest */ - md_tmp=EVP_MD_CTX_md(&ctx_tmp); - EVP_DigestFinal_ex(&ctx_tmp,md_data,&md_len); - if (!(digest=M_ASN1_OCTET_STRING_new())) - { - PKCS7err(PKCS7_F_PKCS7_DATAFINAL, - ERR_R_MALLOC_FAILURE); + if (!do_pkcs7_signed_attrib(si, &ctx_tmp)) goto err; - } - if (!M_ASN1_OCTET_STRING_set(digest,md_data, - md_len)) - { - PKCS7err(PKCS7_F_PKCS7_DATAFINAL, - ERR_R_MALLOC_FAILURE); - M_ASN1_OCTET_STRING_free(digest); + } + else + { + unsigned char *abuf = NULL; + unsigned int abuflen; + abuflen = EVP_PKEY_size(si->pkey); + abuf = OPENSSL_malloc(abuflen); + if (!abuf) goto err; - } - if (!PKCS7_add_signed_attribute(si, - NID_pkcs9_messageDigest, - V_ASN1_OCTET_STRING,digest)) + + if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, + si->pkey)) { - M_ASN1_OCTET_STRING_free(digest); + PKCS7err(PKCS7_F_PKCS7_DATAFINAL, + ERR_R_EVP_LIB); goto err; } - - /* Now sign the attributes */ - EVP_SignInit_ex(&ctx_tmp,md_tmp,NULL); - alen = ASN1_item_i2d((ASN1_VALUE *)sk,&abuf, - ASN1_ITEM_rptr(PKCS7_ATTR_SIGN)); - if(!abuf) goto err; - EVP_SignUpdate(&ctx_tmp,abuf,alen); - OPENSSL_free(abuf); - } - -#ifndef OPENSSL_NO_DSA - if (si->pkey->type == EVP_PKEY_DSA) - ctx_tmp.digest=EVP_dss1(); -#endif -#ifndef OPENSSL_NO_ECDSA - if (si->pkey->type == EVP_PKEY_EC) - ctx_tmp.digest=EVP_ecdsa(); -#endif - - if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data, - (unsigned int *)&buf->length,si->pkey)) - { - PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_EVP_LIB); - goto err; - } - if (!ASN1_STRING_set(si->enc_digest, - (unsigned char *)buf->data,buf->length)) - { - PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_ASN1_LIB); - goto err; + ASN1_STRING_set0(si->enc_digest, abuf, abuflen); } } } @@ -783,34 +829,90 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); } - if (!PKCS7_is_detached(p7)) + if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) { + char *cont; + long contlen; btmp=BIO_find_type(bio,BIO_TYPE_MEM); if (btmp == NULL) { PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); goto err; } - BIO_get_mem_ptr(btmp,&buf_mem); + contlen = BIO_get_mem_data(btmp, &cont); /* Mark the BIO read only then we can use its copy of the data * instead of making an extra copy. */ BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); BIO_set_mem_eof_return(btmp, 0); - os->data = (unsigned char *)buf_mem->data; - os->length = buf_mem->length; -#if 0 - M_ASN1_OCTET_STRING_set(os, - (unsigned char *)buf_mem->data,buf_mem->length); -#endif + ASN1_STRING_set0(os, (unsigned char *)cont, contlen); } ret=1; err: EVP_MD_CTX_cleanup(&ctx_tmp); - if (buf != NULL) BUF_MEM_free(buf); return(ret); } +int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) + { + EVP_MD_CTX mctx; + EVP_PKEY_CTX *pctx; + unsigned char *abuf = NULL; + int alen; + size_t siglen; + const EVP_MD *md = NULL; + + md = EVP_get_digestbyobj(si->digest_alg->algorithm); + if (md == NULL) + return 0; + + EVP_MD_CTX_init(&mctx); + if (EVP_DigestSignInit(&mctx, &pctx, md,NULL, si->pkey) <= 0) + goto err; + + if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, + EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) + { + PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR); + goto err; + } + + alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr,&abuf, + ASN1_ITEM_rptr(PKCS7_ATTR_SIGN)); + if(!abuf) + goto err; + if (EVP_DigestSignUpdate(&mctx,abuf,alen) <= 0) + goto err; + OPENSSL_free(abuf); + if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0) + goto err; + abuf = OPENSSL_malloc(siglen); + if(!abuf) + goto err; + if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0) + goto err; + + if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, + EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) + { + PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR); + goto err; + } + + EVP_MD_CTX_cleanup(&mctx); + + ASN1_STRING_set0(si->enc_digest, abuf, siglen); + + return 1; + + err: + if (abuf) + OPENSSL_free(abuf); + EVP_MD_CTX_cleanup(&mctx); + return 0; + + } + int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si) { @@ -922,7 +1024,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) { unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL; - unsigned int md_len, alen; + unsigned int md_len; + int alen; ASN1_OCTET_STRING *message_digest; EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len); @@ -954,6 +1057,12 @@ for (ii=0; iitype == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1(); -#endif -#ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_EC) mdc_tmp.digest=EVP_ecdsa(); -#endif i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey); EVP_PKEY_free(pkey); @@ -1107,8 +1210,9 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, if (*sk == NULL) { - if (!(*sk = sk_X509_ATTRIBUTE_new_null())) - return 0; + *sk = sk_X509_ATTRIBUTE_new_null(); + if (*sk == NULL) + return 0; new_attrib: if (!(attr=X509_ATTRIBUTE_create(nid,atrtype,value))) return 0; diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c index f2490941a3..3ca0952792 100644 --- a/src/lib/libcrypto/pkcs7/pk7_lib.c +++ b/src/lib/libcrypto/pkcs7/pk7_lib.c @@ -60,6 +60,7 @@ #include "cryptlib.h" #include #include +#include "asn1_locl.h" long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) { @@ -314,7 +315,7 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) *sk=sk_X509_new_null(); if (*sk == NULL) { - PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,ERR_R_MALLOC_FAILURE); + PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE); return 0; } CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); @@ -365,13 +366,8 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, const EVP_MD *dgst) { - int nid; - char is_dsa; + int ret; - if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_EC) - is_dsa = 1; - else - is_dsa = 0; /* We now need to add another PKCS7_SIGNER_INFO entry */ if (!ASN1_INTEGER_set(p7i->version,1)) goto err; @@ -391,65 +387,55 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, p7i->pkey=pkey; /* Set the algorithms */ - if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1); - else - p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); - if (p7i->digest_alg->parameter != NULL) - ASN1_TYPE_free(p7i->digest_alg->parameter); - if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL) - goto err; - p7i->digest_alg->parameter->type=V_ASN1_NULL; + X509_ALGOR_set0(p7i->digest_alg, OBJ_nid2obj(EVP_MD_type(dgst)), + V_ASN1_NULL, NULL); - if (p7i->digest_enc_alg->parameter != NULL) - ASN1_TYPE_free(p7i->digest_enc_alg->parameter); - nid = EVP_PKEY_type(pkey->type); - if (nid == EVP_PKEY_RSA) + if (pkey->ameth && pkey->ameth->pkey_ctrl) { - p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_rsaEncryption); - if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) - goto err; - p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; - } - else if (nid == EVP_PKEY_DSA) - { -#if 1 - /* use 'dsaEncryption' OID for compatibility with other software - * (PKCS #7 v1.5 does specify how to handle DSA) ... */ - p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsa); -#else - /* ... although the 'dsaWithSHA1' OID (as required by RFC 2630 for CMS) - * would make more sense. */ - p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsaWithSHA1); -#endif - p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit 'parameter'! */ - } - else if (nid == EVP_PKEY_EC) - { - p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1); - if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) - goto err; - p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; + ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN, + 0, p7i); + if (ret > 0) + return 1; + if (ret != -2) + { + PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET, + PKCS7_R_SIGNING_CTRL_FAILURE); + return 0; + } } - else - return(0); - - return(1); + PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET, + PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); err: - return(0); + return 0; } PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, const EVP_MD *dgst) { - PKCS7_SIGNER_INFO *si; + PKCS7_SIGNER_INFO *si = NULL; + + if (dgst == NULL) + { + int def_nid; + if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0) + goto err; + dgst = EVP_get_digestbynid(def_nid); + if (dgst == NULL) + { + PKCS7err(PKCS7_F_PKCS7_ADD_SIGNATURE, + PKCS7_R_NO_DEFAULT_DIGEST); + goto err; + } + } if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err; if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err; if (!PKCS7_add_signer(p7,si)) goto err; return(si); err: - PKCS7_SIGNER_INFO_free(si); + if (si) + PKCS7_SIGNER_INFO_free(si); return(NULL); } @@ -485,6 +471,23 @@ STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) return(NULL); } +void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk, + X509_ALGOR **pdig, X509_ALGOR **psig) + { + if (pk) + *pk = si->pkey; + if (pdig) + *pdig = si->digest_alg; + if (psig) + *psig = si->digest_enc_alg; + } + +void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc) + { + if (penc) + *penc = ri->key_enc_algor; + } + PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) { PKCS7_RECIP_INFO *ri; @@ -492,10 +495,11 @@ PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err; if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err; if (!PKCS7_add_recipient_info(p7,ri)) goto err; - return(ri); + return ri; err: - PKCS7_RECIP_INFO_free(ri); - return(NULL); + if (ri) + PKCS7_RECIP_INFO_free(ri); + return NULL; } int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) @@ -524,6 +528,8 @@ int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) { + int ret; + EVP_PKEY *pkey = NULL; if (!ASN1_INTEGER_set(p7i->version,0)) return 0; if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, @@ -535,14 +541,41 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) return 0; - X509_ALGOR_free(p7i->key_enc_algor); - if (!(p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor))) - return 0; + pkey = X509_get_pubkey(x509); + + if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) + { + PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, + PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); + goto err; + } + + ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT, + 0, p7i); + if (ret == -2) + { + PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, + PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); + goto err; + } + if (ret <= 0) + { + PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET, + PKCS7_R_ENCRYPTION_CTRL_FAILURE); + goto err; + } + + EVP_PKEY_free(pkey); CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); p7i->cert=x509; - return(1); + return 1; + + err: + if (pkey) + EVP_PKEY_free(pkey); + return 0; } X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) @@ -587,3 +620,48 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) return 1; } +int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7) + { + ASN1_OCTET_STRING *os = NULL; + + switch (OBJ_obj2nid(p7->type)) + { + case NID_pkcs7_data: + os = p7->d.data; + break; + + case NID_pkcs7_signedAndEnveloped: + os = p7->d.signed_and_enveloped->enc_data->enc_data; + if (os == NULL) + { + os=M_ASN1_OCTET_STRING_new(); + p7->d.signed_and_enveloped->enc_data->enc_data=os; + } + break; + + case NID_pkcs7_enveloped: + os = p7->d.enveloped->enc_data->enc_data; + if (os == NULL) + { + os=M_ASN1_OCTET_STRING_new(); + p7->d.enveloped->enc_data->enc_data=os; + } + break; + + case NID_pkcs7_signed: + os=p7->d.sign->contents->d.data; + break; + + default: + os = NULL; + break; + } + + if (os == NULL) + return 0; + + os->flags |= ASN1_STRING_FLAG_NDEF; + *boundary = &os->data; + + return 1; + } diff --git a/src/lib/libcrypto/pkcs7/pk7_mime.c b/src/lib/libcrypto/pkcs7/pk7_mime.c index bf190360d7..938f79a646 100644 --- a/src/lib/libcrypto/pkcs7/pk7_mime.c +++ b/src/lib/libcrypto/pkcs7/pk7_mime.c @@ -50,10 +50,6 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * */ #include @@ -61,662 +57,41 @@ #include "cryptlib.h" #include #include +#include -/* MIME and related routines */ - -/* MIME format structures - * Note that all are translated to lower case apart from - * parameter values. Quotes are stripped off - */ - -typedef struct { -char *param_name; /* Param name e.g. "micalg" */ -char *param_value; /* Param value e.g. "sha1" */ -} MIME_PARAM; - -DECLARE_STACK_OF(MIME_PARAM) -IMPLEMENT_STACK_OF(MIME_PARAM) - -typedef struct { -char *name; /* Name of line e.g. "content-type" */ -char *value; /* Value of line e.g. "text/plain" */ -STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */ -} MIME_HEADER; +/* PKCS#7 wrappers round generalised stream and MIME routines */ -DECLARE_STACK_OF(MIME_HEADER) -IMPLEMENT_STACK_OF(MIME_HEADER) - -static int pkcs7_output_data(BIO *bio, BIO *data, PKCS7 *p7, int flags); -static int B64_write_PKCS7(BIO *bio, PKCS7 *p7); -static PKCS7 *B64_read_PKCS7(BIO *bio); -static char * strip_ends(char *name); -static char * strip_start(char *name); -static char * strip_end(char *name); -static MIME_HEADER *mime_hdr_new(char *name, char *value); -static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value); -static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio); -static int mime_hdr_cmp(const MIME_HEADER * const *a, - const MIME_HEADER * const *b); -static int mime_param_cmp(const MIME_PARAM * const *a, - const MIME_PARAM * const *b); -static void mime_param_free(MIME_PARAM *param); -static int mime_bound_check(char *line, int linelen, char *bound, int blen); -static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret); -static int strip_eol(char *linebuf, int *plen); -static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name); -static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name); -static void mime_hdr_free(MIME_HEADER *hdr); - -#define MAX_SMLEN 1024 -#define mime_debug(x) /* x */ - -/* Base 64 read and write of PKCS#7 structure */ - -static int B64_write_PKCS7(BIO *bio, PKCS7 *p7) -{ - BIO *b64; - if(!(b64 = BIO_new(BIO_f_base64()))) { - PKCS7err(PKCS7_F_B64_WRITE_PKCS7,ERR_R_MALLOC_FAILURE); - return 0; +int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags) + { + return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)p7, in, flags, + ASN1_ITEM_rptr(PKCS7)); } - bio = BIO_push(b64, bio); - i2d_PKCS7_bio(bio, p7); - (void)BIO_flush(bio); - bio = BIO_pop(bio); - BIO_free(b64); - return 1; -} -static PKCS7 *B64_read_PKCS7(BIO *bio) -{ - BIO *b64; - PKCS7 *p7; - if(!(b64 = BIO_new(BIO_f_base64()))) { - PKCS7err(PKCS7_F_B64_READ_PKCS7,ERR_R_MALLOC_FAILURE); - return 0; +int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags) + { + return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *) p7, in, flags, + "PKCS7", + ASN1_ITEM_rptr(PKCS7)); } - bio = BIO_push(b64, bio); - if(!(p7 = d2i_PKCS7_bio(bio, NULL))) - PKCS7err(PKCS7_F_B64_READ_PKCS7,PKCS7_R_DECODE_ERROR); - (void)BIO_flush(bio); - bio = BIO_pop(bio); - BIO_free(b64); - return p7; -} - -/* SMIME sender */ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) -{ - char bound[33], c; - int i; - char *mime_prefix, *mime_eol, *msg_type=NULL; - if (flags & PKCS7_NOOLDMIMETYPE) - mime_prefix = "application/pkcs7-"; - else - mime_prefix = "application/x-pkcs7-"; - - if (flags & PKCS7_CRLFEOL) - mime_eol = "\r\n"; - else - mime_eol = "\n"; - if((flags & PKCS7_DETACHED) && data) { - /* We want multipart/signed */ - /* Generate a random boundary */ - RAND_pseudo_bytes((unsigned char *)bound, 32); - for(i = 0; i < 32; i++) { - c = bound[i] & 0xf; - if(c < 10) c += '0'; - else c += 'A' - 10; - bound[i] = c; - } - bound[32] = 0; - BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); - BIO_printf(bio, "Content-Type: multipart/signed;"); - BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix); - BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"%s%s", - bound, mime_eol, mime_eol); - BIO_printf(bio, "This is an S/MIME signed message%s%s", - mime_eol, mime_eol); - /* Now write out the first part */ - BIO_printf(bio, "------%s%s", bound, mime_eol); - pkcs7_output_data(bio, data, p7, flags); - BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol); - - /* Headers for signature */ - - BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix); - BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol); - BIO_printf(bio, "Content-Transfer-Encoding: base64%s", - mime_eol); - BIO_printf(bio, "Content-Disposition: attachment;"); - BIO_printf(bio, " filename=\"smime.p7s\"%s%s", - mime_eol, mime_eol); - B64_write_PKCS7(bio, p7); - BIO_printf(bio,"%s------%s--%s%s", mime_eol, bound, - mime_eol, mime_eol); - return 1; - } - - /* Determine smime-type header */ - - if (PKCS7_type_is_enveloped(p7)) - msg_type = "enveloped-data"; - else if (PKCS7_type_is_signed(p7)) - { - /* If we have any signers it is signed-data othewise - * certs-only. - */ - STACK_OF(PKCS7_SIGNER_INFO) *sinfos; - sinfos = PKCS7_get_signer_info(p7); - if (sk_PKCS7_SIGNER_INFO_num(sinfos) > 0) - msg_type = "signed-data"; - else - msg_type = "certs-only"; - } - /* MIME headers */ - BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); - BIO_printf(bio, "Content-Disposition: attachment;"); - BIO_printf(bio, " filename=\"smime.p7m\"%s", mime_eol); - BIO_printf(bio, "Content-Type: %smime;", mime_prefix); - if (msg_type) - BIO_printf(bio, " smime-type=%s;", msg_type); - BIO_printf(bio, " name=\"smime.p7m\"%s", mime_eol); - BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s", - mime_eol, mime_eol); - B64_write_PKCS7(bio, p7); - BIO_printf(bio, "%s", mime_eol); - return 1; -} - -/* Handle output of PKCS#7 data */ - - -static int pkcs7_output_data(BIO *out, BIO *data, PKCS7 *p7, int flags) { - BIO *tmpbio, *p7bio; - - if (!(flags & PKCS7_STREAM)) - { - SMIME_crlf_copy(data, out, flags); - return 1; - } - - /* Partial sign operation */ - - /* Initialize sign operation */ - p7bio = PKCS7_dataInit(p7, out); - - /* Copy data across, computing digests etc */ - SMIME_crlf_copy(data, p7bio, flags); - - /* Must be detached */ - PKCS7_set_detached(p7, 1); - - /* Finalize signatures */ - PKCS7_dataFinal(p7, p7bio); - - /* Now remove any digests prepended to the BIO */ + STACK_OF(X509_ALGOR) *mdalgs; + int ctype_nid = OBJ_obj2nid(p7->type); + if (ctype_nid == NID_pkcs7_signed) + mdalgs = p7->d.sign->md_algs; + else + mdalgs = NULL; - while (p7bio != out) - { - tmpbio = BIO_pop(p7bio); - BIO_free(p7bio); - p7bio = tmpbio; - } + flags ^= SMIME_OLDMIME; - return 1; + return SMIME_write_ASN1(bio, (ASN1_VALUE *)p7, data, flags, + ctype_nid, NID_undef, mdalgs, + ASN1_ITEM_rptr(PKCS7)); } -/* SMIME reader: handle multipart/signed and opaque signing. - * in multipart case the content is placed in a memory BIO - * pointed to by "bcont". In opaque this is set to NULL - */ - PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont) -{ - BIO *p7in; - STACK_OF(MIME_HEADER) *headers = NULL; - STACK_OF(BIO) *parts = NULL; - MIME_HEADER *hdr; - MIME_PARAM *prm; - PKCS7 *p7; - int ret; - - if(bcont) *bcont = NULL; - - if (!(headers = mime_parse_hdr(bio))) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_PARSE_ERROR); - return NULL; - } - - if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_CONTENT_TYPE); - return NULL; - } - - /* Handle multipart/signed */ - - if(!strcmp(hdr->value, "multipart/signed")) { - /* Split into two parts */ - prm = mime_param_find(hdr, "boundary"); - if(!prm || !prm->param_value) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BOUNDARY); - return NULL; - } - ret = multi_split(bio, prm->param_value, &parts); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - if(!ret || (sk_BIO_num(parts) != 2) ) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BODY_FAILURE); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - - /* Parse the signature piece */ - p7in = sk_BIO_value(parts, 1); - - if (!(headers = mime_parse_hdr(p7in))) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_SIG_PARSE_ERROR); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - - /* Get content type */ - - if(!(hdr = mime_hdr_find(headers, "content-type")) || - !hdr->value) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_SIG_CONTENT_TYPE); - return NULL; - } - - if(strcmp(hdr->value, "application/x-pkcs7-signature") && - strcmp(hdr->value, "application/pkcs7-signature")) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE); - ERR_add_error_data(2, "type: ", hdr->value); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - /* Read in PKCS#7 */ - if(!(p7 = B64_read_PKCS7(p7in))) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_PKCS7_SIG_PARSE_ERROR); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - - if(bcont) { - *bcont = sk_BIO_value(parts, 0); - BIO_free(p7in); - sk_BIO_free(parts); - } else sk_BIO_pop_free(parts, BIO_vfree); - return p7; - } - - /* OK, if not multipart/signed try opaque signature */ - - if (strcmp (hdr->value, "application/x-pkcs7-mime") && - strcmp (hdr->value, "application/pkcs7-mime")) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_INVALID_MIME_TYPE); - ERR_add_error_data(2, "type: ", hdr->value); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - return NULL; - } - - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - - if(!(p7 = B64_read_PKCS7(bio))) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_PKCS7_PARSE_ERROR); - return NULL; - } - return p7; - -} - -/* Split a multipart/XXX message body into component parts: result is - * canonical parts in a STACK of bios - */ - -static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret) -{ - char linebuf[MAX_SMLEN]; - int len, blen; - int eol = 0, next_eol = 0; - BIO *bpart = NULL; - STACK_OF(BIO) *parts; - char state, part, first; - - blen = strlen(bound); - part = 0; - state = 0; - first = 1; - parts = sk_BIO_new_null(); - *ret = parts; - while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { - state = mime_bound_check(linebuf, len, bound, blen); - if(state == 1) { - first = 1; - part++; - } else if(state == 2) { - sk_BIO_push(parts, bpart); - return 1; - } else if(part) { - /* Strip CR+LF from linebuf */ - next_eol = strip_eol(linebuf, &len); - if(first) { - first = 0; - if(bpart) sk_BIO_push(parts, bpart); - bpart = BIO_new(BIO_s_mem()); - BIO_set_mem_eof_return(bpart, 0); - } else if (eol) - BIO_write(bpart, "\r\n", 2); - eol = next_eol; - if (len) - BIO_write(bpart, linebuf, len); - } - } - return 0; -} - -/* This is the big one: parse MIME header lines up to message body */ - -#define MIME_INVALID 0 -#define MIME_START 1 -#define MIME_TYPE 2 -#define MIME_NAME 3 -#define MIME_VALUE 4 -#define MIME_QUOTE 5 -#define MIME_COMMENT 6 - - -static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio) -{ - char *p, *q, c; - char *ntmp; - char linebuf[MAX_SMLEN]; - MIME_HEADER *mhdr = NULL; - STACK_OF(MIME_HEADER) *headers; - int len, state, save_state = 0; - - headers = sk_MIME_HEADER_new(mime_hdr_cmp); - while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { - /* If whitespace at line start then continuation line */ - if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME; - else state = MIME_START; - ntmp = NULL; - /* Go through all characters */ - for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) { - - /* State machine to handle MIME headers - * if this looks horrible that's because it *is* - */ - - switch(state) { - case MIME_START: - if(c == ':') { - state = MIME_TYPE; - *p = 0; - ntmp = strip_ends(q); - q = p + 1; - } - break; - - case MIME_TYPE: - if(c == ';') { - mime_debug("Found End Value\n"); - *p = 0; - mhdr = mime_hdr_new(ntmp, strip_ends(q)); - sk_MIME_HEADER_push(headers, mhdr); - ntmp = NULL; - q = p + 1; - state = MIME_NAME; - } else if(c == '(') { - save_state = state; - state = MIME_COMMENT; - } - break; - - case MIME_COMMENT: - if(c == ')') { - state = save_state; - } - break; - - case MIME_NAME: - if(c == '=') { - state = MIME_VALUE; - *p = 0; - ntmp = strip_ends(q); - q = p + 1; - } - break ; - - case MIME_VALUE: - if(c == ';') { - state = MIME_NAME; - *p = 0; - mime_hdr_addparam(mhdr, ntmp, strip_ends(q)); - ntmp = NULL; - q = p + 1; - } else if (c == '"') { - mime_debug("Found Quote\n"); - state = MIME_QUOTE; - } else if(c == '(') { - save_state = state; - state = MIME_COMMENT; - } - break; - - case MIME_QUOTE: - if(c == '"') { - mime_debug("Found Match Quote\n"); - state = MIME_VALUE; - } - break; - } - } - - if(state == MIME_TYPE) { - mhdr = mime_hdr_new(ntmp, strip_ends(q)); - sk_MIME_HEADER_push(headers, mhdr); - } else if(state == MIME_VALUE) - mime_hdr_addparam(mhdr, ntmp, strip_ends(q)); - if(p == linebuf) break; /* Blank line means end of headers */ -} - -return headers; - -} - -static char *strip_ends(char *name) -{ - return strip_end(strip_start(name)); -} - -/* Strip a parameter of whitespace from start of param */ -static char *strip_start(char *name) -{ - char *p, c; - /* Look for first non white space or quote */ - for(p = name; (c = *p) ;p++) { - if(c == '"') { - /* Next char is start of string if non null */ - if(p[1]) return p + 1; - /* Else null string */ - return NULL; - } - if(!isspace((unsigned char)c)) return p; - } - return NULL; -} - -/* As above but strip from end of string : maybe should handle brackets? */ -static char *strip_end(char *name) -{ - char *p, c; - if(!name) return NULL; - /* Look for first non white space or quote */ - for(p = name + strlen(name) - 1; p >= name ;p--) { - c = *p; - if(c == '"') { - if(p - 1 == name) return NULL; - *p = 0; - return name; - } - if(isspace((unsigned char)c)) *p = 0; - else return name; - } - return NULL; -} - -static MIME_HEADER *mime_hdr_new(char *name, char *value) -{ - MIME_HEADER *mhdr; - char *tmpname, *tmpval, *p; - int c; - if(name) { - if(!(tmpname = BUF_strdup(name))) return NULL; - for(p = tmpname ; *p; p++) { - c = *p; - if(isupper(c)) { - c = tolower(c); - *p = c; - } - } - } else tmpname = NULL; - if(value) { - if(!(tmpval = BUF_strdup(value))) return NULL; - for(p = tmpval ; *p; p++) { - c = *p; - if(isupper(c)) { - c = tolower(c); - *p = c; - } - } - } else tmpval = NULL; - mhdr = (MIME_HEADER *) OPENSSL_malloc(sizeof(MIME_HEADER)); - if(!mhdr) return NULL; - mhdr->name = tmpname; - mhdr->value = tmpval; - if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL; - return mhdr; -} - -static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) -{ - char *tmpname, *tmpval, *p; - int c; - MIME_PARAM *mparam; - if(name) { - tmpname = BUF_strdup(name); - if(!tmpname) return 0; - for(p = tmpname ; *p; p++) { - c = *p; - if(isupper(c)) { - c = tolower(c); - *p = c; - } - } - } else tmpname = NULL; - if(value) { - tmpval = BUF_strdup(value); - if(!tmpval) return 0; - } else tmpval = NULL; - /* Parameter values are case sensitive so leave as is */ - mparam = (MIME_PARAM *) OPENSSL_malloc(sizeof(MIME_PARAM)); - if(!mparam) return 0; - mparam->param_name = tmpname; - mparam->param_value = tmpval; - sk_MIME_PARAM_push(mhdr->params, mparam); - return 1; -} - -static int mime_hdr_cmp(const MIME_HEADER * const *a, - const MIME_HEADER * const *b) -{ - return(strcmp((*a)->name, (*b)->name)); -} - -static int mime_param_cmp(const MIME_PARAM * const *a, - const MIME_PARAM * const *b) -{ - return(strcmp((*a)->param_name, (*b)->param_name)); -} - -/* Find a header with a given name (if possible) */ - -static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name) -{ - MIME_HEADER htmp; - int idx; - htmp.name = name; - idx = sk_MIME_HEADER_find(hdrs, &htmp); - if(idx < 0) return NULL; - return sk_MIME_HEADER_value(hdrs, idx); -} - -static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name) -{ - MIME_PARAM param; - int idx; - param.param_name = name; - idx = sk_MIME_PARAM_find(hdr->params, ¶m); - if(idx < 0) return NULL; - return sk_MIME_PARAM_value(hdr->params, idx); -} - -static void mime_hdr_free(MIME_HEADER *hdr) -{ - if(hdr->name) OPENSSL_free(hdr->name); - if(hdr->value) OPENSSL_free(hdr->value); - if(hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free); - OPENSSL_free(hdr); -} - -static void mime_param_free(MIME_PARAM *param) -{ - if(param->param_name) OPENSSL_free(param->param_name); - if(param->param_value) OPENSSL_free(param->param_value); - OPENSSL_free(param); -} - -/* Check for a multipart boundary. Returns: - * 0 : no boundary - * 1 : part boundary - * 2 : final boundary - */ -static int mime_bound_check(char *line, int linelen, char *bound, int blen) -{ - if(linelen == -1) linelen = strlen(line); - if(blen == -1) blen = strlen(bound); - /* Quickly eliminate if line length too short */ - if(blen + 2 > linelen) return 0; - /* Check for part boundary */ - if(!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) { - if(!strncmp(line + blen + 2, "--", 2)) return 2; - else return 1; - } - return 0; -} - -static int strip_eol(char *linebuf, int *plen) { - int len = *plen; - char *p, c; - int is_eol = 0; - p = linebuf + len - 1; - for (p = linebuf + len - 1; len > 0; len--, p--) - { - c = *p; - if (c == '\n') - is_eol = 1; - else if (c != '\r') - break; - } - *plen = len; - return is_eol; + return (PKCS7 *)SMIME_read_ASN1(bio, bcont, ASN1_ITEM_rptr(PKCS7)); } diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c index fd18ec3d95..86742d0dcd 100644 --- a/src/lib/libcrypto/pkcs7/pk7_smime.c +++ b/src/lib/libcrypto/pkcs7/pk7_smime.c @@ -63,24 +63,19 @@ #include #include +static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si); + PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags) { - PKCS7 *p7 = NULL; - PKCS7_SIGNER_INFO *si; - BIO *p7bio = NULL; - STACK_OF(X509_ALGOR) *smcap = NULL; + PKCS7 *p7; int i; - if(!X509_check_private_key(signcert, pkey)) { - PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); - return NULL; - } - - if(!(p7 = PKCS7_new())) { + if(!(p7 = PKCS7_new())) + { PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); return NULL; - } + } if (!PKCS7_set_type(p7, NID_pkcs7_signed)) goto err; @@ -88,82 +83,185 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, if (!PKCS7_content_new(p7, NID_pkcs7_data)) goto err; - if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) { - PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); + if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) + { + PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNER_ERROR); goto err; - } + } - if(!(flags & PKCS7_NOCERTS)) { - if (!PKCS7_add_certificate(p7, signcert)) - goto err; - if(certs) for(i = 0; i < sk_X509_num(certs); i++) + if(!(flags & PKCS7_NOCERTS)) + { + for(i = 0; i < sk_X509_num(certs); i++) + { if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i))) goto err; - } + } + } - if(!(flags & PKCS7_NOATTR)) { - if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, - V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data))) - goto err; - /* Add SMIMECapabilities */ - if(!(flags & PKCS7_NOSMIMECAP)) + if(flags & PKCS7_DETACHED) + PKCS7_set_detached(p7, 1); + + if (flags & (PKCS7_STREAM|PKCS7_PARTIAL)) + return p7; + + if (PKCS7_final(p7, data, flags)) + return p7; + + err: + PKCS7_free(p7); + return NULL; +} + +int PKCS7_final(PKCS7 *p7, BIO *data, int flags) + { + BIO *p7bio; + int ret = 0; + if (!(p7bio = PKCS7_dataInit(p7, NULL))) { - if(!(smcap = sk_X509_ALGOR_new_null())) { - PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); - goto err; - } -#ifndef OPENSSL_NO_DES - if (!PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1)) - goto err; -#endif -#ifndef OPENSSL_NO_RC2 - if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128)) - goto err; - if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64)) - goto err; -#endif -#ifndef OPENSSL_NO_DES - if (!PKCS7_simple_smimecap (smcap, NID_des_cbc, -1)) - goto err; -#endif -#ifndef OPENSSL_NO_RC2 - if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40)) - goto err; -#endif - if (!PKCS7_add_attrib_smimecap (si, smcap)) - goto err; - sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); - smcap = NULL; + PKCS7err(PKCS7_F_PKCS7_FINAL,ERR_R_MALLOC_FAILURE); + return 0; } - } - if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1); + SMIME_crlf_copy(data, p7bio, flags); - if (flags & PKCS7_STREAM) - return p7; + (void)BIO_flush(p7bio); - if (!(p7bio = PKCS7_dataInit(p7, NULL))) { - PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); + if (!PKCS7_dataFinal(p7,p7bio)) + { + PKCS7err(PKCS7_F_PKCS7_FINAL,PKCS7_R_PKCS7_DATASIGN); goto err; + } + + ret = 1; + + err: + BIO_free_all(p7bio); + + return ret; + } - SMIME_crlf_copy(data, p7bio, flags); +/* Check to see if a cipher exists and if so add S/MIME capabilities */ +static int add_cipher_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg) + { + if (EVP_get_cipherbynid(nid)) + return PKCS7_simple_smimecap(sk, nid, arg); + return 1; + } - if (!PKCS7_dataFinal(p7,p7bio)) { - PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN); - goto err; +static int add_digest_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg) + { + if (EVP_get_digestbynid(nid)) + return PKCS7_simple_smimecap(sk, nid, arg); + return 1; } - BIO_free_all(p7bio); - return p7; -err: - sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); - BIO_free_all(p7bio); - PKCS7_free(p7); +PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, + EVP_PKEY *pkey, const EVP_MD *md, + int flags) + { + PKCS7_SIGNER_INFO *si = NULL; + STACK_OF(X509_ALGOR) *smcap = NULL; + if(!X509_check_private_key(signcert, pkey)) + { + PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, + PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); + return NULL; + } + + if (!(si = PKCS7_add_signature(p7,signcert,pkey, md))) + { + PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, + PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); + return NULL; + } + + if(!(flags & PKCS7_NOCERTS)) + { + if (!PKCS7_add_certificate(p7, signcert)) + goto err; + } + + if(!(flags & PKCS7_NOATTR)) + { + if (!PKCS7_add_attrib_content_type(si, NULL)) + goto err; + /* Add SMIMECapabilities */ + if(!(flags & PKCS7_NOSMIMECAP)) + { + if(!(smcap = sk_X509_ALGOR_new_null())) + { + PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, + ERR_R_MALLOC_FAILURE); + goto err; + } + if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1) + || !add_digest_smcap(smcap, NID_id_GostR3411_94, -1) + || !add_cipher_smcap(smcap, NID_id_Gost28147_89, -1) + || !add_cipher_smcap(smcap, NID_aes_192_cbc, -1) + || !add_cipher_smcap(smcap, NID_aes_128_cbc, -1) + || !add_cipher_smcap(smcap, NID_des_ede3_cbc, -1) + || !add_cipher_smcap(smcap, NID_rc2_cbc, 128) + || !add_cipher_smcap(smcap, NID_rc2_cbc, 64) + || !add_cipher_smcap(smcap, NID_des_cbc, -1) + || !add_cipher_smcap(smcap, NID_rc2_cbc, 40) + || !PKCS7_add_attrib_smimecap (si, smcap)) + goto err; + sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); + smcap = NULL; + } + if (flags & PKCS7_REUSE_DIGEST) + { + if (!pkcs7_copy_existing_digest(p7, si)) + goto err; + if (!(flags & PKCS7_PARTIAL) && + !PKCS7_SIGNER_INFO_sign(si)) + goto err; + } + } + return si; + err: + if (smcap) + sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); return NULL; -} + } + +/* Search for a digest matching SignerInfo digest type and if found + * copy across. + */ + +static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si) + { + int i; + STACK_OF(PKCS7_SIGNER_INFO) *sinfos; + PKCS7_SIGNER_INFO *sitmp; + ASN1_OCTET_STRING *osdig = NULL; + sinfos = PKCS7_get_signer_info(p7); + for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) + { + sitmp = sk_PKCS7_SIGNER_INFO_value(sinfos, i); + if (si == sitmp) + break; + if (sk_X509_ATTRIBUTE_num(sitmp->auth_attr) <= 0) + continue; + if (!OBJ_cmp(si->digest_alg->algorithm, + sitmp->digest_alg->algorithm)) + { + osdig = PKCS7_digest_from_attributes(sitmp->auth_attr); + break; + } + + } + + if (osdig) + return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length); + + PKCS7err(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST, + PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND); + return 0; + } int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags) @@ -354,7 +452,7 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) if(sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) { PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_NO_SIGNERS); - return NULL; + return 0; } if(!(signers = sk_X509_new_null())) { @@ -377,12 +475,12 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) if (!signer) { PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); sk_X509_free(signers); - return NULL; + return 0; } if (!sk_X509_push(signers, signer)) { - sk_X509_free(signers); - return NULL; + sk_X509_free(signers); + return NULL; } } return signers; @@ -405,7 +503,7 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, if (!PKCS7_set_type(p7, NID_pkcs7_enveloped)) goto err; - if(!PKCS7_set_cipher(p7, cipher)) { + if (!PKCS7_set_cipher(p7, cipher)) { PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_ERROR_SETTING_CIPHER); goto err; } @@ -419,22 +517,11 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, } } - if(!(p7bio = PKCS7_dataInit(p7, NULL))) { - PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - SMIME_crlf_copy(in, p7bio, flags); - - (void)BIO_flush(p7bio); - - if (!PKCS7_dataFinal(p7,p7bio)) { - PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_PKCS7_DATAFINAL_ERROR); - goto err; - } - BIO_free_all(p7bio); + if (flags & PKCS7_STREAM) + return p7; - return p7; + if (PKCS7_final(p7, in, flags)) + return p7; err: diff --git a/src/lib/libcrypto/pkcs7/pkcs7.h b/src/lib/libcrypto/pkcs7/pkcs7.h index cc092d262d..e4d443193c 100644 --- a/src/lib/libcrypto/pkcs7/pkcs7.h +++ b/src/lib/libcrypto/pkcs7/pkcs7.h @@ -232,6 +232,9 @@ DECLARE_PKCS12_STACK_OF(PKCS7) #define PKCS7_type_is_signedAndEnveloped(a) \ (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) #define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) +#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) +#define PKCS7_type_is_encrypted(a) \ + (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) #define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) @@ -242,14 +245,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7) #define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7)) -#ifdef SSLEAY_MACROS -#ifndef PKCS7_ISSUER_AND_SERIAL_digest -#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ - ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ - (char *)data,md,len) -#endif -#endif - /* S/MIME related flags */ #define PKCS7_TEXT 0x1 @@ -266,6 +261,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7) #define PKCS7_CRLFEOL 0x800 #define PKCS7_STREAM 0x1000 #define PKCS7_NOCRL 0x2000 +#define PKCS7_PARTIAL 0x4000 +#define PKCS7_REUSE_DIGEST 0x8000 /* Flags: for compatibility with older code */ @@ -281,7 +278,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7) DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL) -#ifndef SSLEAY_MACROS int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type, unsigned char *md,unsigned int *len); #ifndef OPENSSL_NO_FP_API @@ -291,7 +287,8 @@ int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7); PKCS7 *PKCS7_dup(PKCS7 *p7); PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7); int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7); -#endif +int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags); +int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags); DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO) DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO) @@ -307,6 +304,7 @@ DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN) DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY) DECLARE_ASN1_NDEF_FUNCTION(PKCS7) +DECLARE_ASN1_PRINT_FUNCTION(PKCS7) long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg); @@ -315,6 +313,7 @@ int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other); int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data); int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, const EVP_MD *dgst); +int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si); int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i); int PKCS7_add_certificate(PKCS7 *p7, X509 *x509); int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509); @@ -336,9 +335,13 @@ int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md); STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7); PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509); +void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk, + X509_ALGOR **pdig, X509_ALGOR **psig); +void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc); int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri); int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509); int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher); +int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7); PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx); ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk); @@ -355,6 +358,12 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,STACK_OF(X509_ATTRIBUTE) *sk); PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags); + +PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, + X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, + int flags); + +int PKCS7_final(PKCS7 *p7, BIO *data, int flags); int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags); STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); @@ -367,10 +376,16 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si); int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg); +int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid); +int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t); +int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si, + const unsigned char *md, int mdlen); + int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags); PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont); -int SMIME_crlf_copy(BIO *in, BIO *out, int flags); -int SMIME_text(BIO *in, BIO *out); + +BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -383,12 +398,17 @@ void ERR_load_PKCS7_strings(void); /* Function codes. */ #define PKCS7_F_B64_READ_PKCS7 120 #define PKCS7_F_B64_WRITE_PKCS7 121 +#define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136 +#define PKCS7_F_I2D_PKCS7_BIO_STREAM 140 +#define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135 #define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118 #define PKCS7_F_PKCS7_ADD_CERTIFICATE 100 #define PKCS7_F_PKCS7_ADD_CRL 101 #define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102 +#define PKCS7_F_PKCS7_ADD_SIGNATURE 131 #define PKCS7_F_PKCS7_ADD_SIGNER 103 #define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125 +#define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138 #define PKCS7_F_PKCS7_CTRL 104 #define PKCS7_F_PKCS7_DATADECODE 112 #define PKCS7_F_PKCS7_DATAFINAL 128 @@ -396,15 +416,22 @@ void ERR_load_PKCS7_strings(void); #define PKCS7_F_PKCS7_DATASIGN 106 #define PKCS7_F_PKCS7_DATAVERIFY 107 #define PKCS7_F_PKCS7_DECRYPT 114 +#define PKCS7_F_PKCS7_DECRYPT_RINFO 133 +#define PKCS7_F_PKCS7_ENCODE_RINFO 132 #define PKCS7_F_PKCS7_ENCRYPT 115 +#define PKCS7_F_PKCS7_FINAL 134 #define PKCS7_F_PKCS7_FIND_DIGEST 127 #define PKCS7_F_PKCS7_GET0_SIGNERS 124 +#define PKCS7_F_PKCS7_RECIP_INFO_SET 130 #define PKCS7_F_PKCS7_SET_CIPHER 108 #define PKCS7_F_PKCS7_SET_CONTENT 109 #define PKCS7_F_PKCS7_SET_DIGEST 126 #define PKCS7_F_PKCS7_SET_TYPE 110 #define PKCS7_F_PKCS7_SIGN 116 #define PKCS7_F_PKCS7_SIGNATUREVERIFY 113 +#define PKCS7_F_PKCS7_SIGNER_INFO_SET 129 +#define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139 +#define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137 #define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119 #define PKCS7_F_PKCS7_VERIFY 117 #define PKCS7_F_SMIME_READ_PKCS7 122 @@ -415,10 +442,13 @@ void ERR_load_PKCS7_strings(void); #define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144 #define PKCS7_R_CIPHER_NOT_INITIALIZED 116 #define PKCS7_R_CONTENT_AND_DATA_PRESENT 118 +#define PKCS7_R_CTRL_ERROR 152 #define PKCS7_R_DECODE_ERROR 130 #define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100 #define PKCS7_R_DECRYPT_ERROR 119 #define PKCS7_R_DIGEST_FAILURE 101 +#define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149 +#define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150 #define PKCS7_R_ERROR_ADDING_RECIPIENT 120 #define PKCS7_R_ERROR_SETTING_CIPHER 121 #define PKCS7_R_INVALID_MIME_TYPE 131 @@ -429,6 +459,8 @@ void ERR_load_PKCS7_strings(void); #define PKCS7_R_MISSING_CERIPEND_INFO 103 #define PKCS7_R_NO_CONTENT 122 #define PKCS7_R_NO_CONTENT_TYPE 135 +#define PKCS7_R_NO_DEFAULT_DIGEST 151 +#define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154 #define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136 #define PKCS7_R_NO_MULTIPART_BOUNDARY 137 #define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115 @@ -438,6 +470,7 @@ void ERR_load_PKCS7_strings(void); #define PKCS7_R_NO_SIG_CONTENT_TYPE 138 #define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104 #define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124 +#define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153 #define PKCS7_R_PKCS7_DATAFINAL 126 #define PKCS7_R_PKCS7_DATAFINAL_ERROR 125 #define PKCS7_R_PKCS7_DATASIGN 145 @@ -446,6 +479,8 @@ void ERR_load_PKCS7_strings(void); #define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127 #define PKCS7_R_SIGNATURE_FAILURE 105 #define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128 +#define PKCS7_R_SIGNING_CTRL_FAILURE 147 +#define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148 #define PKCS7_R_SIG_INVALID_MIME_TYPE 141 #define PKCS7_R_SMIME_TEXT_ERROR 129 #define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106 diff --git a/src/lib/libcrypto/pkcs7/pkcs7err.c b/src/lib/libcrypto/pkcs7/pkcs7err.c index c0e3d4cd33..d0af32a265 100644 --- a/src/lib/libcrypto/pkcs7/pkcs7err.c +++ b/src/lib/libcrypto/pkcs7/pkcs7err.c @@ -1,6 +1,6 @@ /* crypto/pkcs7/pkcs7err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -72,12 +72,17 @@ static ERR_STRING_DATA PKCS7_str_functs[]= { {ERR_FUNC(PKCS7_F_B64_READ_PKCS7), "B64_READ_PKCS7"}, {ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7), "B64_WRITE_PKCS7"}, +{ERR_FUNC(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB), "DO_PKCS7_SIGNED_ATTRIB"}, +{ERR_FUNC(PKCS7_F_I2D_PKCS7_BIO_STREAM), "i2d_PKCS7_bio_stream"}, +{ERR_FUNC(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME), "PKCS7_add0_attrib_signing_time"}, {ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP), "PKCS7_add_attrib_smimecap"}, {ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE), "PKCS7_add_certificate"}, {ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"}, {ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"}, +{ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNATURE), "PKCS7_add_signature"}, {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"}, {ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST), "PKCS7_BIO_ADD_DIGEST"}, +{ERR_FUNC(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST), "PKCS7_COPY_EXISTING_DIGEST"}, {ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"}, {ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"}, {ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL), "PKCS7_dataFinal"}, @@ -85,15 +90,22 @@ static ERR_STRING_DATA PKCS7_str_functs[]= {ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"}, {ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"}, {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"}, +{ERR_FUNC(PKCS7_F_PKCS7_DECRYPT_RINFO), "PKCS7_DECRYPT_RINFO"}, +{ERR_FUNC(PKCS7_F_PKCS7_ENCODE_RINFO), "PKCS7_ENCODE_RINFO"}, {ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT), "PKCS7_encrypt"}, +{ERR_FUNC(PKCS7_F_PKCS7_FINAL), "PKCS7_final"}, {ERR_FUNC(PKCS7_F_PKCS7_FIND_DIGEST), "PKCS7_FIND_DIGEST"}, {ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS), "PKCS7_get0_signers"}, +{ERR_FUNC(PKCS7_F_PKCS7_RECIP_INFO_SET), "PKCS7_RECIP_INFO_set"}, {ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER), "PKCS7_set_cipher"}, {ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT), "PKCS7_set_content"}, {ERR_FUNC(PKCS7_F_PKCS7_SET_DIGEST), "PKCS7_set_digest"}, {ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE), "PKCS7_set_type"}, {ERR_FUNC(PKCS7_F_PKCS7_SIGN), "PKCS7_sign"}, {ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY), "PKCS7_signatureVerify"}, +{ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SET), "PKCS7_SIGNER_INFO_set"}, +{ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SIGN), "PKCS7_SIGNER_INFO_sign"}, +{ERR_FUNC(PKCS7_F_PKCS7_SIGN_ADD_SIGNER), "PKCS7_sign_add_signer"}, {ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP), "PKCS7_simple_smimecap"}, {ERR_FUNC(PKCS7_F_PKCS7_VERIFY), "PKCS7_verify"}, {ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7), "SMIME_read_PKCS7"}, @@ -107,10 +119,13 @@ static ERR_STRING_DATA PKCS7_str_reasons[]= {ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),"cipher has no object identifier"}, {ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED),"cipher not initialized"}, {ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),"content and data present"}, +{ERR_REASON(PKCS7_R_CTRL_ERROR) ,"ctrl error"}, {ERR_REASON(PKCS7_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),"decrypted key is wrong length"}, {ERR_REASON(PKCS7_R_DECRYPT_ERROR) ,"decrypt error"}, {ERR_REASON(PKCS7_R_DIGEST_FAILURE) ,"digest failure"}, +{ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE),"encryption ctrl failure"}, +{ERR_REASON(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),"encryption not supported for this key type"}, {ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT),"error adding recipient"}, {ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER),"error setting cipher"}, {ERR_REASON(PKCS7_R_INVALID_MIME_TYPE) ,"invalid mime type"}, @@ -121,6 +136,8 @@ static ERR_STRING_DATA PKCS7_str_reasons[]= {ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO),"missing ceripend info"}, {ERR_REASON(PKCS7_R_NO_CONTENT) ,"no content"}, {ERR_REASON(PKCS7_R_NO_CONTENT_TYPE) ,"no content type"}, +{ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST) ,"no default digest"}, +{ERR_REASON(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND),"no matching digest type found"}, {ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"}, {ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"}, {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),"no recipient matches certificate"}, @@ -130,6 +147,7 @@ static ERR_STRING_DATA PKCS7_str_reasons[]= {ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"}, {ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),"operation not supported on this type"}, {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),"pkcs7 add signature error"}, +{ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNER_ERROR),"pkcs7 add signer error"}, {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL) ,"pkcs7 datafinal"}, {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR),"pkcs7 datafinal error"}, {ERR_REASON(PKCS7_R_PKCS7_DATASIGN) ,"pkcs7 datasign"}, @@ -138,6 +156,8 @@ static ERR_STRING_DATA PKCS7_str_reasons[]= {ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),"private key does not match certificate"}, {ERR_REASON(PKCS7_R_SIGNATURE_FAILURE) ,"signature failure"}, {ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND),"signer certificate not found"}, +{ERR_REASON(PKCS7_R_SIGNING_CTRL_FAILURE),"signing ctrl failure"}, +{ERR_REASON(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),"signing not supported for this key type"}, {ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE),"sig invalid mime type"}, {ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR) ,"smime text error"}, {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),"unable to find certificate"}, diff --git a/src/lib/libcrypto/pqueue/pq_compat.h b/src/lib/libcrypto/pqueue/pq_compat.h deleted file mode 100644 index 7b2c32725c..0000000000 --- a/src/lib/libcrypto/pqueue/pq_compat.h +++ /dev/null @@ -1,152 +0,0 @@ -/* crypto/pqueue/pqueue_compat.h */ -/* - * DTLS implementation written by Nagendra Modadugu - * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. - */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_PQ_COMPAT_H -#define HEADER_PQ_COMPAT_H - -#include -#include - -/* - * The purpose of this header file is for supporting 64-bit integer - * manipulation on 32-bit (and lower) machines. Currently the only - * such environment is VMS, Utrix and those with smaller default integer - * sizes than 32 bits. For all such environment, we fall back to using - * BIGNUM. We may need to fine tune the conditions for systems that - * are incorrectly configured. - * - * The only clients of this code are (1) pqueue for priority, and - * (2) DTLS, for sequence number manipulation. - */ - -#if (defined(THIRTY_TWO_BIT) && !defined(BN_LLONG)) || defined(SIXTEEN_BIT) || defined(EIGHT_BIT) - -#define PQ_64BIT_IS_INTEGER 0 -#define PQ_64BIT_IS_BIGNUM 1 - -#define PQ_64BIT BIGNUM -#define PQ_64BIT_CTX BN_CTX - -#define pq_64bit_init(x) BN_init(x) -#define pq_64bit_free(x) BN_free(x) - -#define pq_64bit_ctx_new(ctx) BN_CTX_new() -#define pq_64bit_ctx_free(x) BN_CTX_free(x) - -#define pq_64bit_assign(x, y) BN_copy(x, y) -#define pq_64bit_assign_word(x, y) BN_set_word(x, y) -#define pq_64bit_gt(x, y) BN_ucmp(x, y) >= 1 ? 1 : 0 -#define pq_64bit_eq(x, y) BN_ucmp(x, y) == 0 ? 1 : 0 -#define pq_64bit_add_word(x, w) BN_add_word(x, w) -#define pq_64bit_sub(r, x, y) BN_sub(r, x, y) -#define pq_64bit_sub_word(x, w) BN_sub_word(x, w) -#define pq_64bit_mod(r, x, n, ctx) BN_mod(r, x, n, ctx) - -#define pq_64bit_bin2num(bn, bytes, len) BN_bin2bn(bytes, len, bn) -#define pq_64bit_num2bin(bn, bytes) BN_bn2bin(bn, bytes) -#define pq_64bit_get_word(x) BN_get_word(x) -#define pq_64bit_is_bit_set(x, offset) BN_is_bit_set(x, offset) -#define pq_64bit_lshift(r, x, shift) BN_lshift(r, x, shift) -#define pq_64bit_set_bit(x, num) BN_set_bit(x, num) -#define pq_64bit_get_length(x) BN_num_bits((x)) - -#else - -#define PQ_64BIT_IS_INTEGER 1 -#define PQ_64BIT_IS_BIGNUM 0 - -#if defined(SIXTY_FOUR_BIT) -#define PQ_64BIT BN_ULONG -#define PQ_64BIT_PRINT "%lld" -#elif defined(SIXTY_FOUR_BIT_LONG) -#define PQ_64BIT BN_ULONG -#define PQ_64BIT_PRINT "%ld" -#elif defined(THIRTY_TWO_BIT) -#define PQ_64BIT BN_ULLONG -#define PQ_64BIT_PRINT "%lld" -#endif - -#define PQ_64BIT_CTX void - -#define pq_64bit_init(x) -#define pq_64bit_free(x) -#define pq_64bit_ctx_new(ctx) (ctx) -#define pq_64bit_ctx_free(x) - -#define pq_64bit_assign(x, y) (*(x) = *(y)) -#define pq_64bit_assign_word(x, y) (*(x) = y) -#define pq_64bit_gt(x, y) (*(x) > *(y)) -#define pq_64bit_eq(x, y) (*(x) == *(y)) -#define pq_64bit_add_word(x, w) (*(x) = (*(x) + (w))) -#define pq_64bit_sub(r, x, y) (*(r) = (*(x) - *(y))) -#define pq_64bit_sub_word(x, w) (*(x) = (*(x) - (w))) -#define pq_64bit_mod(r, x, n, ctx) - -#define pq_64bit_bin2num(num, bytes, len) bytes_to_long_long(bytes, num) -#define pq_64bit_num2bin(num, bytes) long_long_to_bytes(num, bytes) -#define pq_64bit_get_word(x) *(x) -#define pq_64bit_lshift(r, x, shift) (*(r) = (*(x) << (shift))) -#define pq_64bit_set_bit(x, num) do { \ - PQ_64BIT mask = 1; \ - mask = mask << (num); \ - *(x) |= mask; \ - } while(0) -#endif /* OPENSSL_SYS_VMS */ - -#endif diff --git a/src/lib/libcrypto/rand/Makefile b/src/lib/libcrypto/rand/Makefile index 30794305cb..27694aa664 100644 --- a/src/lib/libcrypto/rand/Makefile +++ b/src/lib/libcrypto/rand/Makefile @@ -17,9 +17,9 @@ TEST= randtest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=md_rand.c randfile.c rand_lib.c rand_eng.c rand_err.c rand_egd.c \ +LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \ rand_win.c rand_unix.c rand_os2.c rand_nw.c -LIBOBJ=md_rand.o randfile.o rand_lib.o rand_eng.o rand_err.o rand_egd.o \ +LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \ rand_win.o rand_unix.o rand_os2.o rand_nw.o SRC= $(LIBSRC) @@ -35,7 +35,7 @@ top: all: lib lib: $(LIBOBJ) - $(ARX) $(LIB) $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -79,34 +79,17 @@ clean: md_rand.o: ../../e_os.h ../../include/openssl/asn1.h md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md_rand.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -md_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -md_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -md_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -md_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -md_rand.o: ../../include/openssl/symhacks.h md_rand.c rand_lcl.h +md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +md_rand.o: md_rand.c rand_lcl.h rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h rand_egd.o: ../../include/openssl/opensslconf.h rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h rand_egd.o: rand_egd.c -rand_eng.o: ../../e_os.h ../../include/openssl/asn1.h -rand_eng.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -rand_eng.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_eng.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -rand_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -rand_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -rand_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_eng.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h -rand_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -rand_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -rand_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -rand_eng.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_eng.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_eng.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_eng.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -rand_eng.o: ../cryptlib.h rand_eng.c rand_lcl.h rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h @@ -116,39 +99,34 @@ rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h rand_err.o: rand_err.c rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -rand_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h +rand_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h rand_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h rand_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_lib.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rand_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h rand_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -rand_lib.o: ../cryptlib.h rand_lcl.h rand_lib.c +rand_lib.o: ../cryptlib.h rand_lib.c rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_nw.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -rand_nw.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rand_nw.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -rand_nw.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -rand_nw.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_nw.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_nw.o: ../cryptlib.h rand_lcl.h rand_nw.c +rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_os2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -rand_os2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rand_os2.o: ../../include/openssl/opensslconf.h +rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h @@ -158,8 +136,8 @@ rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_unix.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -rand_unix.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_unix.o: ../../include/openssl/objects.h rand_unix.o: ../../include/openssl/opensslconf.h rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h @@ -170,9 +148,8 @@ rand_win.o: ../../e_os.h ../../include/openssl/asn1.h rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_win.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rand_win.o: ../../include/openssl/opensslconf.h +rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h diff --git a/src/lib/libcrypto/rand/Makefile.ssl b/src/lib/libcrypto/rand/Makefile.ssl deleted file mode 100644 index e5cbe5319c..0000000000 --- a/src/lib/libcrypto/rand/Makefile.ssl +++ /dev/null @@ -1,196 +0,0 @@ -# -# SSLeay/crypto/rand/Makefile -# - -DIR= rand -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= randtest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \ - rand_win.c rand_unix.c rand_os2.c -LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \ - rand_win.o rand_unix.o rand_os2.o - -SRC= $(LIBSRC) - -EXHEADER= rand.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -md_rand.o: ../../e_os.h ../../include/openssl/aes.h -md_rand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -md_rand.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -md_rand.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -md_rand.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -md_rand.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md_rand.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -md_rand.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -md_rand.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -md_rand.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -md_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -md_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -md_rand.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -md_rand.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -md_rand.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -md_rand.o: md_rand.c rand_lcl.h -rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h -rand_egd.o: ../../include/openssl/opensslconf.h -rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -rand_egd.o: rand_egd.c -rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_err.o: rand_err.c -rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h -rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rand_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -rand_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -rand_lib.o: ../../include/openssl/opensslconf.h -rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rand_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -rand_lib.o: ../cryptlib.h rand_lib.c -rand_os2.o: ../../e_os.h ../../include/openssl/aes.h -rand_os2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rand_os2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rand_os2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_os2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rand_os2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_os2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rand_os2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rand_os2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rand_os2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rand_os2.o: ../../include/openssl/opensslconf.h -rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rand_os2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rand_os2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rand_os2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_os2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_os2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_os2.o: ../cryptlib.h rand_lcl.h rand_os2.c -rand_unix.o: ../../e_os.h ../../include/openssl/aes.h -rand_unix.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rand_unix.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rand_unix.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_unix.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rand_unix.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_unix.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rand_unix.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rand_unix.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rand_unix.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rand_unix.o: ../../include/openssl/opensslconf.h -rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rand_unix.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rand_unix.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rand_unix.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_unix.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_unix.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_unix.o: ../cryptlib.h rand_lcl.h rand_unix.c -rand_win.o: ../../e_os.h ../../include/openssl/aes.h -rand_win.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rand_win.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rand_win.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_win.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rand_win.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_win.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rand_win.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rand_win.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rand_win.o: ../../include/openssl/opensslconf.h -rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_win.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rand_win.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rand_win.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rand_win.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_win.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_win.o: ../cryptlib.h rand_lcl.h rand_win.c -randfile.o: ../../e_os.h ../../include/openssl/buffer.h -randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -randfile.o: ../../include/openssl/opensslconf.h -randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -randfile.o: randfile.c diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c index 0f8dd3e00f..88088ce73c 100644 --- a/src/lib/libcrypto/rand/md_rand.c +++ b/src/lib/libcrypto/rand/md_rand.c @@ -126,10 +126,6 @@ #include #include -#ifdef OPENSSL_FIPS -#include -#endif - #ifdef BN_DEBUG # define PREDICT @@ -149,7 +145,7 @@ static unsigned int crypto_lock_rand = 0; /* may be set only when a thread * holds CRYPTO_LOCK_RAND * (to prevent double locking) */ /* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */ -static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */ +static CRYPTO_THREADID locking_threadid; /* valid iff crypto_lock_rand is set */ #ifdef PREDICT @@ -217,8 +213,10 @@ static void ssleay_rand_add(const void *buf, int num, double add) /* check if we already have the lock */ if (crypto_lock_rand) { + CRYPTO_THREADID cur; + CRYPTO_THREADID_current(&cur); CRYPTO_r_lock(CRYPTO_LOCK_RAND2); - do_not_lock = (locking_thread == CRYPTO_thread_id()); + do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur); CRYPTO_r_unlock(CRYPTO_LOCK_RAND2); } else @@ -274,8 +272,16 @@ static void ssleay_rand_add(const void *buf, int num, double add) } else MD_Update(&m,&(state[st_idx]),j); - + + /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */ MD_Update(&m,buf,j); + /* We know that line may cause programs such as + purify and valgrind to complain about use of + uninitialized data. The problem is not, it's + with the caller. Removing that line will make + sure you get really bad randomness and thereby + other problems such as very insecure keys. */ + MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); MD_Final(&m,local_md); md_c[1]++; @@ -336,14 +342,6 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) #endif int do_stir_pool = 0; -#ifdef OPENSSL_FIPS - if(FIPS_mode()) - { - FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD); - return 0; - } -#endif - #ifdef PREDICT if (rand_predictable) { @@ -384,7 +382,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ CRYPTO_w_lock(CRYPTO_LOCK_RAND2); - locking_thread = CRYPTO_thread_id(); + CRYPTO_THREADID_current(&locking_threadid); CRYPTO_w_unlock(CRYPTO_LOCK_RAND2); crypto_lock_rand = 1; @@ -476,9 +474,15 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) #endif MD_Update(&m,local_md,MD_DIGEST_LENGTH); MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); -#ifndef PURIFY - MD_Update(&m,buf,j); /* purify complains */ + +#ifndef PURIFY /* purify complains */ + /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */ + MD_Update(&m,buf,j); + /* We know that line may cause programs such as + purify and valgrind to complain about use of + uninitialized data. */ #endif + k=(st_idx+MD_DIGEST_LENGTH/2)-st_num; if (k > 0) { @@ -539,15 +543,17 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) static int ssleay_rand_status(void) { + CRYPTO_THREADID cur; int ret; int do_not_lock; + CRYPTO_THREADID_current(&cur); /* check if we already have the lock * (could happen if a RAND_poll() implementation calls RAND_status()) */ if (crypto_lock_rand) { CRYPTO_r_lock(CRYPTO_LOCK_RAND2); - do_not_lock = (locking_thread == CRYPTO_thread_id()); + do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur); CRYPTO_r_unlock(CRYPTO_LOCK_RAND2); } else @@ -559,7 +565,7 @@ static int ssleay_rand_status(void) /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ CRYPTO_w_lock(CRYPTO_LOCK_RAND2); - locking_thread = CRYPTO_thread_id(); + CRYPTO_THREADID_cpy(&locking_threadid, &cur); CRYPTO_w_unlock(CRYPTO_LOCK_RAND2); crypto_lock_rand = 1; } diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h index ea89153cba..ac6c021763 100644 --- a/src/lib/libcrypto/rand/rand.h +++ b/src/lib/libcrypto/rand/rand.h @@ -72,7 +72,7 @@ extern "C" { #endif #if defined(OPENSSL_FIPS) -#define FIPS_RAND_SIZE_T int +#define FIPS_RAND_SIZE_T size_t #endif /* Already defined in ossl_typ.h */ @@ -111,15 +111,6 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes); int RAND_egd(const char *path); int RAND_egd_bytes(const char *path,int bytes); int RAND_poll(void); -#ifndef OPENSSL_NO_ENGINE -#ifdef OPENSSL_FIPS -void int_RAND_init_engine_callbacks(void); -void int_RAND_set_callbacks( - int (*set_rand_func)(const RAND_METHOD *meth, - const RAND_METHOD **pmeth), - const RAND_METHOD *(*get_rand_func)(const RAND_METHOD **pmeth)); -#endif -#endif #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) @@ -137,29 +128,11 @@ void ERR_load_RAND_strings(void); /* Error codes for the RAND functions. */ /* Function codes. */ -#define RAND_F_ENG_RAND_GET_RAND_METHOD 108 -#define RAND_F_FIPS_RAND 103 -#define RAND_F_FIPS_RAND_BYTES 102 -#define RAND_F_FIPS_RAND_GET_RAND_METHOD 109 -#define RAND_F_FIPS_RAND_SET_DT 106 -#define RAND_F_FIPS_SET_DT 104 -#define RAND_F_FIPS_SET_PRNG_SEED 107 -#define RAND_F_FIPS_SET_TEST_MODE 105 #define RAND_F_RAND_GET_RAND_METHOD 101 #define RAND_F_SSLEAY_RAND_BYTES 100 /* Reason codes. */ -#define RAND_R_NON_FIPS_METHOD 105 -#define RAND_R_NOT_IN_TEST_MODE 106 -#define RAND_R_NO_KEY_SET 107 -#define RAND_R_PRNG_ASKING_FOR_TOO_MUCH 101 -#define RAND_R_PRNG_ERROR 108 -#define RAND_R_PRNG_KEYED 109 -#define RAND_R_PRNG_NOT_REKEYED 102 -#define RAND_R_PRNG_NOT_RESEEDED 103 #define RAND_R_PRNG_NOT_SEEDED 100 -#define RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY 110 -#define RAND_R_PRNG_STUCK 104 #ifdef __cplusplus } diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c index 50bce6caba..d53b916ebe 100644 --- a/src/lib/libcrypto/rand/rand_egd.c +++ b/src/lib/libcrypto/rand/rand_egd.c @@ -95,7 +95,7 @@ * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. */ -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS) int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { return(-1); diff --git a/src/lib/libcrypto/rand/rand_eng.c b/src/lib/libcrypto/rand/rand_eng.c deleted file mode 100644 index 1669cef43c..0000000000 --- a/src/lib/libcrypto/rand/rand_eng.c +++ /dev/null @@ -1,152 +0,0 @@ -/* crypto/rand/rand_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include "rand_lcl.h" -#include -#ifdef OPENSSL_FIPS -#include -#include -#endif - -#ifndef OPENSSL_NO_ENGINE -#include -#endif - -#if defined(OPENSSL_FIPS) && !defined(OPENSSL_NO_ENGINE) - -/* non-NULL if default_RAND_meth is ENGINE-provided */ -static ENGINE *funct_ref =NULL; - -int eng_RAND_set_rand_method(const RAND_METHOD *meth, const RAND_METHOD **pmeth) - { - if(funct_ref) - { - ENGINE_finish(funct_ref); - funct_ref = NULL; - } - *pmeth = meth; - return 1; - } - -const RAND_METHOD *eng_RAND_get_rand_method(const RAND_METHOD **pmeth) - { - if (!*pmeth) - { - ENGINE *e = ENGINE_get_default_RAND(); - if(e) - { - *pmeth = ENGINE_get_RAND(e); - if(!*pmeth) - { - ENGINE_finish(e); - e = NULL; - } - } - if(e) - funct_ref = e; - else - if(FIPS_mode()) - *pmeth=FIPS_rand_method(); - else - *pmeth = RAND_SSLeay(); - } - - if(FIPS_mode() - && *pmeth != FIPS_rand_check()) - { - RANDerr(RAND_F_ENG_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD); - return 0; - } - - return *pmeth; - } - -int RAND_set_rand_engine(ENGINE *engine) - { - const RAND_METHOD *tmp_meth = NULL; - if(engine) - { - if(!ENGINE_init(engine)) - return 0; - tmp_meth = ENGINE_get_RAND(engine); - if(!tmp_meth) - { - ENGINE_finish(engine); - return 0; - } - } - /* This function releases any prior ENGINE so call it first */ - RAND_set_rand_method(tmp_meth); - funct_ref = engine; - return 1; - } - -void int_RAND_init_engine_callbacks(void) - { - static int done = 0; - if (done) - return; - int_RAND_set_callbacks(eng_RAND_set_rand_method, - eng_RAND_get_rand_method); - done = 1; - } - -#endif diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c index 829fb44d77..03cda4dd92 100644 --- a/src/lib/libcrypto/rand/rand_err.c +++ b/src/lib/libcrypto/rand/rand_err.c @@ -1,6 +1,6 @@ /* crypto/rand/rand_err.c */ /* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,14 +70,6 @@ static ERR_STRING_DATA RAND_str_functs[]= { -{ERR_FUNC(RAND_F_ENG_RAND_GET_RAND_METHOD), "ENG_RAND_GET_RAND_METHOD"}, -{ERR_FUNC(RAND_F_FIPS_RAND), "FIPS_RAND"}, -{ERR_FUNC(RAND_F_FIPS_RAND_BYTES), "FIPS_RAND_BYTES"}, -{ERR_FUNC(RAND_F_FIPS_RAND_GET_RAND_METHOD), "FIPS_RAND_GET_RAND_METHOD"}, -{ERR_FUNC(RAND_F_FIPS_RAND_SET_DT), "FIPS_RAND_SET_DT"}, -{ERR_FUNC(RAND_F_FIPS_SET_DT), "FIPS_SET_DT"}, -{ERR_FUNC(RAND_F_FIPS_SET_PRNG_SEED), "FIPS_SET_PRNG_SEED"}, -{ERR_FUNC(RAND_F_FIPS_SET_TEST_MODE), "FIPS_SET_TEST_MODE"}, {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, {0,NULL} @@ -85,17 +77,7 @@ static ERR_STRING_DATA RAND_str_functs[]= static ERR_STRING_DATA RAND_str_reasons[]= { -{ERR_REASON(RAND_R_NON_FIPS_METHOD) ,"non fips method"}, -{ERR_REASON(RAND_R_NOT_IN_TEST_MODE) ,"not in test mode"}, -{ERR_REASON(RAND_R_NO_KEY_SET) ,"no key set"}, -{ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH),"prng asking for too much"}, -{ERR_REASON(RAND_R_PRNG_ERROR) ,"prng error"}, -{ERR_REASON(RAND_R_PRNG_KEYED) ,"prng keyed"}, -{ERR_REASON(RAND_R_PRNG_NOT_REKEYED) ,"prng not rekeyed"}, -{ERR_REASON(RAND_R_PRNG_NOT_RESEEDED) ,"prng not reseeded"}, {ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"}, -{ERR_REASON(RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY),"prng seed must not match key"}, -{ERR_REASON(RAND_R_PRNG_STUCK) ,"prng stuck"}, {0,NULL} }; diff --git a/src/lib/libcrypto/rand/rand_lcl.h b/src/lib/libcrypto/rand/rand_lcl.h index 18cc9b1e4a..618a8ec899 100644 --- a/src/lib/libcrypto/rand/rand_lcl.h +++ b/src/lib/libcrypto/rand/rand_lcl.h @@ -154,16 +154,5 @@ #define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) #endif -#ifndef OPENSSL_NO_ENGINE -void int_RAND_set_callbacks( - int (*set_rand_func)(const RAND_METHOD *meth, - const RAND_METHOD **pmeth), - const RAND_METHOD *(*get_rand_func) - (const RAND_METHOD **pmeth)); -int eng_RAND_set_rand_method(const RAND_METHOD *meth, - const RAND_METHOD **pmeth); -const RAND_METHOD *eng_RAND_get_rand_method(const RAND_METHOD **pmeth); -#endif - #endif diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c index da6b4e0e86..513e338985 100644 --- a/src/lib/libcrypto/rand/rand_lib.c +++ b/src/lib/libcrypto/rand/rand_lib.c @@ -60,82 +60,15 @@ #include #include "cryptlib.h" #include -#include "rand_lcl.h" -#ifdef OPENSSL_FIPS -#include -#include -#endif - #ifndef OPENSSL_NO_ENGINE #include #endif -static const RAND_METHOD *default_RAND_meth = NULL; - -#ifdef OPENSSL_FIPS - -static int fips_RAND_set_rand_method(const RAND_METHOD *meth, - const RAND_METHOD **pmeth) - { - *pmeth = meth; - return 1; - } - -static const RAND_METHOD *fips_RAND_get_rand_method(const RAND_METHOD **pmeth) - { - if (!*pmeth) - { - if(FIPS_mode()) - *pmeth=FIPS_rand_method(); - else - *pmeth = RAND_SSLeay(); - } - - if(FIPS_mode() - && *pmeth != FIPS_rand_check()) - { - RANDerr(RAND_F_FIPS_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD); - return 0; - } - - return *pmeth; - } - -static int (*RAND_set_rand_method_func)(const RAND_METHOD *meth, - const RAND_METHOD **pmeth) - = fips_RAND_set_rand_method; -static const RAND_METHOD *(*RAND_get_rand_method_func) - (const RAND_METHOD **pmeth) - = fips_RAND_get_rand_method; - -#ifndef OPENSSL_NO_ENGINE -void int_RAND_set_callbacks( - int (*set_rand_func)(const RAND_METHOD *meth, - const RAND_METHOD **pmeth), - const RAND_METHOD *(*get_rand_func) - (const RAND_METHOD **pmeth)) - { - RAND_set_rand_method_func = set_rand_func; - RAND_get_rand_method_func = get_rand_func; - } -#endif - -int RAND_set_rand_method(const RAND_METHOD *meth) - { - return RAND_set_rand_method_func(meth, &default_RAND_meth); - } - -const RAND_METHOD *RAND_get_rand_method(void) - { - return RAND_get_rand_method_func(&default_RAND_meth); - } - -#else - #ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ static ENGINE *funct_ref =NULL; #endif +static const RAND_METHOD *default_RAND_meth = NULL; int RAND_set_rand_method(const RAND_METHOD *meth) { @@ -196,8 +129,6 @@ int RAND_set_rand_engine(ENGINE *engine) } #endif -#endif - void RAND_cleanup(void) { const RAND_METHOD *meth = RAND_get_rand_method(); diff --git a/src/lib/libcrypto/rand/rand_os2.c b/src/lib/libcrypto/rand/rand_os2.c index c3e36d4e5e..fc1e78b179 100644 --- a/src/lib/libcrypto/rand/rand_os2.c +++ b/src/lib/libcrypto/rand/rand_os2.c @@ -78,8 +78,10 @@ typedef struct _CPUUTIL { ULONG ulIntrHigh; /* High 32 bits of interrupt time */ } CPUUTIL; +#ifndef __KLIBC__ APIRET APIENTRY(*DosPerfSysCall) (ULONG ulCommand, ULONG ulParm1, ULONG ulParm2, ULONG ulParm3) = NULL; APIRET APIENTRY(*DosQuerySysState) (ULONG func, ULONG arg1, ULONG pid, ULONG _res_, PVOID buf, ULONG bufsz) = NULL; +#endif HMODULE hDoscalls = 0; int RAND_poll(void) @@ -91,6 +93,7 @@ int RAND_poll(void) if (hDoscalls == 0) { ULONG rc = DosLoadModule(failed_module, sizeof(failed_module), "DOSCALLS", &hDoscalls); +#ifndef __KLIBC__ if (rc == 0) { rc = DosQueryProcAddr(hDoscalls, 976, NULL, (PFN *)&DosPerfSysCall); @@ -102,6 +105,7 @@ int RAND_poll(void) if (rc) DosQuerySysState = NULL; } +#endif } /* Sample the hi-res timer, runs at around 1.1 MHz */ @@ -122,7 +126,9 @@ int RAND_poll(void) RAND_add(&util, sizeof(util), 10); } else { +#ifndef __KLIBC__ DosPerfSysCall = NULL; +#endif } } diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c index 58c6173094..4bb9666e49 100644 --- a/src/lib/libcrypto/rand/rand_unix.c +++ b/src/lib/libcrypto/rand/rand_unix.c @@ -133,7 +133,50 @@ # define FD_SETSIZE (8*sizeof(fd_set)) #endif -#ifdef __OpenBSD__ +#ifdef __VOS__ +int RAND_poll(void) +{ + unsigned char buf[ENTROPY_NEEDED]; + pid_t curr_pid; + uid_t curr_uid; + static int first=1; + int i; + long rnd = 0; + struct timespec ts; + unsigned seed; + +/* The VOS random() function starts from a static seed so its + initial value is predictable. If random() returns the + initial value, reseed it with dynamic data. The VOS + real-time clock has a granularity of 1 nsec so it should be + reasonably difficult to predict its exact value. Do not + gratuitously reseed the PRNG because other code in this + process or thread may be using it. */ + + if (first) { + first = 0; + rnd = random (); + if (rnd == 1804289383) { + clock_gettime (CLOCK_REALTIME, &ts); + curr_pid = getpid(); + curr_uid = getuid(); + seed = ts.tv_sec ^ ts.tv_nsec ^ curr_pid ^ curr_uid; + srandom (seed); + } + } + + for (i = 0; i < sizeof(buf); i++) { + if (i % 4 == 0) + rnd = random(); + buf[i] = rnd; + rnd >>= 8; + } + RAND_add(buf, sizeof(buf), ENTROPY_NEEDED); + memset(buf, 0, sizeof(buf)); + + return 1; +} +#elif defined __OpenBSD__ int RAND_poll(void) { unsigned char buf[ENTROPY_NEEDED]; @@ -157,7 +200,7 @@ int RAND_poll(void) static const char *randomfiles[] = { DEVRANDOM }; struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])]; int fd; - size_t i; + unsigned int i; #endif #ifdef DEVRANDOM_EGD static const char *egdsockets[] = { DEVRANDOM_EGD, NULL }; @@ -170,7 +213,8 @@ int RAND_poll(void) * have this. Use /dev/urandom if you can as /dev/random may block * if it runs out of random entries. */ - for (i=0; i 0) n += r; +#if defined(OPENSSL_SYS_BEOS_R5) + if (r == 0) + snooze(t.tv_usec); +#endif } else r = -1; @@ -305,6 +358,14 @@ int RAND_poll(void) l=time(NULL); RAND_add(&l,sizeof(l),0.0); +#if defined(OPENSSL_SYS_BEOS) + { + system_info sysInfo; + get_system_info(&sysInfo); + RAND_add(&sysInfo,sizeof(sysInfo),0); + } +#endif + #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) return 1; #else diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c index 00dbe4232c..5d134e186b 100644 --- a/src/lib/libcrypto/rand/rand_win.c +++ b/src/lib/libcrypto/rand/rand_win.c @@ -463,7 +463,7 @@ int RAND_poll(void) PROCESSENTRY32 p; THREADENTRY32 t; MODULEENTRY32 m; - DWORD stoptime = 0; + DWORD starttime = 0; snap = (CREATETOOLHELP32SNAPSHOT) GetProcAddress(kernel, "CreateToolhelp32Snapshot"); @@ -494,12 +494,29 @@ int RAND_poll(void) * each entry. Consider each field a source of 1 byte * of entropy. */ + ZeroMemory(&hlist, sizeof(HEAPLIST32)); hlist.dwSize = sizeof(HEAPLIST32); - if (good) stoptime = GetTickCount() + MAXDELAY; + if (good) starttime = GetTickCount(); +#ifdef _MSC_VER if (heaplist_first(handle, &hlist)) + { + /* + following discussion on dev ML, exception on WinCE (or other Win + platform) is theoretically of unknown origin; prevent infinite + loop here when this theoretical case occurs; otherwise cope with + the expected (MSDN documented) exception-throwing behaviour of + Heap32Next() on WinCE. + + based on patch in original message by Tanguy Fautré (2009/03/02) + Subject: RAND_poll() and CreateToolhelp32Snapshot() stability + */ + int ex_cnt_limit = 42; do { RAND_add(&hlist, hlist.dwSize, 3); + __try + { + ZeroMemory(&hentry, sizeof(HEAPENTRY32)); hentry.dwSize = sizeof(HEAPENTRY32); if (heap_first(&hentry, hlist.th32ProcessID, @@ -510,10 +527,42 @@ int RAND_poll(void) RAND_add(&hentry, hentry.dwSize, 5); while (heap_next(&hentry) + && (!good || (GetTickCount()-starttime) 0); } - } while (heaplist_next(handle, - &hlist) && GetTickCount() < stoptime); + } + __except (EXCEPTION_EXECUTE_HANDLER) + { + /* ignore access violations when walking the heap list */ + ex_cnt_limit--; + } + } while (heaplist_next(handle, &hlist) + && (!good || (GetTickCount()-starttime) 0); + } + +#else + if (heaplist_first(handle, &hlist)) + { + do + { + RAND_add(&hlist, hlist.dwSize, 3); + hentry.dwSize = sizeof(HEAPENTRY32); + if (heap_first(&hentry, + hlist.th32ProcessID, + hlist.th32HeapID)) + { + int entrycnt = 80; + do + RAND_add(&hentry, + hentry.dwSize, 5); + while (heap_next(&hentry) + && --entrycnt > 0); + } + } while (heaplist_next(handle, &hlist) + && (!good || (GetTickCount()-starttime)= 0x80000000 || !OPENSSL_isservice()) + if (GetVersion() < 0x80000000 && OPENSSL_isservice()>0) return; /* Create a screen DC and a memory DC compatible to screen DC */ diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c index d108353bbc..4ed40b7b70 100644 --- a/src/lib/libcrypto/rand/randfile.c +++ b/src/lib/libcrypto/rand/randfile.c @@ -75,9 +75,7 @@ #ifndef NO_SYS_TYPES_H # include #endif -#ifdef MAC_OS_pre_X -# include -#else +#ifndef OPENSSL_NO_POSIX_IO # include #endif @@ -111,14 +109,26 @@ int RAND_load_file(const char *file, long bytes) * if bytes == -1, read complete file. */ MS_STATIC unsigned char buf[BUFSIZE]; +#ifndef OPENSSL_NO_POSIX_IO struct stat sb; +#endif int i,ret=0,n; FILE *in; if (file == NULL) return(0); +#ifndef OPENSSL_NO_POSIX_IO +#ifdef PURIFY + /* struct stat can have padding and unused fields that may not be + * initialized in the call to stat(). We need to clear the entire + * structure before calling RAND_add() to avoid complaints from + * applications such as Valgrind. + */ + memset(&sb, 0, sizeof(sb)); +#endif if (stat(file,&sb) < 0) return(0); RAND_add(&sb,sizeof(sb),0.0); +#endif if (bytes == 0) return(ret); #ifdef OPENSSL_SYS_VMS @@ -127,7 +137,7 @@ int RAND_load_file(const char *file, long bytes) in=fopen(file,"rb"); #endif if (in == NULL) goto err; -#if defined(S_IFBLK) && defined(S_IFCHR) +#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPNESSL_NO_POSIX_IO) if (sb.st_mode & (S_IFBLK | S_IFCHR)) { /* this file is a device. we don't want read an infinite number * of bytes from a random device, nor do we want to use buffered @@ -170,12 +180,13 @@ int RAND_write_file(const char *file) int i,ret=0,rand_err=0; FILE *out = NULL; int n; +#ifndef OPENSSL_NO_POSIX_IO struct stat sb; i=stat(file,&sb); if (i != -1) { -#if defined(S_IFBLK) && defined(S_IFCHR) - if (sb.st_mode & (S_IFBLK | S_IFCHR)) { +#if defined(S_ISBLK) && defined(S_ISCHR) + if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) { /* this file is a device. we don't write back to it. * we "succeed" on the assumption this is some sort * of random device. Otherwise attempting to write to @@ -185,14 +196,16 @@ int RAND_write_file(const char *file) } #endif } +#endif -#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) +#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && !defined(OPENSSL_SYS_VMS) { - /* For some reason Win32 can't write to files created this way */ - +#ifndef O_BINARY +#define O_BINARY 0 +#endif /* chmod(..., 0600) is too late to protect the file, * permissions should be restrictive from the start */ - int fd = open(file, O_CREAT, 0600); + int fd = open(file, O_WRONLY|O_CREAT|O_BINARY, 0600); if (fd != -1) out = fdopen(fd, "wb"); } diff --git a/src/lib/libcrypto/rc2/Makefile.ssl b/src/lib/libcrypto/rc2/Makefile.ssl deleted file mode 100644 index 98d5960d5d..0000000000 --- a/src/lib/libcrypto/rc2/Makefile.ssl +++ /dev/null @@ -1,91 +0,0 @@ -# -# SSLeay/crypto/rc2/Makefile -# - -DIR= rc2 -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=rc2test.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c -LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o - -SRC= $(LIBSRC) - -EXHEADER= rc2.h -HEADER= rc2_locl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h -rc2_cbc.o: rc2_cbc.c rc2_locl.h -rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h -rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h -rc2_skey.o: rc2_locl.h rc2_skey.c -rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h -rc2cfb64.o: rc2_locl.h rc2cfb64.c -rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h -rc2ofb64.o: rc2_locl.h rc2ofb64.c diff --git a/src/lib/libcrypto/rc2/rc2.h b/src/lib/libcrypto/rc2/rc2.h index e542ec94ff..34c8362317 100644 --- a/src/lib/libcrypto/rc2/rc2.h +++ b/src/lib/libcrypto/rc2/rc2.h @@ -79,9 +79,7 @@ typedef struct rc2_key_st RC2_INT data[64]; } RC2_KEY; -#ifdef OPENSSL_FIPS -void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); -#endif + void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, int enc); diff --git a/src/lib/libcrypto/rc2/rc2_skey.c b/src/lib/libcrypto/rc2/rc2_skey.c index 4e000e5b99..0150b0e035 100644 --- a/src/lib/libcrypto/rc2/rc2_skey.c +++ b/src/lib/libcrypto/rc2/rc2_skey.c @@ -57,14 +57,9 @@ */ #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - #include "rc2_locl.h" -static unsigned char key_table[256]={ +static const unsigned char key_table[256]={ 0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79, 0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e, 0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5, @@ -99,19 +94,7 @@ static unsigned char key_table[256]={ * BSAFE uses the 'retarded' version. What I previously shipped is * the same as specifying 1024 for the 'bits' parameter. Bsafe uses * a version where the bits parameter is the same as len*8 */ - -#ifdef OPENSSL_FIPS void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) - { - if (FIPS_mode()) - FIPS_BAD_ABORT(RC2) - private_RC2_set_key(key, len, data, bits); - } -void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, - int bits) -#else -void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) -#endif { int i,j; unsigned char *k; diff --git a/src/lib/libcrypto/rc4/Makefile.ssl b/src/lib/libcrypto/rc4/Makefile.ssl deleted file mode 100644 index 3e602662be..0000000000 --- a/src/lib/libcrypto/rc4/Makefile.ssl +++ /dev/null @@ -1,110 +0,0 @@ -# -# SSLeay/crypto/rc4/Makefile -# - -DIR= rc4 -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -RC4_ENC=rc4_enc.o -# or use -#RC4_ENC=asm/rx86-elf.o -#RC4_ENC=asm/rx86-out.o -#RC4_ENC=asm/rx86-sol.o -#RC4_ENC=asm/rx86bdsi.o - -CFLAGS= $(INCLUDES) $(CFLAG) -ASFLAGS= $(INCLUDES) $(ASFLAG) - -GENERAL=Makefile -TEST=rc4test.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=rc4_skey.c rc4_enc.c -LIBOBJ=rc4_skey.o $(RC4_ENC) - -SRC= $(LIBSRC) - -EXHEADER= rc4.h -HEADER= $(EXHEADER) rc4_locl.h - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -# elf -asm/rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > rx86-elf.s) - -# a.out -asm/rx86-out.o: asm/rx86unix.cpp - $(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o - -# bsdi -asm/rx86bsdi.o: asm/rx86unix.cpp - $(CPP) -DBSDI asm/rx86unix.cpp | sed 's/ :/:/' | as -o asm/rx86bsdi.o - -asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/rx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -rc4_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc4.h -rc4_enc.o: rc4_enc.c rc4_locl.h -rc4_skey.o: ../../include/openssl/opensslconf.h -rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h -rc4_skey.o: rc4_locl.h rc4_skey.c diff --git a/src/lib/libcrypto/rc4/asm/rc4-586.pl b/src/lib/libcrypto/rc4/asm/rc4-586.pl index ef7eee766c..38a44a70ef 100644 --- a/src/lib/libcrypto/rc4/asm/rc4-586.pl +++ b/src/lib/libcrypto/rc4/asm/rc4-586.pl @@ -1,14 +1,21 @@ -#!/usr/local/bin/perl +#!/usr/bin/env perl + +# ==================================================================== +# [Re]written by Andy Polyakov for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== # At some point it became apparent that the original SSLeay RC4 -# assembler implementation performs suboptimaly on latest IA-32 +# assembler implementation performs suboptimally on latest IA-32 # microarchitectures. After re-tuning performance has changed as # following: # -# Pentium +0% -# Pentium III +17% -# AMD +52%(*) -# P4 +180%(**) +# Pentium -10% +# Pentium III +12% +# AMD +50%(*) +# P4 +250%(**) # # (*) This number is actually a trade-off:-) It's possible to # achieve +72%, but at the cost of -48% off PIII performance. @@ -17,214 +24,247 @@ # For reference! This code delivers ~80% of rc4-amd64.pl # performance on the same Opteron machine. # (**) This number requires compressed key schedule set up by -# RC4_set_key and therefore doesn't apply to 0.9.7 [option for -# compressed key schedule is implemented in 0.9.8 and later, -# see commentary section in rc4_skey.c for further details]. +# RC4_set_key [see commentary below for further details]. # # -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; &asm_init($ARGV[0],"rc4-586.pl"); -$x="eax"; -$y="ebx"; +$xx="eax"; +$yy="ebx"; $tx="ecx"; $ty="edx"; -$in="esi"; -$out="edi"; -$d="ebp"; - -&RC4("RC4"); - -&asm_finish(); - -sub RC4_loop - { - local($n,$p,$char)=@_; - - &comment("Round $n"); - - if ($char) - { - if ($p >= 0) - { - &mov($ty, &swtmp(2)); - &cmp($ty, $in); - &jbe(&label("finished")); - &inc($in); - } - else - { - &add($ty, 8); - &inc($in); - &cmp($ty, $in); - &jb(&label("finished")); - &mov(&swtmp(2), $ty); - } - } - # Moved out - # &mov( $tx, &DWP(0,$d,$x,4)) if $p < 0; - - &add( &LB($y), &LB($tx)); - &mov( $ty, &DWP(0,$d,$y,4)); - # XXX - &mov( &DWP(0,$d,$x,4),$ty); - &add( $ty, $tx); - &mov( &DWP(0,$d,$y,4),$tx); - &and( $ty, 0xff); - &inc( &LB($x)); # NEXT ROUND - &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND - &mov( $ty, &DWP(0,$d,$ty,4)); - - if (!$char) - { - #moved up into last round - if ($p >= 1) - { - &add( $out, 8) - } - &movb( &BP($n,"esp","",0), &LB($ty)); - } - else - { - # Note in+=8 has occured - &movb( &HB($ty), &BP(-1,$in,"",0)); - # XXX - &xorb(&LB($ty), &HB($ty)); - # XXX - &movb(&BP($n,$out,"",0),&LB($ty)); - } +$inp="esi"; +$out="ebp"; +$dat="edi"; + +sub RC4_loop { + my $i=shift; + my $func = ($i==0)?*mov:*or; + + &add (&LB($yy),&LB($tx)); + &mov ($ty,&DWP(0,$dat,$yy,4)); + &mov (&DWP(0,$dat,$yy,4),$tx); + &mov (&DWP(0,$dat,$xx,4),$ty); + &add ($ty,$tx); + &inc (&LB($xx)); + &and ($ty,0xff); + &ror ($out,8) if ($i!=0); + if ($i<3) { + &mov ($tx,&DWP(0,$dat,$xx,4)); + } else { + &mov ($tx,&wparam(3)); # reload [re-biased] out } - - -sub RC4 - { - local($name)=@_; - - &function_begin_B($name,""); - - &mov($ty,&wparam(1)); # len - &cmp($ty,0); - &jne(&label("proceed")); - &ret(); - &set_label("proceed"); - - &comment(""); - - &push("ebp"); - &push("ebx"); - &push("esi"); - &xor( $x, $x); # avoid partial register stalls - &push("edi"); - &xor( $y, $y); # avoid partial register stalls - &mov( $d, &wparam(0)); # key - &mov( $in, &wparam(2)); - - &movb( &LB($x), &BP(0,$d,"",1)); - &movb( &LB($y), &BP(4,$d,"",1)); - - &mov( $out, &wparam(3)); - &inc( &LB($x)); - - &stack_push(3); # 3 temp variables - &add( $d, 8); - - # detect compressed schedule, see commentary section in rc4_skey.c... - # in 0.9.7 context ~50 bytes below RC4_CHAR label remain redundant, - # as compressed key schedule is set up in 0.9.8 and later. - &cmp(&DWP(256,$d),-1); - &je(&label("RC4_CHAR")); - - &lea( $ty, &DWP(-8,$ty,$in)); - - # check for 0 length input - - &mov( &swtmp(2), $ty); # this is now address to exit at - &mov( $tx, &DWP(0,$d,$x,4)); - - &cmp( $ty, $in); - &jb( &label("end")); # less than 8 bytes - - &set_label("start"); - - # filling DELAY SLOT - &add( $in, 8); - - &RC4_loop(0,-1,0); - &RC4_loop(1,0,0); - &RC4_loop(2,0,0); - &RC4_loop(3,0,0); - &RC4_loop(4,0,0); - &RC4_loop(5,0,0); - &RC4_loop(6,0,0); - &RC4_loop(7,1,0); - - &comment("apply the cipher text"); - # xor the cipher data with input - - #&add( $out, 8); #moved up into last round - - &mov( $tx, &swtmp(0)); - &mov( $ty, &DWP(-8,$in,"",0)); - &xor( $tx, $ty); - &mov( $ty, &DWP(-4,$in,"",0)); - &mov( &DWP(-8,$out,"",0), $tx); - &mov( $tx, &swtmp(1)); - &xor( $tx, $ty); - &mov( $ty, &swtmp(2)); # load end ptr; - &mov( &DWP(-4,$out,"",0), $tx); - &mov( $tx, &DWP(0,$d,$x,4)); - &cmp($in, $ty); - &jbe(&label("start")); - - &set_label("end"); - - # There is quite a bit of extra crap in RC4_loop() for this - # first round - &RC4_loop(0,-1,1); - &RC4_loop(1,0,1); - &RC4_loop(2,0,1); - &RC4_loop(3,0,1); - &RC4_loop(4,0,1); - &RC4_loop(5,0,1); - &RC4_loop(6,1,1); - - &jmp(&label("finished")); - - &align(16); - # this is essentially Intel P4 specific codepath, see rc4_skey.c, - # and is engaged in 0.9.8 and later context... - &set_label("RC4_CHAR"); - - &lea ($ty,&DWP(0,$in,$ty)); - &mov (&swtmp(2),$ty); - &movz ($tx,&BP(0,$d,$x)); - + &$func ($out,&DWP(0,$dat,$ty,4)); +} + +# void RC4(RC4_KEY *key,size_t len,const unsigned char *inp,unsigned char *out); +&function_begin("RC4"); + &mov ($dat,&wparam(0)); # load key schedule pointer + &mov ($ty, &wparam(1)); # load len + &mov ($inp,&wparam(2)); # load inp + &mov ($out,&wparam(3)); # load out + + &xor ($xx,$xx); # avoid partial register stalls + &xor ($yy,$yy); + + &cmp ($ty,0); # safety net + &je (&label("abort")); + + &mov (&LB($xx),&BP(0,$dat)); # load key->x + &mov (&LB($yy),&BP(4,$dat)); # load key->y + &add ($dat,8); + + &lea ($tx,&DWP(0,$inp,$ty)); + &sub ($out,$inp); # re-bias out + &mov (&wparam(1),$tx); # save input+len + + &inc (&LB($xx)); + + # detect compressed key schedule... + &cmp (&DWP(256,$dat),-1); + &je (&label("RC4_CHAR")); + + &mov ($tx,&DWP(0,$dat,$xx,4)); + + &and ($ty,-4); # how many 4-byte chunks? + &jz (&label("loop1")); + + &lea ($ty,&DWP(-4,$inp,$ty)); + &mov (&wparam(2),$ty); # save input+(len/4)*4-4 + &mov (&wparam(3),$out); # $out as accumulator in this loop + + &set_label("loop4",16); + for ($i=0;$i<4;$i++) { RC4_loop($i); } + &ror ($out,8); + &xor ($out,&DWP(0,$inp)); + &cmp ($inp,&wparam(2)); # compare to input+(len/4)*4-4 + &mov (&DWP(0,$tx,$inp),$out);# $tx holds re-biased out here + &lea ($inp,&DWP(4,$inp)); + &mov ($tx,&DWP(0,$dat,$xx,4)); + &jb (&label("loop4")); + + &cmp ($inp,&wparam(1)); # compare to input+len + &je (&label("done")); + &mov ($out,&wparam(3)); # restore $out + + &set_label("loop1",16); + &add (&LB($yy),&LB($tx)); + &mov ($ty,&DWP(0,$dat,$yy,4)); + &mov (&DWP(0,$dat,$yy,4),$tx); + &mov (&DWP(0,$dat,$xx,4),$ty); + &add ($ty,$tx); + &inc (&LB($xx)); + &and ($ty,0xff); + &mov ($ty,&DWP(0,$dat,$ty,4)); + &xor (&LB($ty),&BP(0,$inp)); + &lea ($inp,&DWP(1,$inp)); + &mov ($tx,&DWP(0,$dat,$xx,4)); + &cmp ($inp,&wparam(1)); # compare to input+len + &mov (&BP(-1,$out,$inp),&LB($ty)); + &jb (&label("loop1")); + + &jmp (&label("done")); + +# this is essentially Intel P4 specific codepath... +&set_label("RC4_CHAR",16); + &movz ($tx,&BP(0,$dat,$xx)); # strangely enough unrolled loop performs over 20% slower... - &set_label("RC4_CHAR_loop"); - &add (&LB($y),&LB($tx)); - &movz ($ty,&BP(0,$d,$y)); - &movb (&BP(0,$d,$y),&LB($tx)); - &movb (&BP(0,$d,$x),&LB($ty)); + &set_label("cloop1"); + &add (&LB($yy),&LB($tx)); + &movz ($ty,&BP(0,$dat,$yy)); + &mov (&BP(0,$dat,$yy),&LB($tx)); + &mov (&BP(0,$dat,$xx),&LB($ty)); &add (&LB($ty),&LB($tx)); - &movz ($ty,&BP(0,$d,$ty)); - &add (&LB($x),1); - &xorb (&LB($ty),&BP(0,$in)); - &lea ($in,&DWP(1,$in)); - &movz ($tx,&BP(0,$d,$x)); - &cmp ($in,&swtmp(2)); - &movb (&BP(0,$out),&LB($ty)); - &lea ($out,&DWP(1,$out)); - &jb (&label("RC4_CHAR_loop")); - - &set_label("finished"); - &dec( $x); - &stack_pop(3); - &movb( &BP(-4,$d,"",0),&LB($y)); - &movb( &BP(-8,$d,"",0),&LB($x)); - - &function_end($name); - } + &movz ($ty,&BP(0,$dat,$ty)); + &add (&LB($xx),1); + &xor (&LB($ty),&BP(0,$inp)); + &lea ($inp,&DWP(1,$inp)); + &movz ($tx,&BP(0,$dat,$xx)); + &cmp ($inp,&wparam(1)); + &mov (&BP(-1,$out,$inp),&LB($ty)); + &jb (&label("cloop1")); + +&set_label("done"); + &dec (&LB($xx)); + &mov (&BP(-4,$dat),&LB($yy)); # save key->y + &mov (&BP(-8,$dat),&LB($xx)); # save key->x +&set_label("abort"); +&function_end("RC4"); + +######################################################################## + +$inp="esi"; +$out="edi"; +$idi="ebp"; +$ido="ecx"; +$idx="edx"; + +&external_label("OPENSSL_ia32cap_P"); + +# void RC4_set_key(RC4_KEY *key,int len,const unsigned char *data); +&function_begin("RC4_set_key"); + &mov ($out,&wparam(0)); # load key + &mov ($idi,&wparam(1)); # load len + &mov ($inp,&wparam(2)); # load data + &picmeup($idx,"OPENSSL_ia32cap_P"); + + &lea ($out,&DWP(2*4,$out)); # &key->data + &lea ($inp,&DWP(0,$inp,$idi)); # $inp to point at the end + &neg ($idi); + &xor ("eax","eax"); + &mov (&DWP(-4,$out),$idi); # borrow key->y + + &bt (&DWP(0,$idx),20); # check for bit#20 + &jc (&label("c1stloop")); + +&set_label("w1stloop",16); + &mov (&DWP(0,$out,"eax",4),"eax"); # key->data[i]=i; + &add (&LB("eax"),1); # i++; + &jnc (&label("w1stloop")); + + &xor ($ido,$ido); + &xor ($idx,$idx); + +&set_label("w2ndloop",16); + &mov ("eax",&DWP(0,$out,$ido,4)); + &add (&LB($idx),&BP(0,$inp,$idi)); + &add (&LB($idx),&LB("eax")); + &add ($idi,1); + &mov ("ebx",&DWP(0,$out,$idx,4)); + &jnz (&label("wnowrap")); + &mov ($idi,&DWP(-4,$out)); + &set_label("wnowrap"); + &mov (&DWP(0,$out,$idx,4),"eax"); + &mov (&DWP(0,$out,$ido,4),"ebx"); + &add (&LB($ido),1); + &jnc (&label("w2ndloop")); +&jmp (&label("exit")); + +# Unlike all other x86 [and x86_64] implementations, Intel P4 core +# [including EM64T] was found to perform poorly with above "32-bit" key +# schedule, a.k.a. RC4_INT. Performance improvement for IA-32 hand-coded +# assembler turned out to be 3.5x if re-coded for compressed 8-bit one, +# a.k.a. RC4_CHAR! It's however inappropriate to just switch to 8-bit +# schedule for x86[_64], because non-P4 implementations suffer from +# significant performance losses then, e.g. PIII exhibits >2x +# deterioration, and so does Opteron. In order to assure optimal +# all-round performance, we detect P4 at run-time and set up compressed +# key schedule, which is recognized by RC4 procedure. + +&set_label("c1stloop",16); + &mov (&BP(0,$out,"eax"),&LB("eax")); # key->data[i]=i; + &add (&LB("eax"),1); # i++; + &jnc (&label("c1stloop")); + + &xor ($ido,$ido); + &xor ($idx,$idx); + &xor ("ebx","ebx"); + +&set_label("c2ndloop",16); + &mov (&LB("eax"),&BP(0,$out,$ido)); + &add (&LB($idx),&BP(0,$inp,$idi)); + &add (&LB($idx),&LB("eax")); + &add ($idi,1); + &mov (&LB("ebx"),&BP(0,$out,$idx)); + &jnz (&label("cnowrap")); + &mov ($idi,&DWP(-4,$out)); + &set_label("cnowrap"); + &mov (&BP(0,$out,$idx),&LB("eax")); + &mov (&BP(0,$out,$ido),&LB("ebx")); + &add (&LB($ido),1); + &jnc (&label("c2ndloop")); + + &mov (&DWP(256,$out),-1); # mark schedule as compressed + +&set_label("exit"); + &xor ("eax","eax"); + &mov (&DWP(-8,$out),"eax"); # key->x=0; + &mov (&DWP(-4,$out),"eax"); # key->y=0; +&function_end("RC4_set_key"); + +# const char *RC4_options(void); +&function_begin_B("RC4_options"); + &call (&label("pic_point")); +&set_label("pic_point"); + &blindpop("eax"); + &lea ("eax",&DWP(&label("opts")."-".&label("pic_point"),"eax")); + &picmeup("edx","OPENSSL_ia32cap_P"); + &bt (&DWP(0,"edx"),20); + &jnc (&label("skip")); + &add ("eax",12); + &set_label("skip"); + &ret (); +&set_label("opts",64); +&asciz ("rc4(4x,int)"); +&asciz ("rc4(1x,char)"); +&asciz ("RC4 for x86, CRYPTOGAMS by "); +&align (64); +&function_end_B("RC4_options"); + +&asm_finish(); diff --git a/src/lib/libcrypto/rc4/asm/rc4-amd64.pl b/src/lib/libcrypto/rc4/asm/rc4-amd64.pl deleted file mode 100755 index 9e0da8af99..0000000000 --- a/src/lib/libcrypto/rc4/asm/rc4-amd64.pl +++ /dev/null @@ -1,227 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. -# ==================================================================== -# -# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in -# "hand-coded assembler"] doesn't stand for the whole improvement -# coefficient. It turned out that eliminating RC4_CHAR from config -# line results in ~40% improvement (yes, even for C implementation). -# Presumably it has everything to do with AMD cache architecture and -# RAW or whatever penalties. Once again! The module *requires* config -# line *without* RC4_CHAR! As for coding "secret," I bet on partial -# register arithmetics. For example instead of 'inc %r8; and $255,%r8' -# I simply 'inc %r8b'. Even though optimization manual discourages -# to operate on partial registers, it turned out to be the best bet. -# At least for AMD... How IA32E would perform remains to be seen... - -# As was shown by Marc Bevand reordering of couple of load operations -# results in even higher performance gain of 3.3x:-) At least on -# Opteron... For reference, 1x in this case is RC4_CHAR C-code -# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock. -# Latter means that if you want to *estimate* what to expect from -# *your* CPU, then multiply 54 by 3.3 and clock frequency in GHz. - -# Intel P4 EM64T core was found to run the AMD64 code really slow... -# The only way to achieve comparable performance on P4 is to keep -# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to -# compose blended code, which would perform even within 30% marginal -# on either AMD and Intel platforms, I implement both cases. See -# rc4_skey.c for further details... This applies to 0.9.8 and later. -# In 0.9.7 context RC4_CHAR codepath is never engaged and ~70 bytes -# of code remain redundant. - -$output=shift; - -$win64a=1 if ($output =~ /win64a.[s|asm]/); - -open STDOUT,">$output" || die "can't open $output: $!"; - -if (defined($win64a)) { - $dat="%rcx"; # arg1 - $len="%rdx"; # arg2 - $inp="%rsi"; # r8, arg3 moves here - $out="%rdi"; # r9, arg4 moves here -} else { - $dat="%rdi"; # arg1 - $len="%rsi"; # arg2 - $inp="%rdx"; # arg3 - $out="%rcx"; # arg4 -} - -$XX="%r10"; -$TX="%r8"; -$YY="%r11"; -$TY="%r9"; - -sub PTR() { - my $ret=shift; - if (defined($win64a)) { - $ret =~ s/\[([\S]+)\+([\S]+)\]/[$2+$1]/g; # [%rN+%rM*4]->[%rM*4+%rN] - $ret =~ s/:([^\[]+)\[([^\]]+)\]/:[$2+$1]/g; # :off[ea]->:[ea+off] - } else { - $ret =~ s/[\+\*]/,/g; # [%rN+%rM*4]->[%rN,%rM,4] - $ret =~ s/\[([^\]]+)\]/($1)/g; # [%rN]->(%rN) - } - $ret; -} - -$code=<<___ if (!defined($win64a)); -.text - -.globl RC4 -.type RC4,\@function -.align 16 -RC4: or $len,$len - jne .Lentry - repret -.Lentry: -___ -$code=<<___ if (defined($win64a)); -_TEXT SEGMENT -PUBLIC RC4 -ALIGN 16 -RC4 PROC - or $len,$len - jne .Lentry - repret -.Lentry: - push %rdi - push %rsi - sub \$40,%rsp - mov %r8,$inp - mov %r9,$out -___ -$code.=<<___; - add \$8,$dat - movl `&PTR("DWORD:-8[$dat]")`,$XX#d - movl `&PTR("DWORD:-4[$dat]")`,$YY#d - cmpl \$-1,`&PTR("DWORD:256[$dat]")` - je .LRC4_CHAR - test \$-8,$len - jz .Lloop1 -.align 16 -.Lloop8: - inc $XX#b - movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d - add $TX#b,$YY#b - movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d - movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")` - movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")` - add $TX#b,$TY#b - inc $XX#b - movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d - movb `&PTR("BYTE:[$dat+$TY*4]")`,%al -___ -for ($i=1;$i<=6;$i++) { -$code.=<<___; - add $TX#b,$YY#b - ror \$8,%rax - movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d - movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")` - movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")` - add $TX#b,$TY#b - inc $XX#b - movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d - movb `&PTR("BYTE:[$dat+$TY*4]")`,%al -___ -} -$code.=<<___; - add $TX#b,$YY#b - ror \$8,%rax - movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d - movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")` - movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")` - sub \$8,$len - add $TY#b,$TX#b - movb `&PTR("BYTE:[$dat+$TX*4]")`,%al - ror \$8,%rax - add \$8,$inp - add \$8,$out - - xor `&PTR("QWORD:-8[$inp]")`,%rax - mov %rax,`&PTR("QWORD:-8[$out]")` - - test \$-8,$len - jnz .Lloop8 - cmp \$0,$len - jne .Lloop1 -.Lexit: - movl $XX#d,`&PTR("DWORD:-8[$dat]")` - movl $YY#d,`&PTR("DWORD:-4[$dat]")` -___ -$code.=<<___ if (defined($win64a)); - add \$40,%rsp - pop %rsi - pop %rdi -___ -$code.=<<___; - repret -.align 16 -.Lloop1: - movzb `&PTR("BYTE:[$inp]")`,%eax - inc $XX#b - movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d - add $TX#b,$YY#b - movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d - movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")` - movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")` - add $TY#b,$TX#b - movl `&PTR("DWORD:[$dat+$TX*4]")`,$TY#d - xor $TY,%rax - inc $inp - movb %al,`&PTR("BYTE:[$out]")` - inc $out - dec $len - jnz .Lloop1 - jmp .Lexit - -.align 16 -.LRC4_CHAR: - inc $XX#b - movzb `&PTR("BYTE:[$dat+$XX]")`,$TX#d - add $TX#b,$YY#b - movzb `&PTR("BYTE:[$dat+$YY]")`,$TY#d - movb $TX#b,`&PTR("BYTE:[$dat+$YY]")` - movb $TY#b,`&PTR("BYTE:[$dat+$XX]")` - add $TX#b,$TY#b - movzb `&PTR("BYTE:[$dat+$TY]")`,$TY#d - xorb `&PTR("BYTE:[$inp]")`,$TY#b - movb $TY#b,`&PTR("BYTE:[$out]")` - inc $inp - inc $out - dec $len - jnz .LRC4_CHAR - jmp .Lexit -___ -$code.=<<___ if (defined($win64a)); -RC4 ENDP -_TEXT ENDS -END -___ -$code.=<<___ if (!defined($win64a)); -.size RC4,.-RC4 -___ - -$code =~ s/#([bwd])/$1/gm; -$code =~ s/\`([^\`]*)\`/eval $1/gem; - -if (defined($win64a)) { - $code =~ s/\.align/ALIGN/gm; - $code =~ s/[\$%]//gm; - $code =~ s/\.L/\$L/gm; - $code =~ s/([\w]+)([\s]+)([\S]+),([\S]+)/$1$2$4,$3/gm; - $code =~ s/([QD]*WORD|BYTE):/$1 PTR/gm; - $code =~ s/mov[bwlq]/mov/gm; - $code =~ s/movzb/movzx/gm; - $code =~ s/repret/DB\t0F3h,0C3h/gm; - $code =~ s/cmpl/cmp/gm; - $code =~ s/xorb/xor/gm; -} else { - $code =~ s/([QD]*WORD|BYTE)://gm; - $code =~ s/repret/.byte\t0xF3,0xC3/gm; -} -print $code; diff --git a/src/lib/libcrypto/rc4/asm/rc4-ia64.S b/src/lib/libcrypto/rc4/asm/rc4-ia64.S deleted file mode 100644 index 8210c47d04..0000000000 --- a/src/lib/libcrypto/rc4/asm/rc4-ia64.S +++ /dev/null @@ -1,159 +0,0 @@ -// ==================================================================== -// Written by Andy Polyakov for the OpenSSL -// project. -// -// Rights for redistribution and usage in source and binary forms are -// granted according to the OpenSSL license. Warranty of any kind is -// disclaimed. -// ==================================================================== - -.ident "rc4-ia64.S, Version 2.0" -.ident "IA-64 ISA artwork by Andy Polyakov " - -// What's wrong with compiler generated code? Because of the nature of -// C language, compiler doesn't [dare to] reorder load and stores. But -// being memory-bound, RC4 should benefit from reorder [on in-order- -// execution core such as IA-64]. But what can we reorder? At the very -// least we can safely reorder references to key schedule in respect -// to input and output streams. Secondly, from the first [close] glance -// it appeared that it's possible to pull up some references to -// elements of the key schedule itself. Original rationale ["prior -// loads are not safe only for "degenerated" key schedule, when some -// elements equal to the same value"] was kind of sloppy. I should have -// formulated as it really was: if we assume that pulling up reference -// to key[x+1] is not safe, then it would mean that key schedule would -// "degenerate," which is never the case. The problem is that this -// holds true in respect to references to key[x], but not to key[y]. -// Legitimate "collisions" do occur within every 256^2 bytes window. -// Fortunately there're enough free instruction slots to keep prior -// reference to key[x+1], detect "collision" and compensate for it. -// All this without sacrificing a single clock cycle:-) Throughput is -// ~210MBps on 900MHz CPU, which is is >3x faster than gcc generated -// code and +30% - if compared to HP-UX C. Unrolling loop below should -// give >30% on top of that... - -.text -.explicit - -#if defined(_HPUX_SOURCE) && !defined(_LP64) -# define ADDP addp4 -#else -# define ADDP add -#endif - -#ifndef SZ -#define SZ 4 // this is set to sizeof(RC4_INT) -#endif -// SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for -// assembler implementation, while SZ==1 code is ~30% slower. -#if SZ==1 // RC4_INT is unsigned char -# define LDKEY ld1 -# define STKEY st1 -# define OFF 0 -#elif SZ==4 // RC4_INT is unsigned int -# define LDKEY ld4 -# define STKEY st4 -# define OFF 2 -#elif SZ==8 // RC4_INT is unsigned long -# define LDKEY ld8 -# define STKEY st8 -# define OFF 3 -#endif - -out=r8; // [expanded] output pointer -inp=r9; // [expanded] output pointer -prsave=r10; -key=r28; // [expanded] pointer to RC4_KEY -ksch=r29; // (key->data+255)[&~(sizeof(key->data)-1)] -xx=r30; -yy=r31; - -// void RC4(RC4_KEY *key,size_t len,const void *inp,void *out); -.global RC4# -.proc RC4# -.align 32 -.skip 16 -RC4: - .prologue - .save ar.pfs,r2 -{ .mii; alloc r2=ar.pfs,4,12,0,16 - .save pr,prsave - mov prsave=pr - ADDP key=0,in0 };; -{ .mib; cmp.eq p6,p0=0,in1 // len==0? - .save ar.lc,r3 - mov r3=ar.lc -(p6) br.ret.spnt.many b0 };; // emergency exit - - .body - .rotr dat[4],key_x[4],tx[2],rnd[2],key_y[2],ty[1]; - -{ .mib; LDKEY xx=[key],SZ // load key->x - add in1=-1,in1 // adjust len for loop counter - nop.b 0 } -{ .mib; ADDP inp=0,in2 - ADDP out=0,in3 - brp.loop.imp .Ltop,.Lexit-16 };; -{ .mmi; LDKEY yy=[key] // load key->y - add ksch=SZ,key - mov ar.lc=in1 } -{ .mmi; mov key_y[1]=r0 // guarantee inequality - // in first iteration - add xx=1,xx - mov pr.rot=1<<16 };; -{ .mii; nop.m 0 - dep key_x[1]=xx,r0,OFF,8 - mov ar.ec=3 };; // note that epilogue counter - // is off by 1. I compensate - // for this at exit... -.Ltop: -// The loop is scheduled for 4*(n+2) spin-rate on Itanium 2, which -// theoretically gives asymptotic performance of clock frequency -// divided by 4 bytes per seconds, or 400MBps on 1.6GHz CPU. This is -// for sizeof(RC4_INT)==4. For smaller RC4_INT STKEY inadvertently -// splits the last bundle and you end up with 5*n spin-rate:-( -// Originally the loop was scheduled for 3*n and relied on key -// schedule to be aligned at 256*sizeof(RC4_INT) boundary. But -// *(out++)=dat, which maps to st1, had same effect [inadvertent -// bundle split] and holded the loop back. Rescheduling for 4*n -// made it possible to eliminate dependence on specific alignment -// and allow OpenSSH keep "abusing" our API. Reaching for 3*n would -// require unrolling, sticking to variable shift instruction for -// collecting output [to avoid starvation for integer shifter] and -// copying of key schedule to controlled place in stack [so that -// deposit instruction can serve as substitute for whole -// key->data+((x&255)<data[0])))]... -{ .mmi; (p19) st1 [out]=dat[3],1 // *(out++)=dat - (p16) add xx=1,xx // x++ - (p18) dep rnd[1]=rnd[1],r0,OFF,8 } // ((tx+ty)&255)<y - mov pr=prsave,0x1ffff - nop.b 0 } -{ .mib; st1 [out]=dat[3],1 // compensate for truncated - // epilogue counter - add xx=-1,xx - nop.b 0 };; -{ .mib; STKEY [key]=xx // save key->x - mov ar.lc=r3 - br.ret.sptk.many b0 };; -.endp RC4# diff --git a/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl b/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl index 3a54623495..544386bf53 100755 --- a/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl +++ b/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl @@ -58,14 +58,18 @@ # fit for Core2 and therefore the code was modified to skip cloop8 on # this CPU. -$output=shift; +$flavour = shift; +$output = shift; +if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } + +$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; ( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or die "can't locate x86_64-xlate.pl"; -open STDOUT,"| $^X $xlate $output"; +open STDOUT,"| $^X $xlate $flavour $output"; $dat="%rdi"; # arg1 $len="%rsi"; # arg2 @@ -87,8 +91,10 @@ RC4: or $len,$len jne .Lentry ret .Lentry: + push %rbx push %r12 push %r13 +.Lprologue: add \$8,$dat movl -8($dat),$XX[0]#d @@ -133,16 +139,8 @@ $code.=<<___; jnz .Lloop8 cmp \$0,$len jne .Lloop1 -___ -$code.=<<___; -.Lexit: - sub \$1,$XX[0]#b - movl $XX[0]#d,-8($dat) - movl $YY#d,-4($dat) + jmp .Lexit - pop %r13 - pop %r12 - ret .align 16 .Lloop1: add $TX[0]#b,$YY#b @@ -167,9 +165,8 @@ $code.=<<___; movzb ($dat,$XX[0]),$TX[0]#d test \$-8,$len jz .Lcloop1 - cmp \$0,260($dat) + cmpl \$0,260($dat) jnz .Lcloop1 - push %rbx jmp .Lcloop8 .align 16 .Lcloop8: @@ -224,7 +221,6 @@ $code.=<<___; test \$-8,$len jnz .Lcloop8 - pop %rbx cmp \$0,$len jne .Lcloop1 jmp .Lexit @@ -249,6 +245,19 @@ $code.=<<___; sub \$1,$len jnz .Lcloop1 jmp .Lexit + +.align 16 +.Lexit: + sub \$1,$XX[0]#b + movl $XX[0]#d,-8($dat) + movl $YY#d,-4($dat) + + mov (%rsp),%r13 + mov 8(%rsp),%r12 + mov 16(%rsp),%rbx + add \$24,%rsp +.Lepilogue: + ret .size RC4,.-RC4 ___ @@ -269,6 +278,7 @@ RC4_set_key: xor $ido,$ido xor %r10,%r10 xor %r11,%r11 + mov PIC_GOT(OPENSSL_ia32cap_P),$idx#d bt \$20,$idx#d jnc .Lw1stloop @@ -332,11 +342,10 @@ RC4_set_key: .size RC4_set_key,.-RC4_set_key .globl RC4_options -.type RC4_options,\@function,0 +.type RC4_options,\@abi-omnipotent .align 16 RC4_options: - .picmeup %rax - lea .Lopts-.(%rax),%rax + lea .Lopts(%rip),%rax mov PIC_GOT(OPENSSL_ia32cap_P),%edx bt \$20,%edx jnc .Ldone @@ -356,9 +365,139 @@ RC4_options: .size RC4_options,.-RC4_options ___ -$code =~ s/#([bwd])/$1/gm; +# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, +# CONTEXT *context,DISPATCHER_CONTEXT *disp) +if ($win64) { +$rec="%rcx"; +$frame="%rdx"; +$context="%r8"; +$disp="%r9"; + +$code.=<<___; +.extern __imp_RtlVirtualUnwind +.type stream_se_handler,\@abi-omnipotent +.align 16 +stream_se_handler: + push %rsi + push %rdi + push %rbx + push %rbp + push %r12 + push %r13 + push %r14 + push %r15 + pushfq + sub \$64,%rsp + + mov 120($context),%rax # pull context->Rax + mov 248($context),%rbx # pull context->Rip + + lea .Lprologue(%rip),%r10 + cmp %r10,%rbx # context->RipRsp + + lea .Lepilogue(%rip),%r10 + cmp %r10,%rbx # context->Rip>=epilogue label + jae .Lin_prologue + + lea 24(%rax),%rax + + mov -8(%rax),%rbx + mov -16(%rax),%r12 + mov -24(%rax),%r13 + mov %rbx,144($context) # restore context->Rbx + mov %r12,216($context) # restore context->R12 + mov %r13,224($context) # restore context->R13 + +.Lin_prologue: + mov 8(%rax),%rdi + mov 16(%rax),%rsi + mov %rax,152($context) # restore context->Rsp + mov %rsi,168($context) # restore context->Rsi + mov %rdi,176($context) # restore context->Rdi + + jmp .Lcommon_seh_exit +.size stream_se_handler,.-stream_se_handler + +.type key_se_handler,\@abi-omnipotent +.align 16 +key_se_handler: + push %rsi + push %rdi + push %rbx + push %rbp + push %r12 + push %r13 + push %r14 + push %r15 + pushfq + sub \$64,%rsp + + mov 152($context),%rax # pull context->Rsp + mov 8(%rax),%rdi + mov 16(%rax),%rsi + mov %rsi,168($context) # restore context->Rsi + mov %rdi,176($context) # restore context->Rdi -$code =~ s/RC4_set_key/private_RC4_set_key/g if ($ENV{FIPSCANLIB} ne ""); +.Lcommon_seh_exit: + + mov 40($disp),%rdi # disp->ContextRecord + mov $context,%rsi # context + mov \$154,%ecx # sizeof(CONTEXT) + .long 0xa548f3fc # cld; rep movsq + + mov $disp,%rsi + xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER + mov 8(%rsi),%rdx # arg2, disp->ImageBase + mov 0(%rsi),%r8 # arg3, disp->ControlPc + mov 16(%rsi),%r9 # arg4, disp->FunctionEntry + mov 40(%rsi),%r10 # disp->ContextRecord + lea 56(%rsi),%r11 # &disp->HandlerData + lea 24(%rsi),%r12 # &disp->EstablisherFrame + mov %r10,32(%rsp) # arg5 + mov %r11,40(%rsp) # arg6 + mov %r12,48(%rsp) # arg7 + mov %rcx,56(%rsp) # arg8, (NULL) + call *__imp_RtlVirtualUnwind(%rip) + + mov \$1,%eax # ExceptionContinueSearch + add \$64,%rsp + popfq + pop %r15 + pop %r14 + pop %r13 + pop %r12 + pop %rbp + pop %rbx + pop %rdi + pop %rsi + ret +.size key_se_handler,.-key_se_handler + +.section .pdata +.align 4 + .rva .LSEH_begin_RC4 + .rva .LSEH_end_RC4 + .rva .LSEH_info_RC4 + + .rva .LSEH_begin_RC4_set_key + .rva .LSEH_end_RC4_set_key + .rva .LSEH_info_RC4_set_key + +.section .xdata +.align 8 +.LSEH_info_RC4: + .byte 9,0,0,0 + .rva stream_se_handler +.LSEH_info_RC4_set_key: + .byte 9,0,0,0 + .rva key_se_handler +___ +} + +$code =~ s/#([bwd])/$1/gm; print $code; diff --git a/src/lib/libcrypto/rc4/rc4.h b/src/lib/libcrypto/rc4/rc4.h index 2d8620d33b..29d1acccf5 100644 --- a/src/lib/libcrypto/rc4/rc4.h +++ b/src/lib/libcrypto/rc4/rc4.h @@ -64,6 +64,8 @@ #error RC4 is disabled. #endif +#include + #ifdef __cplusplus extern "C" { #endif @@ -76,11 +78,8 @@ typedef struct rc4_key_st const char *RC4_options(void); -#ifdef OPENSSL_FIPS -void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); -#endif void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); -void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, +void RC4(RC4_KEY *key, size_t len, const unsigned char *indata, unsigned char *outdata); #ifdef __cplusplus diff --git a/src/lib/libcrypto/rc4/rc4_enc.c b/src/lib/libcrypto/rc4/rc4_enc.c index 0660ea60a2..8c4fc6c7a3 100644 --- a/src/lib/libcrypto/rc4/rc4_enc.c +++ b/src/lib/libcrypto/rc4/rc4_enc.c @@ -67,12 +67,12 @@ * Date: Wed, 14 Sep 1994 06:35:31 GMT */ -void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, +void RC4(RC4_KEY *key, size_t len, const unsigned char *indata, unsigned char *outdata) { register RC4_INT *d; register RC4_INT x,y,tx,ty; - int i; + size_t i; x=key->x; y=key->y; @@ -120,8 +120,8 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, (RC4_CHUNK)d[(tx+ty)&0xff]\ ) - if ( ( ((unsigned long)indata & (sizeof(RC4_CHUNK)-1)) | - ((unsigned long)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 ) + if ( ( ((size_t)indata & (sizeof(RC4_CHUNK)-1)) | + ((size_t)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 ) { RC4_CHUNK ichunk,otp; const union { long one; char little; } is_endian = {1}; @@ -157,7 +157,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, if (!is_endian.little) { /* BIG-ENDIAN CASE */ # define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1)) - for (;len&~(sizeof(RC4_CHUNK)-1);len-=sizeof(RC4_CHUNK)) + for (;len&(0-sizeof(RC4_CHUNK));len-=sizeof(RC4_CHUNK)) { ichunk = *(RC4_CHUNK *)indata; otp = RC4_STEP<>3L); + i=len>>3; if (i) { for (;;) @@ -296,7 +296,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, if (--i == 0) break; } } - i=(int)len&0x07; + i=len&0x07; if (i) { for (;;) diff --git a/src/lib/libcrypto/rc4/rc4_fblk.c b/src/lib/libcrypto/rc4/rc4_fblk.c deleted file mode 100644 index 1b2a42979b..0000000000 --- a/src/lib/libcrypto/rc4/rc4_fblk.c +++ /dev/null @@ -1,75 +0,0 @@ -/* crypto/rc4/rc4_fblk.c */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#include -#include "rc4_locl.h" -#include -#include -#ifdef OPENSSL_FIPS -#include -#endif - -/* FIPS mode blocking for RC4 has to be done separately since RC4_set_key - * may be implemented in an assembly language file. - */ - -#ifdef OPENSSL_FIPS -void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) - { - if (FIPS_mode()) - FIPS_BAD_ABORT(RC4) - private_RC4_set_key(key, len, data); - } -#endif - diff --git a/src/lib/libcrypto/rc4/rc4_skey.c b/src/lib/libcrypto/rc4/rc4_skey.c index 4478d1a4b3..b22c40b0bd 100644 --- a/src/lib/libcrypto/rc4/rc4_skey.c +++ b/src/lib/libcrypto/rc4/rc4_skey.c @@ -59,11 +59,6 @@ #include #include "rc4_locl.h" #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - const char RC4_version[]="RC4" OPENSSL_VERSION_PTEXT; @@ -90,11 +85,7 @@ const char *RC4_options(void) * Date: Wed, 14 Sep 1994 06:35:31 GMT */ -#ifdef OPENSSL_FIPS -void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) -#else void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) -#endif { register RC4_INT tmp; register int id1,id2; @@ -128,20 +119,14 @@ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) * implementations suffer from significant performance * losses then, e.g. PIII exhibits >2x deterioration, * and so does Opteron. In order to assure optimal - * all-round performance, we detect P4 at run-time by - * checking upon reserved bit 20 in CPU capability + * all-round performance, let us [try to] detect P4 at + * run-time by checking upon HTT bit in CPU capability * vector and set up compressed key schedule, which is * recognized by correspondingly updated assembler - * module... Bit 20 is set up by OPENSSL_ia32_cpuid. - * + * module... * */ -#ifdef OPENSSL_FIPS - unsigned long *ia32cap_ptr = OPENSSL_ia32cap_loc(); - if (ia32cap_ptr && (*ia32cap_ptr & (1<<28))) { -#else if (OPENSSL_ia32cap_P & (1<<28)) { -#endif unsigned char *cp=(unsigned char *)d; for (i=0;i<256;i++) cp[i]=i; diff --git a/src/lib/libcrypto/rc4/rc4test.c b/src/lib/libcrypto/rc4/rc4test.c index 54b597fa26..633a79e758 100644 --- a/src/lib/libcrypto/rc4/rc4test.c +++ b/src/lib/libcrypto/rc4/rc4test.c @@ -114,8 +114,8 @@ static unsigned char output[7][30]={ int main(int argc, char *argv[]) { - int err=0; - unsigned int i, j; + int i,err=0; + int j; unsigned char *p; RC4_KEY key; unsigned char obuf[512]; @@ -129,12 +129,12 @@ int main(int argc, char *argv[]) { printf("error calculating RC4\n"); printf("output:"); - for (j=0; j r586-elf.s) - -# a.out -asm/r586-out.o: asm/r586unix.cpp - $(CPP) -DOUT asm/r586unix.cpp | as -o asm/r586-out.o - -# bsdi -asm/r586bsdi.o: asm/r586unix.cpp - $(CPP) -DBSDI asm/r586unix.cpp | sed 's/ :/:/' | as -o asm/r586bsdi.o - -asm/r586unix.cpp: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) rc5-586.pl cpp >r586unix.cpp) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/r586unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -rc5_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h -rc5_ecb.o: rc5_ecb.c rc5_locl.h -rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h -rc5_skey.o: ../../include/openssl/rc5.h rc5_locl.h rc5_skey.c -rc5cfb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5cfb64.c -rc5ofb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5ofb64.c diff --git a/src/lib/libcrypto/rc5/rc5.h b/src/lib/libcrypto/rc5/rc5.h index f73a2a02a4..4b3c153b50 100644 --- a/src/lib/libcrypto/rc5/rc5.h +++ b/src/lib/libcrypto/rc5/rc5.h @@ -94,10 +94,7 @@ typedef struct rc5_key_st RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; } RC5_32_KEY; -#ifdef OPENSSL_FIPS -void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, - int rounds); -#endif + void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds); void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, diff --git a/src/lib/libcrypto/ripemd/Makefile.ssl b/src/lib/libcrypto/ripemd/Makefile.ssl deleted file mode 100644 index f22ac790ae..0000000000 --- a/src/lib/libcrypto/ripemd/Makefile.ssl +++ /dev/null @@ -1,108 +0,0 @@ -# -# SSLeay/crypto/ripemd/Makefile -# - -DIR= ripemd -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -RIP_ASM_OBJ= - -CFLAGS= $(INCLUDES) $(CFLAG) -ASFLAGS= $(INCLUDES) $(ASFLAG) - -GENERAL=Makefile -TEST=rmdtest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=rmd_dgst.c rmd_one.c -LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ) - -SRC= $(LIBSRC) - -EXHEADER= ripemd.h -HEADER= rmd_locl.h rmdconst.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -# elf -asm/rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > rm86-elf.s) - -# a.out -asm/rm86-out.o: asm/rm86unix.cpp - $(CPP) -DOUT asm/rm86unix.cpp | as -o asm/rm86-out.o - -# bsdi -asm/rm86bsdi.o: asm/rm86unix.cpp - $(CPP) -DBSDI asm/rm86unix.cpp | sed 's/ :/:/' | as -o asm/rm86bsdi.o - -asm/rm86unix.cpp: asm/rmd-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rmd-586.pl cpp >rm86unix.cpp) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/rm86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h -rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h -rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -rmd_one.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h -rmd_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rmd_one.o: rmd_one.c diff --git a/src/lib/libcrypto/ripemd/asm/rmd-586.pl b/src/lib/libcrypto/ripemd/asm/rmd-586.pl index 4f3c4c967f..e8b2bc2db2 100644 --- a/src/lib/libcrypto/ripemd/asm/rmd-586.pl +++ b/src/lib/libcrypto/ripemd/asm/rmd-586.pl @@ -5,7 +5,8 @@ $normal=0; -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; &asm_init($ARGV[0],$0); diff --git a/src/lib/libcrypto/ripemd/ripemd.h b/src/lib/libcrypto/ripemd/ripemd.h index 3b6d04386d..5942eb6180 100644 --- a/src/lib/libcrypto/ripemd/ripemd.h +++ b/src/lib/libcrypto/ripemd/ripemd.h @@ -70,7 +70,7 @@ extern "C" { #error RIPEMD is disabled. #endif -#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) +#if defined(__LP32__) #define RIPEMD160_LONG unsigned long #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) #define RIPEMD160_LONG unsigned long @@ -90,9 +90,7 @@ typedef struct RIPEMD160state_st RIPEMD160_LONG data[RIPEMD160_LBLOCK]; unsigned int num; } RIPEMD160_CTX; -#ifdef OPENSSL_FIPS -int private_RIPEMD160_Init(RIPEMD160_CTX *c); -#endif + int RIPEMD160_Init(RIPEMD160_CTX *c); int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len); int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); diff --git a/src/lib/libcrypto/ripemd/rmd_dgst.c b/src/lib/libcrypto/ripemd/rmd_dgst.c index a845e17ed8..2097a66c03 100644 --- a/src/lib/libcrypto/ripemd/rmd_dgst.c +++ b/src/lib/libcrypto/ripemd/rmd_dgst.c @@ -59,11 +59,6 @@ #include #include "rmd_locl.h" #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; @@ -74,16 +69,14 @@ const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,size_t num); # endif -FIPS_NON_FIPS_MD_Init(RIPEMD160) +int RIPEMD160_Init(RIPEMD160_CTX *c) { + memset (c,0,sizeof(*c)); c->A=RIPEMD160_A; c->B=RIPEMD160_B; c->C=RIPEMD160_C; c->D=RIPEMD160_D; c->E=RIPEMD160_E; - c->Nl=0; - c->Nh=0; - c->num=0; return 1; } diff --git a/src/lib/libcrypto/ripemd/rmd_locl.h b/src/lib/libcrypto/ripemd/rmd_locl.h index ce12a8000e..f14b346e66 100644 --- a/src/lib/libcrypto/ripemd/rmd_locl.h +++ b/src/lib/libcrypto/ripemd/rmd_locl.h @@ -72,7 +72,7 @@ */ #ifdef RMD160_ASM # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -# define ripemd160_block_host_order ripemd160_block_asm_data_order +# define ripemd160_block_data_order ripemd160_block_asm_data_order # endif #endif diff --git a/src/lib/libcrypto/rsa/Makefile b/src/lib/libcrypto/rsa/Makefile index 7b1fd6428c..bb64223e05 100644 --- a/src/lib/libcrypto/rsa/Makefile +++ b/src/lib/libcrypto/rsa/Makefile @@ -19,10 +19,12 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ - rsa_pss.c rsa_x931.c rsa_x931g.c rsa_asn1.c rsa_depr.c rsa_eng.c + rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \ + rsa_pmeth.c LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ - rsa_pss.o rsa_x931.o rsa_x931g.o rsa_asn1.o rsa_depr.o rsa_eng.o + rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o rsa_ameth.o rsa_prn.o \ + rsa_pmeth.o SRC= $(LIBSRC) @@ -37,7 +39,7 @@ top: all: lib lib: $(LIBOBJ) - $(ARX) $(LIB) $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib @@ -78,6 +80,22 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. +rsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_ameth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +rsa_ameth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +rsa_ameth.o: ../../include/openssl/cms.h ../../include/openssl/crypto.h +rsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +rsa_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +rsa_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h +rsa_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rsa_ameth.o: ../../include/openssl/objects.h +rsa_ameth.o: ../../include/openssl/opensslconf.h +rsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h +rsa_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +rsa_ameth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rsa_ameth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +rsa_ameth.o: ../asn1/asn1_locl.h ../cryptlib.h rsa_ameth.c rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -114,21 +132,6 @@ rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c -rsa_eng.o: ../../e_os.h ../../include/openssl/asn1.h -rsa_eng.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rsa_eng.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rsa_eng.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -rsa_eng.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -rsa_eng.o: ../../include/openssl/engine.h ../../include/openssl/err.h -rsa_eng.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -rsa_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -rsa_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -rsa_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -rsa_eng.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_eng.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rsa_eng.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -rsa_eng.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_eng.c rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h @@ -151,15 +154,15 @@ rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h rsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h rsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h -rsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -rsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -rsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -rsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rsa_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -rsa_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_lib.c +rsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +rsa_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +rsa_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h +rsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rsa_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +rsa_lib.o: ../cryptlib.h rsa_lib.c rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -182,9 +185,9 @@ rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -rsa_oaep.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -rsa_oaep.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +rsa_oaep.o: ../../include/openssl/opensslconf.h rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h @@ -199,27 +202,50 @@ rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c +rsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +rsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +rsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +rsa_pmeth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +rsa_pmeth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +rsa_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +rsa_pmeth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +rsa_pmeth.o: ../../include/openssl/opensslconf.h +rsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h +rsa_pmeth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +rsa_pmeth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rsa_pmeth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +rsa_pmeth.o: ../cryptlib.h ../evp/evp_locl.h rsa_locl.h rsa_pmeth.c +rsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +rsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +rsa_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h +rsa_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rsa_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +rsa_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rsa_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +rsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rsa_prn.o: ../cryptlib.h rsa_prn.c rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -rsa_pss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -rsa_pss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -rsa_pss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_pss.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -rsa_pss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rsa_pss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_pss.o: ../cryptlib.h rsa_pss.c +rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pss.c rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h rsa_saos.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_saos.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rsa_saos.o: ../../include/openssl/opensslconf.h +rsa_saos.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rsa_saos.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h @@ -232,15 +258,14 @@ rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h rsa_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rsa_sign.o: ../../include/openssl/opensslconf.h +rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -rsa_sign.o: ../cryptlib.h rsa_sign.c +rsa_sign.o: ../cryptlib.h rsa_locl.h rsa_sign.c rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -260,11 +285,3 @@ rsa_x931.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c -rsa_x931g.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_x931g.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -rsa_x931g.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_x931g.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_x931g.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_x931g.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_x931g.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_x931g.o: rsa_x931g.c diff --git a/src/lib/libcrypto/rsa/Makefile.ssl b/src/lib/libcrypto/rsa/Makefile.ssl deleted file mode 100644 index 8089344a04..0000000000 --- a/src/lib/libcrypto/rsa/Makefile.ssl +++ /dev/null @@ -1,241 +0,0 @@ -# -# SSLeay/crypto/rsa/Makefile -# - -DIR= rsa -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=rsa_test.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ - rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ - rsa_asn1.c -LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ - rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ - rsa_asn1.o - -SRC= $(LIBSRC) - -EXHEADER= rsa.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h -rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -rsa_asn1.o: ../../include/openssl/opensslconf.h -rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_asn1.o: ../cryptlib.h rsa_asn1.c -rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -rsa_chk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_chk.o: rsa_chk.c -rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h -rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c -rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_err.o: rsa_err.c -rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h -rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_gen.o: ../cryptlib.h rsa_gen.c -rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h -rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h rsa_lib.c -rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h -rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rsa_none.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.c -rsa_null.o: ../../e_os.h ../../include/openssl/asn1.h -rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rsa_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c -rsa_oaep.o: ../../e_os.h ../../include/openssl/aes.h -rsa_oaep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_oaep.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_oaep.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_oaep.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_oaep.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_oaep.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_oaep.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_oaep.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rsa_oaep.o: ../../include/openssl/opensslconf.h -rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rsa_oaep.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_oaep.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_oaep.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rsa_oaep.o: ../cryptlib.h rsa_oaep.c -rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h -rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c -rsa_saos.o: ../../e_os.h ../../include/openssl/aes.h -rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_saos.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_saos.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_saos.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_saos.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_saos.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_saos.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rsa_saos.o: ../../include/openssl/opensslconf.h -rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -rsa_saos.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_saos.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_saos.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -rsa_saos.o: ../cryptlib.h rsa_saos.c -rsa_sign.o: ../../e_os.h ../../include/openssl/aes.h -rsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rsa_sign.o: ../../include/openssl/opensslconf.h -rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -rsa_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -rsa_sign.o: ../cryptlib.h rsa_sign.c -rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h -rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h index 5bb932ae15..cf74343657 100644 --- a/src/lib/libcrypto/rsa/rsa.h +++ b/src/lib/libcrypto/rsa/rsa.h @@ -74,25 +74,6 @@ #error RSA is disabled. #endif -/* If this flag is set the RSA method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its reposibility - * to ensure the result is compliant. - */ - -#define RSA_FLAG_FIPS_METHOD 0x0400 - -/* If this flag is set the operations normally disabled in FIPS mode are - * permitted it is then the applications responsibility to ensure that the - * usage is compliant. - */ - -#define RSA_FLAG_NON_FIPS_ALLOW 0x0400 - -#ifdef OPENSSL_FIPS -#define FIPS_RSA_SIZE_T int -#endif - #ifdef __cplusplus extern "C" { #endif @@ -136,7 +117,8 @@ struct rsa_meth_st unsigned char *sigret, unsigned int *siglen, const RSA *rsa); int (*rsa_verify)(int dtype, const unsigned char *m, unsigned int m_length, - unsigned char *sigbuf, unsigned int siglen, const RSA *rsa); + const unsigned char *sigbuf, unsigned int siglen, + const RSA *rsa); /* If this callback is NULL, the builtin software RSA key-gen will be used. This * is for behavioural compatibility whilst the code gets rewired, but one day * it would be nice to assume there are no such things as "builtin software" @@ -182,8 +164,6 @@ struct rsa_st # define OPENSSL_RSA_MAX_MODULUS_BITS 16384 #endif -#define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024 - #ifndef OPENSSL_RSA_SMALL_MODULUS_BITS # define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 #endif @@ -238,11 +218,37 @@ struct rsa_st #endif +#define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \ + pad, NULL) + +#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \ + (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \ + EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \ + len, NULL) + +#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \ + EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL) + +#define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \ + EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp) + +#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) +#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2) + +#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3) +#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4) + #define RSA_PKCS1_PADDING 1 #define RSA_SSLV23_PADDING 2 #define RSA_NO_PADDING 3 #define RSA_PKCS1_OAEP_PADDING 4 #define RSA_X931_PADDING 5 +/* EVP_PKEY_ only */ +#define RSA_PKCS1_PSS_PADDING 6 #define RSA_PKCS1_PADDING_SIZE 11 @@ -261,11 +267,6 @@ RSA * RSA_generate_key(int bits, unsigned long e,void /* New version */ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); -int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2, - const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp, - const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq, - const BIGNUM *e, BN_GENCB *cb); -int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb); int RSA_check_key(const RSA *); /* next 4 return -1 on error */ @@ -283,11 +284,6 @@ int RSA_up_ref(RSA *r); int RSA_flags(const RSA *r); -#ifdef OPENSSL_FIPS -RSA *FIPS_rsa_new(void); -void FIPS_rsa_free(RSA *r); -#endif - void RSA_set_default_method(const RSA_METHOD *meth); const RSA_METHOD *RSA_get_default_method(void); const RSA_METHOD *RSA_get_method(const RSA *rsa); @@ -333,7 +329,7 @@ RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int RSA_sign(int type, const unsigned char *m, unsigned int m_length, unsigned char *sigret, unsigned int *siglen, RSA *rsa); int RSA_verify(int type, const unsigned char *m, unsigned int m_length, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); + const unsigned char *sigbuf, unsigned int siglen, RSA *rsa); /* The following 2 function sign and verify a ASN1_OCTET_STRING * object inside PKCS#1 padded RSA encryption */ @@ -401,9 +397,15 @@ void ERR_load_RSA_strings(void); /* Error codes for the RSA functions. */ /* Function codes. */ -#define RSA_F_FIPS_RSA_SIGN 140 -#define RSA_F_FIPS_RSA_VERIFY 141 +#define RSA_F_CHECK_PADDING_MD 140 +#define RSA_F_DO_RSA_PRINT 146 +#define RSA_F_INT_RSA_VERIFY 145 #define RSA_F_MEMORY_LOCK 100 +#define RSA_F_OLD_RSA_PRIV_DECODE 147 +#define RSA_F_PKEY_RSA_CTRL 143 +#define RSA_F_PKEY_RSA_CTRL_STR 144 +#define RSA_F_PKEY_RSA_SIGN 142 +#define RSA_F_PKEY_RSA_VERIFYRECOVER 141 #define RSA_F_RSA_BUILTIN_KEYGEN 129 #define RSA_F_RSA_CHECK_KEY 123 #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 @@ -434,11 +436,10 @@ void ERR_load_RSA_strings(void); #define RSA_F_RSA_PADDING_CHECK_X931 128 #define RSA_F_RSA_PRINT 115 #define RSA_F_RSA_PRINT_FP 116 -#define RSA_F_RSA_PRIVATE_ENCRYPT 137 -#define RSA_F_RSA_PUBLIC_DECRYPT 138 +#define RSA_F_RSA_PRIV_DECODE 137 +#define RSA_F_RSA_PRIV_ENCODE 138 +#define RSA_F_RSA_PUB_DECODE 139 #define RSA_F_RSA_SETUP_BLINDING 136 -#define RSA_F_RSA_SET_DEFAULT_METHOD 139 -#define RSA_F_RSA_SET_METHOD 142 #define RSA_F_RSA_SIGN 117 #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 #define RSA_F_RSA_VERIFY 119 @@ -464,20 +465,25 @@ void ERR_load_RSA_strings(void); #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 #define RSA_R_D_E_NOT_CONGRUENT_TO_1 123 #define RSA_R_FIRST_OCTET_INVALID 133 +#define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144 +#define RSA_R_INVALID_DIGEST_LENGTH 143 #define RSA_R_INVALID_HEADER 137 +#define RSA_R_INVALID_KEYBITS 145 #define RSA_R_INVALID_MESSAGE_LENGTH 131 #define RSA_R_INVALID_PADDING 138 +#define RSA_R_INVALID_PADDING_MODE 141 +#define RSA_R_INVALID_PSS_SALTLEN 146 #define RSA_R_INVALID_TRAILER 139 +#define RSA_R_INVALID_X931_DIGEST 142 #define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 #define RSA_R_KEY_SIZE_TOO_SMALL 120 #define RSA_R_LAST_OCTET_INVALID 134 #define RSA_R_MODULUS_TOO_LARGE 105 -#define RSA_R_NON_FIPS_METHOD 141 #define RSA_R_NO_PUBLIC_EXPONENT 140 #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 -#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 142 +#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 #define RSA_R_PADDING_CHECK_FAILED 114 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 @@ -488,6 +494,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 #define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 #define RSA_R_UNKNOWN_PADDING_TYPE 118 +#define RSA_R_VALUE_MISSING 147 #define RSA_R_WRONG_SIGNATURE_LENGTH 119 #ifdef __cplusplus diff --git a/src/lib/libcrypto/rsa/rsa_asn1.c b/src/lib/libcrypto/rsa/rsa_asn1.c index 6e8a803e81..4efca8cdc8 100644 --- a/src/lib/libcrypto/rsa/rsa_asn1.c +++ b/src/lib/libcrypto/rsa/rsa_asn1.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -62,19 +62,9 @@ #include #include -static ASN1_METHOD method={ - (I2D_OF(void)) i2d_RSAPrivateKey, - (D2I_OF(void)) d2i_RSAPrivateKey, - (void *(*)(void)) RSA_new, - (void (*)(void *)) RSA_free}; - -ASN1_METHOD *RSAPrivateKey_asn1_meth(void) - { - return(&method); - } - /* Override the default free and new methods */ -static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { if(operation == ASN1_OP_NEW_PRE) { *pval = (ASN1_VALUE *)RSA_new(); diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index 04ec789ee9..c5eaeeae6b 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c @@ -115,7 +115,7 @@ #include #include -#if !defined(RSA_NULL) && !defined(OPENSSL_FIPS) +#ifndef RSA_NULL static int RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); @@ -256,6 +256,7 @@ static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) { BN_BLINDING *ret; int got_write_lock = 0; + CRYPTO_THREADID cur; CRYPTO_r_lock(CRYPTO_LOCK_RSA); @@ -273,7 +274,8 @@ static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) if (ret == NULL) goto err; - if (BN_BLINDING_get_thread_id(ret) == CRYPTO_thread_id()) + CRYPTO_THREADID_current(&cur); + if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret))) { /* rsa->blinding is ours! */ @@ -353,28 +355,6 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, int local_blinding = 0; BN_BLINDING *blinding = NULL; - if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE); - return -1; - } - - if (BN_ucmp(rsa->n, rsa->e) <= 0) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); - return -1; - } - - /* for large moduli, enforce exponent limit */ - if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) - { - if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); - return -1; - } - } - if ((ctx=BN_CTX_new()) == NULL) goto err; BN_CTX_start(ctx); f = BN_CTX_get(ctx); diff --git a/src/lib/libcrypto/rsa/rsa_eng.c b/src/lib/libcrypto/rsa/rsa_eng.c deleted file mode 100644 index 383a7045b2..0000000000 --- a/src/lib/libcrypto/rsa/rsa_eng.c +++ /dev/null @@ -1,348 +0,0 @@ -/* crypto/rsa/rsa_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include -#ifndef OPENSSL_NO_ENGINE -#include -#endif - -const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT; - -static const RSA_METHOD *default_RSA_meth=NULL; - -RSA *RSA_new(void) - { - RSA *r=RSA_new_method(NULL); - - return r; - } - -void RSA_set_default_method(const RSA_METHOD *meth) - { -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) - { - RSAerr(RSA_F_RSA_SET_DEFAULT_METHOD, RSA_R_NON_FIPS_METHOD); - return; - } -#endif - default_RSA_meth = meth; - } - -const RSA_METHOD *RSA_get_default_method(void) - { - if (default_RSA_meth == NULL) - { -#ifdef RSA_NULL - default_RSA_meth=RSA_null_method(); -#else -#if 0 /* was: #ifdef RSAref */ - default_RSA_meth=RSA_PKCS1_RSAref(); -#else - default_RSA_meth=RSA_PKCS1_SSLeay(); -#endif -#endif - } - - return default_RSA_meth; - } - -const RSA_METHOD *RSA_get_method(const RSA *rsa) - { - return rsa->meth; - } - -int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) - { - /* NB: The caller is specifically setting a method, so it's not up to us - * to deal with which ENGINE it comes from. */ - const RSA_METHOD *mtmp; -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) - { - RSAerr(RSA_F_RSA_SET_METHOD, RSA_R_NON_FIPS_METHOD); - return 0; - } -#endif - mtmp = rsa->meth; - if (mtmp->finish) mtmp->finish(rsa); -#ifndef OPENSSL_NO_ENGINE - if (rsa->engine) - { - ENGINE_finish(rsa->engine); - rsa->engine = NULL; - } -#endif - rsa->meth = meth; - if (meth->init) meth->init(rsa); - return 1; - } - -RSA *RSA_new_method(ENGINE *engine) - { - RSA *ret; - - ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); - if (ret == NULL) - { - RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); - return NULL; - } - - ret->meth = RSA_get_default_method(); -#ifndef OPENSSL_NO_ENGINE - if (engine) - { - if (!ENGINE_init(engine)) - { - RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); - OPENSSL_free(ret); - return NULL; - } - ret->engine = engine; - } - else - ret->engine = ENGINE_get_default_RSA(); - if(ret->engine) - { - ret->meth = ENGINE_get_RSA(ret->engine); - if(!ret->meth) - { - RSAerr(RSA_F_RSA_NEW_METHOD, - ERR_R_ENGINE_LIB); - ENGINE_finish(ret->engine); - OPENSSL_free(ret); - return NULL; - } - } -#endif -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(ret->meth->flags & RSA_FLAG_FIPS_METHOD)) - { - RSAerr(RSA_F_RSA_NEW_METHOD, RSA_R_NON_FIPS_METHOD); -#ifndef OPENSSL_NO_ENGINE - if (ret->engine) - ENGINE_finish(ret->engine); -#endif - OPENSSL_free(ret); - return NULL; - } -#endif - - ret->pad=0; - ret->version=0; - ret->n=NULL; - ret->e=NULL; - ret->d=NULL; - ret->p=NULL; - ret->q=NULL; - ret->dmp1=NULL; - ret->dmq1=NULL; - ret->iqmp=NULL; - ret->references=1; - ret->_method_mod_n=NULL; - ret->_method_mod_p=NULL; - ret->_method_mod_q=NULL; - ret->blinding=NULL; - ret->mt_blinding=NULL; - ret->bignum_data=NULL; - ret->flags=ret->meth->flags; - CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); - if ((ret->meth->init != NULL) && !ret->meth->init(ret)) - { -#ifndef OPENSSL_NO_ENGINE - if (ret->engine) - ENGINE_finish(ret->engine); -#endif - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); - OPENSSL_free(ret); - ret=NULL; - } - return(ret); - } - -void RSA_free(RSA *r) - { - int i; - - if (r == NULL) return; - - i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA); -#ifdef REF_PRINT - REF_PRINT("RSA",r); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"RSA_free, bad reference count\n"); - abort(); - } -#endif - - if (r->meth->finish) - r->meth->finish(r); -#ifndef OPENSSL_NO_ENGINE - if (r->engine) - ENGINE_finish(r->engine); -#endif - - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); - - if (r->n != NULL) BN_clear_free(r->n); - if (r->e != NULL) BN_clear_free(r->e); - if (r->d != NULL) BN_clear_free(r->d); - if (r->p != NULL) BN_clear_free(r->p); - if (r->q != NULL) BN_clear_free(r->q); - if (r->dmp1 != NULL) BN_clear_free(r->dmp1); - if (r->dmq1 != NULL) BN_clear_free(r->dmq1); - if (r->iqmp != NULL) BN_clear_free(r->iqmp); - if (r->blinding != NULL) BN_BLINDING_free(r->blinding); - if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding); - if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); - OPENSSL_free(r); - } - -int RSA_up_ref(RSA *r) - { - int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA); -#ifdef REF_PRINT - REF_PRINT("RSA",r); -#endif -#ifdef REF_CHECK - if (i < 2) - { - fprintf(stderr, "RSA_up_ref, bad reference count\n"); - abort(); - } -#endif - return ((i > 1) ? 1 : 0); - } - -int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp, - new_func, dup_func, free_func); - } - -int RSA_set_ex_data(RSA *r, int idx, void *arg) - { - return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); - } - -void *RSA_get_ex_data(const RSA *r, int idx) - { - return(CRYPTO_get_ex_data(&r->ex_data,idx)); - } - -int RSA_flags(const RSA *r) - { - return((r == NULL)?0:r->meth->flags); - } - -int RSA_memory_lock(RSA *r) - { - int i,j,k,off; - char *p; - BIGNUM *bn,**t[6],*b; - BN_ULONG *ul; - - if (r->d == NULL) return(1); - t[0]= &r->d; - t[1]= &r->p; - t[2]= &r->q; - t[3]= &r->dmp1; - t[4]= &r->dmq1; - t[5]= &r->iqmp; - k=sizeof(BIGNUM)*6; - off=k/sizeof(BN_ULONG)+1; - j=1; - for (i=0; i<6; i++) - j+= (*t[i])->top; - if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) - { - RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); - return(0); - } - bn=(BIGNUM *)p; - ul=(BN_ULONG *)&(p[off]); - for (i=0; i<6; i++) - { - b= *(t[i]); - *(t[i])= &(bn[i]); - memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM)); - bn[i].flags=BN_FLG_STATIC_DATA; - bn[i].d=ul; - memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top); - ul+=b->top; - BN_clear_free(b); - } - - /* I should fix this so it can still be done */ - r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC); - - r->bignum_data=p; - return(1); - } diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c index 501f5ea389..cf9f1106b0 100644 --- a/src/lib/libcrypto/rsa/rsa_err.c +++ b/src/lib/libcrypto/rsa/rsa_err.c @@ -1,6 +1,6 @@ /* crypto/rsa/rsa_err.c */ /* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,9 +70,15 @@ static ERR_STRING_DATA RSA_str_functs[]= { -{ERR_FUNC(RSA_F_FIPS_RSA_SIGN), "FIPS_RSA_SIGN"}, -{ERR_FUNC(RSA_F_FIPS_RSA_VERIFY), "FIPS_RSA_VERIFY"}, +{ERR_FUNC(RSA_F_CHECK_PADDING_MD), "CHECK_PADDING_MD"}, +{ERR_FUNC(RSA_F_DO_RSA_PRINT), "DO_RSA_PRINT"}, +{ERR_FUNC(RSA_F_INT_RSA_VERIFY), "INT_RSA_VERIFY"}, {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"}, +{ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE), "OLD_RSA_PRIV_DECODE"}, +{ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "PKEY_RSA_CTRL"}, +{ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"}, +{ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"}, +{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"}, {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, @@ -103,11 +109,10 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, -{ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT), "RSA_private_encrypt"}, -{ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT), "RSA_public_decrypt"}, +{ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"}, +{ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "RSA_PRIV_ENCODE"}, +{ERR_FUNC(RSA_F_RSA_PUB_DECODE), "RSA_PUB_DECODE"}, {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, -{ERR_FUNC(RSA_F_RSA_SET_DEFAULT_METHOD), "RSA_set_default_method"}, -{ERR_FUNC(RSA_F_RSA_SET_METHOD), "RSA_set_method"}, {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"}, {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"}, {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, @@ -136,20 +141,25 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"}, {ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"}, {ERR_REASON(RSA_R_FIRST_OCTET_INVALID) ,"first octet invalid"}, +{ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE),"illegal or unsupported padding mode"}, +{ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH) ,"invalid digest length"}, {ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"}, +{ERR_REASON(RSA_R_INVALID_KEYBITS) ,"invalid keybits"}, {ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"}, {ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"}, +{ERR_REASON(RSA_R_INVALID_PADDING_MODE) ,"invalid padding mode"}, +{ERR_REASON(RSA_R_INVALID_PSS_SALTLEN) ,"invalid pss saltlen"}, {ERR_REASON(RSA_R_INVALID_TRAILER) ,"invalid trailer"}, +{ERR_REASON(RSA_R_INVALID_X931_DIGEST) ,"invalid x931 digest"}, {ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"}, {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, {ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"}, {ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, -{ERR_REASON(RSA_R_NON_FIPS_METHOD) ,"non fips method"}, {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"}, {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, -{ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, +{ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, @@ -160,6 +170,7 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"}, {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"}, {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"}, +{ERR_REASON(RSA_R_VALUE_MISSING) ,"value missing"}, {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"}, {0,NULL} }; diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c index 41278f83c6..767f7ab682 100644 --- a/src/lib/libcrypto/rsa/rsa_gen.c +++ b/src/lib/libcrypto/rsa/rsa_gen.c @@ -68,8 +68,6 @@ #include #include -#ifndef OPENSSL_FIPS - static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); /* NB: this wrapper would normally be placed in rsa_lib.c and the static @@ -219,4 +217,3 @@ err: return ok; } -#endif diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c index 5714841f4c..de45088d76 100644 --- a/src/lib/libcrypto/rsa/rsa_lib.c +++ b/src/lib/libcrypto/rsa/rsa_lib.c @@ -67,6 +67,224 @@ #include #endif +const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT; + +static const RSA_METHOD *default_RSA_meth=NULL; + +RSA *RSA_new(void) + { + RSA *r=RSA_new_method(NULL); + + return r; + } + +void RSA_set_default_method(const RSA_METHOD *meth) + { + default_RSA_meth = meth; + } + +const RSA_METHOD *RSA_get_default_method(void) + { + if (default_RSA_meth == NULL) + { +#ifdef RSA_NULL + default_RSA_meth=RSA_null_method(); +#else +#if 0 /* was: #ifdef RSAref */ + default_RSA_meth=RSA_PKCS1_RSAref(); +#else + default_RSA_meth=RSA_PKCS1_SSLeay(); +#endif +#endif + } + + return default_RSA_meth; + } + +const RSA_METHOD *RSA_get_method(const RSA *rsa) + { + return rsa->meth; + } + +int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) + { + /* NB: The caller is specifically setting a method, so it's not up to us + * to deal with which ENGINE it comes from. */ + const RSA_METHOD *mtmp; + mtmp = rsa->meth; + if (mtmp->finish) mtmp->finish(rsa); +#ifndef OPENSSL_NO_ENGINE + if (rsa->engine) + { + ENGINE_finish(rsa->engine); + rsa->engine = NULL; + } +#endif + rsa->meth = meth; + if (meth->init) meth->init(rsa); + return 1; + } + +RSA *RSA_new_method(ENGINE *engine) + { + RSA *ret; + + ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); + if (ret == NULL) + { + RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); + return NULL; + } + + ret->meth = RSA_get_default_method(); +#ifndef OPENSSL_NO_ENGINE + if (engine) + { + if (!ENGINE_init(engine)) + { + RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); + OPENSSL_free(ret); + return NULL; + } + ret->engine = engine; + } + else + ret->engine = ENGINE_get_default_RSA(); + if(ret->engine) + { + ret->meth = ENGINE_get_RSA(ret->engine); + if(!ret->meth) + { + RSAerr(RSA_F_RSA_NEW_METHOD, + ERR_R_ENGINE_LIB); + ENGINE_finish(ret->engine); + OPENSSL_free(ret); + return NULL; + } + } +#endif + + ret->pad=0; + ret->version=0; + ret->n=NULL; + ret->e=NULL; + ret->d=NULL; + ret->p=NULL; + ret->q=NULL; + ret->dmp1=NULL; + ret->dmq1=NULL; + ret->iqmp=NULL; + ret->references=1; + ret->_method_mod_n=NULL; + ret->_method_mod_p=NULL; + ret->_method_mod_q=NULL; + ret->blinding=NULL; + ret->mt_blinding=NULL; + ret->bignum_data=NULL; + ret->flags=ret->meth->flags; + if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) + { +#ifndef OPENSSL_NO_ENGINE + if (ret->engine) + ENGINE_finish(ret->engine); +#endif + OPENSSL_free(ret); + return(NULL); + } + + if ((ret->meth->init != NULL) && !ret->meth->init(ret)) + { +#ifndef OPENSSL_NO_ENGINE + if (ret->engine) + ENGINE_finish(ret->engine); +#endif + CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); + OPENSSL_free(ret); + ret=NULL; + } + return(ret); + } + +void RSA_free(RSA *r) + { + int i; + + if (r == NULL) return; + + i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA); +#ifdef REF_PRINT + REF_PRINT("RSA",r); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"RSA_free, bad reference count\n"); + abort(); + } +#endif + + if (r->meth->finish) + r->meth->finish(r); +#ifndef OPENSSL_NO_ENGINE + if (r->engine) + ENGINE_finish(r->engine); +#endif + + CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); + + if (r->n != NULL) BN_clear_free(r->n); + if (r->e != NULL) BN_clear_free(r->e); + if (r->d != NULL) BN_clear_free(r->d); + if (r->p != NULL) BN_clear_free(r->p); + if (r->q != NULL) BN_clear_free(r->q); + if (r->dmp1 != NULL) BN_clear_free(r->dmp1); + if (r->dmq1 != NULL) BN_clear_free(r->dmq1); + if (r->iqmp != NULL) BN_clear_free(r->iqmp); + if (r->blinding != NULL) BN_BLINDING_free(r->blinding); + if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding); + if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); + OPENSSL_free(r); + } + +int RSA_up_ref(RSA *r) + { + int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA); +#ifdef REF_PRINT + REF_PRINT("RSA",r); +#endif +#ifdef REF_CHECK + if (i < 2) + { + fprintf(stderr, "RSA_up_ref, bad reference count\n"); + abort(); + } +#endif + return ((i > 1) ? 1 : 0); + } + +int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, + CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) + { + return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp, + new_func, dup_func, free_func); + } + +int RSA_set_ex_data(RSA *r, int idx, void *arg) + { + return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); + } + +void *RSA_get_ex_data(const RSA *r, int idx) + { + return(CRYPTO_get_ex_data(&r->ex_data,idx)); + } + +int RSA_size(const RSA *r) + { + return(BN_num_bytes(r->n)); + } + int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { @@ -76,13 +294,6 @@ int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) - { - RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); - return 0; - } -#endif return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); } @@ -95,19 +306,12 @@ int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) - { - RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); - return 0; - } -#endif return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); } -int RSA_size(const RSA *r) +int RSA_flags(const RSA *r) { - return(BN_num_bytes(r->n)); + return((r == NULL)?0:r->meth->flags); } void RSA_blinding_off(RSA *rsa) @@ -222,7 +426,7 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB); goto err; } - BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id()); + CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret)); err: BN_CTX_end(ctx); if (in_ctx == NULL) @@ -232,3 +436,48 @@ err: return ret; } + +int RSA_memory_lock(RSA *r) + { + int i,j,k,off; + char *p; + BIGNUM *bn,**t[6],*b; + BN_ULONG *ul; + + if (r->d == NULL) return(1); + t[0]= &r->d; + t[1]= &r->p; + t[2]= &r->q; + t[3]= &r->dmp1; + t[4]= &r->dmq1; + t[5]= &r->iqmp; + k=sizeof(BIGNUM)*6; + off=k/sizeof(BN_ULONG)+1; + j=1; + for (i=0; i<6; i++) + j+= (*t[i])->top; + if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) + { + RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); + return(0); + } + bn=(BIGNUM *)p; + ul=(BN_ULONG *)&(p[off]); + for (i=0; i<6; i++) + { + b= *(t[i]); + *(t[i])= &(bn[i]); + memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM)); + bn[i].flags=BN_FLG_STATIC_DATA; + bn[i].d=ul; + memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top); + ul+=b->top; + BN_clear_free(b); + } + + /* I should fix this so it can still be done */ + r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC); + + r->bignum_data=p; + return(1); + } diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c index 4d30c9d2d3..e238d10e5c 100644 --- a/src/lib/libcrypto/rsa/rsa_oaep.c +++ b/src/lib/libcrypto/rsa/rsa_oaep.c @@ -28,7 +28,7 @@ #include #include -int MGF1(unsigned char *mask, long len, +static int MGF1(unsigned char *mask, long len, const unsigned char *seed, long seedlen); int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, @@ -52,13 +52,6 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, return 0; } - dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH); - if (dbmask == NULL) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); - return 0; - } - to[0] = 0; seed = to + 1; db = to + SHA_DIGEST_LENGTH + 1; @@ -76,11 +69,20 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, 20); #endif - MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH); + dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH); + if (dbmask == NULL) + { + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); + return 0; + } + + if (MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH) < 0) + return 0; for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++) db[i] ^= dbmask[i]; - MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH); + if (MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH) < 0) + return 0; for (i = 0; i < SHA_DIGEST_LENGTH; i++) seed[i] ^= seedmask[i]; @@ -133,11 +135,13 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, maskeddb = padded_from + SHA_DIGEST_LENGTH; - MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen); + if (MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen)) + return -1; for (i = 0; i < SHA_DIGEST_LENGTH; i++) seed[i] ^= padded_from[i]; - MGF1(db, dblen, seed, SHA_DIGEST_LENGTH); + if (MGF1(db, dblen, seed, SHA_DIGEST_LENGTH)) + return -1; for (i = 0; i < dblen; i++) db[i] ^= maskeddb[i]; @@ -187,7 +191,9 @@ int PKCS1_MGF1(unsigned char *mask, long len, int mdlen; EVP_MD_CTX_init(&c); - mdlen = M_EVP_MD_size(dgst); + mdlen = EVP_MD_size(dgst); + if (mdlen < 0) + return -1; for (i = 0; outlen < len; i++) { cnt[0] = (unsigned char)((i >> 24) & 255); @@ -213,7 +219,8 @@ int PKCS1_MGF1(unsigned char *mask, long len, return 0; } -int MGF1(unsigned char *mask, long len, const unsigned char *seed, long seedlen) +static int MGF1(unsigned char *mask, long len, const unsigned char *seed, + long seedlen) { return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1()); } diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c index 5488c06f6d..0be4ec7fb0 100644 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ b/src/lib/libcrypto/rsa/rsa_sign.c @@ -62,6 +62,7 @@ #include #include #include +#include "rsa_locl.h" /* Size of an SSL signature: MD5+SHA1 */ #define SSL_SIG_LENGTH 36 @@ -90,14 +91,6 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, i = SSL_SIG_LENGTH; s = m; } else { - /* NB: in FIPS mode block anything that isn't a TLS signature */ -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) - { - RSAerr(RSA_F_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); - return 0; - } -#endif sig.algor= &algor; sig.algor->algorithm=OBJ_nid2obj(type); if (sig.algor->algorithm == NULL) @@ -150,8 +143,11 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, return(ret); } -int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa) +int int_rsa_verify(int dtype, const unsigned char *m, + unsigned int m_len, + unsigned char *rm, size_t *prm_len, + const unsigned char *sigbuf, size_t siglen, + RSA *rsa) { int i,ret=0,sigtype; unsigned char *s; @@ -159,38 +155,30 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, if (siglen != (unsigned int)RSA_size(rsa)) { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH); + RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH); return(0); } - if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) + if((dtype == NID_md5_sha1) && rm) { - return rsa->meth->rsa_verify(dtype, m, m_len, - sigbuf, siglen, rsa); + i = RSA_public_decrypt((int)siglen, + sigbuf,rm,rsa,RSA_PKCS1_PADDING); + if (i <= 0) + return 0; + *prm_len = i; + return 1; } s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); if (s == NULL) { - RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); + RSAerr(RSA_F_INT_RSA_VERIFY,ERR_R_MALLOC_FAILURE); goto err; } - if(dtype == NID_md5_sha1) - { - if (m_len != SSL_SIG_LENGTH) - { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH); + if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) { + RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH); goto err; - } - } - /* NB: in FIPS mode block anything that isn't a TLS signature */ -#ifdef OPENSSL_FIPS - else if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) - { - RSAerr(RSA_F_RSA_VERIFY, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); - return 0; - } -#endif + } i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); if (i <= 0) goto err; @@ -198,7 +186,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, /* Special case: SSL signature */ if(dtype == NID_md5_sha1) { if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH)) - RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); else ret = 1; } else { const unsigned char *p=s; @@ -209,7 +197,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, /* Excess data can be used to create forgeries */ if(p != s+i) { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); goto err; } @@ -218,7 +206,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, if(sig->algor->parameter && ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL) { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); goto err; } @@ -244,15 +232,30 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, } else { - RSAerr(RSA_F_RSA_VERIFY, + RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_ALGORITHM_MISMATCH); goto err; } } - if ( ((unsigned int)sig->digest->length != m_len) || + if (rm) + { + const EVP_MD *md; + md = EVP_get_digestbynid(dtype); + if (md && (EVP_MD_size(md) != sig->digest->length)) + RSAerr(RSA_F_INT_RSA_VERIFY, + RSA_R_INVALID_DIGEST_LENGTH); + else + { + memcpy(rm, sig->digest->data, + sig->digest->length); + *prm_len = sig->digest->length; + ret = 1; + } + } + else if (((unsigned int)sig->digest->length != m_len) || (memcmp(m,sig->digest->data,m_len) != 0)) { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); } else ret=1; @@ -267,3 +270,16 @@ err: return(ret); } +int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, + const unsigned char *sigbuf, unsigned int siglen, + RSA *rsa) + { + + if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) + { + return rsa->meth->rsa_verify(dtype, m, m_len, + sigbuf, siglen, rsa); + } + + return int_rsa_verify(dtype, m, m_len, NULL, NULL, sigbuf, siglen, rsa); + } diff --git a/src/lib/libcrypto/rsa/rsa_test.c b/src/lib/libcrypto/rsa/rsa_test.c index 4080de8bcf..c8705a0f6e 100644 --- a/src/lib/libcrypto/rsa/rsa_test.c +++ b/src/lib/libcrypto/rsa/rsa_test.c @@ -328,7 +328,7 @@ int main(int argc, char *argv[]) } CRYPTO_cleanup_all_ex_data(); - ERR_remove_state(0); + ERR_remove_thread_state(NULL); CRYPTO_mem_leaks_fp(stderr); diff --git a/src/lib/libcrypto/rsa/rsa_x931g.c b/src/lib/libcrypto/rsa/rsa_x931g.c deleted file mode 100644 index bf94f8be7a..0000000000 --- a/src/lib/libcrypto/rsa/rsa_x931g.c +++ /dev/null @@ -1,255 +0,0 @@ -/* crypto/rsa/rsa_gen.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include - -#ifndef OPENSSL_FIPS - -/* X9.31 RSA key derivation and generation */ - -int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2, - const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp, - const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq, - const BIGNUM *e, BN_GENCB *cb) - { - BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL; - BN_CTX *ctx=NULL,*ctx2=NULL; - - if (!rsa) - goto err; - - ctx = BN_CTX_new(); - if (!ctx) - goto err; - BN_CTX_start(ctx); - - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - r3 = BN_CTX_get(ctx); - - if (r3 == NULL) - goto err; - if (!rsa->e) - { - rsa->e = BN_dup(e); - if (!rsa->e) - goto err; - } - else - e = rsa->e; - - /* If not all parameters present only calculate what we can. - * This allows test programs to output selective parameters. - */ - - if (Xp && !rsa->p) - { - rsa->p = BN_new(); - if (!rsa->p) - goto err; - - if (!BN_X931_derive_prime_ex(rsa->p, p1, p2, - Xp, Xp1, Xp2, e, ctx, cb)) - goto err; - } - - if (Xq && !rsa->q) - { - rsa->q = BN_new(); - if (!rsa->q) - goto err; - if (!BN_X931_derive_prime_ex(rsa->q, q1, q2, - Xq, Xq1, Xq2, e, ctx, cb)) - goto err; - } - - if (!rsa->p || !rsa->q) - { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return 2; - } - - /* Since both primes are set we can now calculate all remaining - * components. - */ - - /* calculate n */ - rsa->n=BN_new(); - if (rsa->n == NULL) - goto err; - if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) - goto err; - - /* calculate d */ - if (!BN_sub(r1,rsa->p,BN_value_one())) - goto err; /* p-1 */ - if (!BN_sub(r2,rsa->q,BN_value_one())) - goto err; /* q-1 */ - if (!BN_mul(r0,r1,r2,ctx)) - goto err; /* (p-1)(q-1) */ - - if (!BN_gcd(r3, r1, r2, ctx)) - goto err; - - if (!BN_div(r0, NULL, r0, r3, ctx)) - goto err; /* LCM((p-1)(q-1)) */ - - ctx2 = BN_CTX_new(); - if (!ctx2) - goto err; - - rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ - if (rsa->d == NULL) - goto err; - - /* calculate d mod (p-1) */ - rsa->dmp1=BN_new(); - if (rsa->dmp1 == NULL) - goto err; - if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) - goto err; - - /* calculate d mod (q-1) */ - rsa->dmq1=BN_new(); - if (rsa->dmq1 == NULL) - goto err; - if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) - goto err; - - /* calculate inverse of q mod p */ - rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); - - err: - if (ctx) - { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (ctx2) - BN_CTX_free(ctx2); - /* If this is set all calls successful */ - if (rsa && rsa->iqmp != NULL) - return 1; - - return 0; - - } - -int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb) - { - int ok = 0; - BIGNUM *Xp = NULL, *Xq = NULL; - BN_CTX *ctx = NULL; - - ctx = BN_CTX_new(); - if (!ctx) - goto error; - - BN_CTX_start(ctx); - Xp = BN_CTX_get(ctx); - Xq = BN_CTX_get(ctx); - if (!BN_X931_generate_Xpq(Xp, Xq, bits, ctx)) - goto error; - - rsa->p = BN_new(); - rsa->q = BN_new(); - if (!rsa->p || !rsa->q) - goto error; - - /* Generate two primes from Xp, Xq */ - - if (!BN_X931_generate_prime_ex(rsa->p, NULL, NULL, NULL, NULL, Xp, - e, ctx, cb)) - goto error; - - if (!BN_X931_generate_prime_ex(rsa->q, NULL, NULL, NULL, NULL, Xq, - e, ctx, cb)) - goto error; - - /* Since rsa->p and rsa->q are valid this call will just derive - * remaining RSA components. - */ - - if (!RSA_X931_derive_ex(rsa, NULL, NULL, NULL, NULL, - NULL, NULL, NULL, NULL, NULL, NULL, e, cb)) - goto error; - - ok = 1; - - error: - if (ctx) - { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - - if (ok) - return 1; - - return 0; - - } - -#endif diff --git a/src/lib/libcrypto/sha/Makefile.ssl b/src/lib/libcrypto/sha/Makefile.ssl deleted file mode 100644 index 4ba201c787..0000000000 --- a/src/lib/libcrypto/sha/Makefile.ssl +++ /dev/null @@ -1,116 +0,0 @@ -# -# SSLeay/crypto/sha/Makefile -# - -DIR= sha -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -SHA1_ASM_OBJ= - -CFLAGS= $(INCLUDES) $(CFLAG) -ASFLAGS= $(INCLUDES) $(ASFLAG) - -GENERAL=Makefile -TEST=shatest.c sha1test.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c -LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA1_ASM_OBJ) - -SRC= $(LIBSRC) - -EXHEADER= sha.h -HEADER= sha_locl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -# elf -asm/sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > sx86-elf.s) - -# a.out -asm/sx86-out.o: asm/sx86unix.cpp - $(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o - -# bsdi -asm/sx86bsdi.o: asm/sx86unix.cpp - $(CPP) -DBSDI asm/sx86unix.cpp | sed 's/ :/:/' | as -o asm/sx86bsdi.o - -asm/sx86unix.cpp: asm/sha1-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) sha1-586.pl cpp $(PROCESSOR) >sx86unix.cpp) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/sx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -sha1_one.o: ../../include/openssl/opensslconf.h -sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -sha1_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -sha1_one.o: ../../include/openssl/symhacks.h sha1_one.c -sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h -sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h -sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h -sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h -sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -sha_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -sha_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -sha_one.o: sha_one.c diff --git a/src/lib/libcrypto/sha/asm/sha1-586.pl b/src/lib/libcrypto/sha/asm/sha1-586.pl index a787dd37da..a1f876281a 100644 --- a/src/lib/libcrypto/sha/asm/sha1-586.pl +++ b/src/lib/libcrypto/sha/asm/sha1-586.pl @@ -215,5 +215,6 @@ sub BODY_40_59 &stack_pop(16); &function_end("sha1_block_data_order"); +&asciz("SHA1 block transform for x86, CRYPTOGAMS by "); &asm_finish(); diff --git a/src/lib/libcrypto/sha/asm/sha512-sse2.pl b/src/lib/libcrypto/sha/asm/sha512-sse2.pl deleted file mode 100644 index 10902bf673..0000000000 --- a/src/lib/libcrypto/sha/asm/sha512-sse2.pl +++ /dev/null @@ -1,404 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. -# ==================================================================== -# -# SHA512_Transform_SSE2. -# -# As the name suggests, this is an IA-32 SSE2 implementation of -# SHA512_Transform. Motivating factor for the undertaken effort was that -# SHA512 was observed to *consistently* perform *significantly* poorer -# than SHA256 [2x and slower is common] on 32-bit platforms. On 64-bit -# platforms on the other hand SHA512 tend to outperform SHA256 [~50% -# seem to be common improvement factor]. All this is perfectly natural, -# as SHA512 is a 64-bit algorithm. But isn't IA-32 SSE2 essentially -# a 64-bit instruction set? Is it rich enough to implement SHA512? -# If answer was "no," then you wouldn't have been reading this... -# -# Throughput performance in MBps (larger is better): -# -# 2.4GHz P4 1.4GHz AMD32 1.4GHz AMD64(*) -# SHA256/gcc(*) 54 43 59 -# SHA512/gcc 17 23 92 -# SHA512/sse2 61(**) 57(**) -# SHA512/icc 26 28 -# SHA256/icc(*) 65 54 -# -# (*) AMD64 and SHA256 numbers are presented mostly for amusement or -# reference purposes. -# (**) I.e. it gives ~2-3x speed-up if compared with compiler generated -# code. One can argue that hand-coded *non*-SSE2 implementation -# would perform better than compiler generated one as well, and -# that comparison is therefore not exactly fair. Well, as SHA512 -# puts enormous pressure on IA-32 GP register bank, I reckon that -# hand-coded version wouldn't perform significantly better than -# one compiled with icc, ~20% perhaps... So that this code would -# still outperform it with distinguishing marginal. But feel free -# to prove me wrong:-) -# -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"sha512-sse2.pl",$ARGV[$#ARGV] eq "386"); - -$K512="esi"; # K512[80] table, found at the end... -#$W512="esp"; # $W512 is not just W512[16]: it comprises *two* copies - # of W512[16] and a copy of A-H variables... -$W512_SZ=8*(16+16+8); # see above... -#$Kidx="ebx"; # index in K512 table, advances from 0 to 80... -$Widx="edx"; # index in W512, wraps around at 16... -$data="edi"; # 16 qwords of input data... -$A="mm0"; # B-D and -$E="mm1"; # F-H are allocated dynamically... -$Aoff=256+0; # A-H offsets relative to $W512... -$Boff=256+8; -$Coff=256+16; -$Doff=256+24; -$Eoff=256+32; -$Foff=256+40; -$Goff=256+48; -$Hoff=256+56; - -sub SHA2_ROUND() -{ local ($kidx,$widx)=@_; - - # One can argue that one could reorder instructions for better - # performance. Well, I tried and it doesn't seem to make any - # noticeable difference. Modern out-of-order execution cores - # reorder instructions to their liking in either case and they - # apparently do decent job. So we can keep the code more - # readable/regular/comprehensible:-) - - # I adhere to 64-bit %mmX registers in order to avoid/not care - # about #GP exceptions on misaligned 128-bit access, most - # notably in paddq with memory operand. Not to mention that - # SSE2 intructions operating on %mmX can be scheduled every - # cycle [and not every second one if operating on %xmmN]. - - &movq ("mm4",&QWP($Foff,$W512)); # load f - &movq ("mm5",&QWP($Goff,$W512)); # load g - &movq ("mm6",&QWP($Hoff,$W512)); # load h - - &movq ("mm2",$E); # %mm2 is sliding right - &movq ("mm3",$E); # %mm3 is sliding left - &psrlq ("mm2",14); - &psllq ("mm3",23); - &movq ("mm7","mm2"); # %mm7 is T1 - &pxor ("mm7","mm3"); - &psrlq ("mm2",4); - &psllq ("mm3",23); - &pxor ("mm7","mm2"); - &pxor ("mm7","mm3"); - &psrlq ("mm2",23); - &psllq ("mm3",4); - &pxor ("mm7","mm2"); - &pxor ("mm7","mm3"); # T1=Sigma1_512(e) - - &movq (&QWP($Foff,$W512),$E); # f = e - &movq (&QWP($Goff,$W512),"mm4"); # g = f - &movq (&QWP($Hoff,$W512),"mm5"); # h = g - - &pxor ("mm4","mm5"); # f^=g - &pand ("mm4",$E); # f&=e - &pxor ("mm4","mm5"); # f^=g - &paddq ("mm7","mm4"); # T1+=Ch(e,f,g) - - &movq ("mm2",&QWP($Boff,$W512)); # load b - &movq ("mm3",&QWP($Coff,$W512)); # load c - &movq ($E,&QWP($Doff,$W512)); # e = d - - &paddq ("mm7","mm6"); # T1+=h - &paddq ("mm7",&QWP(0,$K512,$kidx,8)); # T1+=K512[i] - &paddq ("mm7",&QWP(0,$W512,$widx,8)); # T1+=W512[i] - &paddq ($E,"mm7"); # e += T1 - - &movq ("mm4",$A); # %mm4 is sliding right - &movq ("mm5",$A); # %mm5 is sliding left - &psrlq ("mm4",28); - &psllq ("mm5",25); - &movq ("mm6","mm4"); # %mm6 is T2 - &pxor ("mm6","mm5"); - &psrlq ("mm4",6); - &psllq ("mm5",5); - &pxor ("mm6","mm4"); - &pxor ("mm6","mm5"); - &psrlq ("mm4",5); - &psllq ("mm5",6); - &pxor ("mm6","mm4"); - &pxor ("mm6","mm5"); # T2=Sigma0_512(a) - - &movq (&QWP($Boff,$W512),$A); # b = a - &movq (&QWP($Coff,$W512),"mm2"); # c = b - &movq (&QWP($Doff,$W512),"mm3"); # d = c - - &movq ("mm4",$A); # %mm4=a - &por ($A,"mm3"); # a=a|c - &pand ("mm4","mm3"); # %mm4=a&c - &pand ($A,"mm2"); # a=(a|c)&b - &por ("mm4",$A); # %mm4=(a&c)|((a|c)&b) - &paddq ("mm6","mm4"); # T2+=Maj(a,b,c) - - &movq ($A,"mm7"); # a=T1 - &paddq ($A,"mm6"); # a+=T2 -} - -$func="sha512_block_sse2"; - -&function_begin_B($func); - if (0) {# Caller is expected to check if it's appropriate to - # call this routine. Below 3 lines are retained for - # debugging purposes... - &picmeup("eax","OPENSSL_ia32cap"); - &bt (&DWP(0,"eax"),26); - &jnc ("SHA512_Transform"); - } - - &push ("ebp"); - &mov ("ebp","esp"); - &push ("ebx"); - &push ("esi"); - &push ("edi"); - - &mov ($Widx,&DWP(8,"ebp")); # A-H state, 1st arg - &mov ($data,&DWP(12,"ebp")); # input data, 2nd arg - &call (&label("pic_point")); # make it PIC! -&set_label("pic_point"); - &blindpop($K512); - &lea ($K512,&DWP(&label("K512")."-".&label("pic_point"),$K512)); - - $W512 = "esp"; # start using %esp as W512 - &sub ($W512,$W512_SZ); - &and ($W512,-16); # ensure 128-bit alignment - - # make private copy of A-H - # v assume the worst and stick to unaligned load - &movdqu ("xmm0",&QWP(0,$Widx)); - &movdqu ("xmm1",&QWP(16,$Widx)); - &movdqu ("xmm2",&QWP(32,$Widx)); - &movdqu ("xmm3",&QWP(48,$Widx)); - -&align(8); -&set_label("_chunk_loop"); - - &movdqa (&QWP($Aoff,$W512),"xmm0"); # a,b - &movdqa (&QWP($Coff,$W512),"xmm1"); # c,d - &movdqa (&QWP($Eoff,$W512),"xmm2"); # e,f - &movdqa (&QWP($Goff,$W512),"xmm3"); # g,h - - &xor ($Widx,$Widx); - - &movdq2q($A,"xmm0"); # load a - &movdq2q($E,"xmm2"); # load e - - # Why aren't loops unrolled? It makes sense to unroll if - # execution time for loop body is comparable with branch - # penalties and/or if whole data-set resides in register bank. - # Neither is case here... Well, it would be possible to - # eliminate few store operations, but it would hardly affect - # so to say stop-watch performance, as there is a lot of - # available memory slots to fill. It will only relieve some - # pressure off memory bus... - - # flip input stream byte order... - &mov ("eax",&DWP(0,$data,$Widx,8)); - &mov ("ebx",&DWP(4,$data,$Widx,8)); - &bswap ("eax"); - &bswap ("ebx"); - &mov (&DWP(0,$W512,$Widx,8),"ebx"); # W512[i] - &mov (&DWP(4,$W512,$Widx,8),"eax"); - &mov (&DWP(128+0,$W512,$Widx,8),"ebx"); # copy of W512[i] - &mov (&DWP(128+4,$W512,$Widx,8),"eax"); - -&align(8); -&set_label("_1st_loop"); # 0-15 - # flip input stream byte order... - &mov ("eax",&DWP(0+8,$data,$Widx,8)); - &mov ("ebx",&DWP(4+8,$data,$Widx,8)); - &bswap ("eax"); - &bswap ("ebx"); - &mov (&DWP(0+8,$W512,$Widx,8),"ebx"); # W512[i] - &mov (&DWP(4+8,$W512,$Widx,8),"eax"); - &mov (&DWP(128+0+8,$W512,$Widx,8),"ebx"); # copy of W512[i] - &mov (&DWP(128+4+8,$W512,$Widx,8),"eax"); -&set_label("_1st_looplet"); - &SHA2_ROUND($Widx,$Widx); &inc($Widx); - -&cmp ($Widx,15) -&jl (&label("_1st_loop")); -&je (&label("_1st_looplet")); # playing similar trick on 2nd loop - # does not improve performance... - - $Kidx = "ebx"; # start using %ebx as Kidx - &mov ($Kidx,$Widx); - -&align(8); -&set_label("_2nd_loop"); # 16-79 - &and($Widx,0xf); - - # 128-bit fragment! I update W512[i] and W512[i+1] in - # parallel:-) Note that I refer to W512[(i&0xf)+N] and not to - # W512[(i+N)&0xf]! This is exactly what I maintain the second - # copy of W512[16] for... - &movdqu ("xmm0",&QWP(8*1,$W512,$Widx,8)); # s0=W512[i+1] - &movdqa ("xmm2","xmm0"); # %xmm2 is sliding right - &movdqa ("xmm3","xmm0"); # %xmm3 is sliding left - &psrlq ("xmm2",1); - &psllq ("xmm3",56); - &movdqa ("xmm0","xmm2"); - &pxor ("xmm0","xmm3"); - &psrlq ("xmm2",6); - &psllq ("xmm3",7); - &pxor ("xmm0","xmm2"); - &pxor ("xmm0","xmm3"); - &psrlq ("xmm2",1); - &pxor ("xmm0","xmm2"); # s0 = sigma0_512(s0); - - &movdqa ("xmm1",&QWP(8*14,$W512,$Widx,8)); # s1=W512[i+14] - &movdqa ("xmm4","xmm1"); # %xmm4 is sliding right - &movdqa ("xmm5","xmm1"); # %xmm5 is sliding left - &psrlq ("xmm4",6); - &psllq ("xmm5",3); - &movdqa ("xmm1","xmm4"); - &pxor ("xmm1","xmm5"); - &psrlq ("xmm4",13); - &psllq ("xmm5",42); - &pxor ("xmm1","xmm4"); - &pxor ("xmm1","xmm5"); - &psrlq ("xmm4",42); - &pxor ("xmm1","xmm4"); # s1 = sigma1_512(s1); - - # + have to explictly load W512[i+9] as it's not 128-bit - # v aligned and paddq would throw an exception... - &movdqu ("xmm6",&QWP(8*9,$W512,$Widx,8)); - &paddq ("xmm0","xmm1"); # s0 += s1 - &paddq ("xmm0","xmm6"); # s0 += W512[i+9] - &paddq ("xmm0",&QWP(0,$W512,$Widx,8)); # s0 += W512[i] - - &movdqa (&QWP(0,$W512,$Widx,8),"xmm0"); # W512[i] = s0 - &movdqa (&QWP(16*8,$W512,$Widx,8),"xmm0"); # copy of W512[i] - - # as the above fragment was 128-bit, we "owe" 2 rounds... - &SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx); - &SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx); - -&cmp ($Kidx,80); -&jl (&label("_2nd_loop")); - - # update A-H state - &mov ($Widx,&DWP(8,"ebp")); # A-H state, 1st arg - &movq (&QWP($Aoff,$W512),$A); # write out a - &movq (&QWP($Eoff,$W512),$E); # write out e - &movdqu ("xmm0",&QWP(0,$Widx)); - &movdqu ("xmm1",&QWP(16,$Widx)); - &movdqu ("xmm2",&QWP(32,$Widx)); - &movdqu ("xmm3",&QWP(48,$Widx)); - &paddq ("xmm0",&QWP($Aoff,$W512)); # 128-bit additions... - &paddq ("xmm1",&QWP($Coff,$W512)); - &paddq ("xmm2",&QWP($Eoff,$W512)); - &paddq ("xmm3",&QWP($Goff,$W512)); - &movdqu (&QWP(0,$Widx),"xmm0"); - &movdqu (&QWP(16,$Widx),"xmm1"); - &movdqu (&QWP(32,$Widx),"xmm2"); - &movdqu (&QWP(48,$Widx),"xmm3"); - -&add ($data,16*8); # advance input data pointer -&dec (&DWP(16,"ebp")); # decrement 3rd arg -&jnz (&label("_chunk_loop")); - - # epilogue - &emms (); # required for at least ELF and Win32 ABIs - &mov ("edi",&DWP(-12,"ebp")); - &mov ("esi",&DWP(-8,"ebp")); - &mov ("ebx",&DWP(-4,"ebp")); - &leave (); -&ret (); - -&align(64); -&set_label("K512"); # Yes! I keep it in the code segment! - &data_word(0xd728ae22,0x428a2f98); # u64 - &data_word(0x23ef65cd,0x71374491); # u64 - &data_word(0xec4d3b2f,0xb5c0fbcf); # u64 - &data_word(0x8189dbbc,0xe9b5dba5); # u64 - &data_word(0xf348b538,0x3956c25b); # u64 - &data_word(0xb605d019,0x59f111f1); # u64 - &data_word(0xaf194f9b,0x923f82a4); # u64 - &data_word(0xda6d8118,0xab1c5ed5); # u64 - &data_word(0xa3030242,0xd807aa98); # u64 - &data_word(0x45706fbe,0x12835b01); # u64 - &data_word(0x4ee4b28c,0x243185be); # u64 - &data_word(0xd5ffb4e2,0x550c7dc3); # u64 - &data_word(0xf27b896f,0x72be5d74); # u64 - &data_word(0x3b1696b1,0x80deb1fe); # u64 - &data_word(0x25c71235,0x9bdc06a7); # u64 - &data_word(0xcf692694,0xc19bf174); # u64 - &data_word(0x9ef14ad2,0xe49b69c1); # u64 - &data_word(0x384f25e3,0xefbe4786); # u64 - &data_word(0x8b8cd5b5,0x0fc19dc6); # u64 - &data_word(0x77ac9c65,0x240ca1cc); # u64 - &data_word(0x592b0275,0x2de92c6f); # u64 - &data_word(0x6ea6e483,0x4a7484aa); # u64 - &data_word(0xbd41fbd4,0x5cb0a9dc); # u64 - &data_word(0x831153b5,0x76f988da); # u64 - &data_word(0xee66dfab,0x983e5152); # u64 - &data_word(0x2db43210,0xa831c66d); # u64 - &data_word(0x98fb213f,0xb00327c8); # u64 - &data_word(0xbeef0ee4,0xbf597fc7); # u64 - &data_word(0x3da88fc2,0xc6e00bf3); # u64 - &data_word(0x930aa725,0xd5a79147); # u64 - &data_word(0xe003826f,0x06ca6351); # u64 - &data_word(0x0a0e6e70,0x14292967); # u64 - &data_word(0x46d22ffc,0x27b70a85); # u64 - &data_word(0x5c26c926,0x2e1b2138); # u64 - &data_word(0x5ac42aed,0x4d2c6dfc); # u64 - &data_word(0x9d95b3df,0x53380d13); # u64 - &data_word(0x8baf63de,0x650a7354); # u64 - &data_word(0x3c77b2a8,0x766a0abb); # u64 - &data_word(0x47edaee6,0x81c2c92e); # u64 - &data_word(0x1482353b,0x92722c85); # u64 - &data_word(0x4cf10364,0xa2bfe8a1); # u64 - &data_word(0xbc423001,0xa81a664b); # u64 - &data_word(0xd0f89791,0xc24b8b70); # u64 - &data_word(0x0654be30,0xc76c51a3); # u64 - &data_word(0xd6ef5218,0xd192e819); # u64 - &data_word(0x5565a910,0xd6990624); # u64 - &data_word(0x5771202a,0xf40e3585); # u64 - &data_word(0x32bbd1b8,0x106aa070); # u64 - &data_word(0xb8d2d0c8,0x19a4c116); # u64 - &data_word(0x5141ab53,0x1e376c08); # u64 - &data_word(0xdf8eeb99,0x2748774c); # u64 - &data_word(0xe19b48a8,0x34b0bcb5); # u64 - &data_word(0xc5c95a63,0x391c0cb3); # u64 - &data_word(0xe3418acb,0x4ed8aa4a); # u64 - &data_word(0x7763e373,0x5b9cca4f); # u64 - &data_word(0xd6b2b8a3,0x682e6ff3); # u64 - &data_word(0x5defb2fc,0x748f82ee); # u64 - &data_word(0x43172f60,0x78a5636f); # u64 - &data_word(0xa1f0ab72,0x84c87814); # u64 - &data_word(0x1a6439ec,0x8cc70208); # u64 - &data_word(0x23631e28,0x90befffa); # u64 - &data_word(0xde82bde9,0xa4506ceb); # u64 - &data_word(0xb2c67915,0xbef9a3f7); # u64 - &data_word(0xe372532b,0xc67178f2); # u64 - &data_word(0xea26619c,0xca273ece); # u64 - &data_word(0x21c0c207,0xd186b8c7); # u64 - &data_word(0xcde0eb1e,0xeada7dd6); # u64 - &data_word(0xee6ed178,0xf57d4f7f); # u64 - &data_word(0x72176fba,0x06f067aa); # u64 - &data_word(0xa2c898a6,0x0a637dc5); # u64 - &data_word(0xbef90dae,0x113f9804); # u64 - &data_word(0x131c471b,0x1b710b35); # u64 - &data_word(0x23047d84,0x28db77f5); # u64 - &data_word(0x40c72493,0x32caab7b); # u64 - &data_word(0x15c9bebc,0x3c9ebe0a); # u64 - &data_word(0x9c100d4c,0x431d67c4); # u64 - &data_word(0xcb3e42b6,0x4cc5d4be); # u64 - &data_word(0xfc657e2a,0x597f299c); # u64 - &data_word(0x3ad6faec,0x5fcb6fab); # u64 - &data_word(0x4a475817,0x6c44198c); # u64 - -&function_end_B($func); - -&asm_finish(); diff --git a/src/lib/libcrypto/sha/sha.h b/src/lib/libcrypto/sha/sha.h index 47a2c29f66..16cacf9fc0 100644 --- a/src/lib/libcrypto/sha/sha.h +++ b/src/lib/libcrypto/sha/sha.h @@ -81,7 +81,7 @@ extern "C" { * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! */ -#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) +#if defined(__LP32__) #define SHA_LONG unsigned long #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) #define SHA_LONG unsigned long @@ -106,9 +106,6 @@ typedef struct SHAstate_st } SHA_CTX; #ifndef OPENSSL_NO_SHA0 -#ifdef OPENSSL_FIPS -int private_SHA_Init(SHA_CTX *c); -#endif int SHA_Init(SHA_CTX *c); int SHA_Update(SHA_CTX *c, const void *data, size_t len); int SHA_Final(unsigned char *md, SHA_CTX *c); diff --git a/src/lib/libcrypto/sha/sha1_one.c b/src/lib/libcrypto/sha/sha1_one.c index 4831174198..7c65b60276 100644 --- a/src/lib/libcrypto/sha/sha1_one.c +++ b/src/lib/libcrypto/sha/sha1_one.c @@ -61,7 +61,7 @@ #include #include -#if !defined(OPENSSL_NO_SHA1) +#ifndef OPENSSL_NO_SHA1 unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) { SHA_CTX c; diff --git a/src/lib/libcrypto/sha/sha1dgst.c b/src/lib/libcrypto/sha/sha1dgst.c index d31f0781a0..50d1925cde 100644 --- a/src/lib/libcrypto/sha/sha1dgst.c +++ b/src/lib/libcrypto/sha/sha1dgst.c @@ -63,10 +63,6 @@ #define SHA_1 #include -#ifdef OPENSSL_FIPS -#include -#endif - const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT; diff --git a/src/lib/libcrypto/sha/sha1s.cpp b/src/lib/libcrypto/sha/sha1s.cpp deleted file mode 100644 index af23d1e0f2..0000000000 --- a/src/lib/libcrypto/sha/sha1s.cpp +++ /dev/null @@ -1,82 +0,0 @@ -// -// gettsc.inl -// -// gives access to the Pentium's (secret) cycle counter -// -// This software was written by Leonard Janke (janke@unixg.ubc.ca) -// in 1996-7 and is entered, by him, into the public domain. - -#if defined(__WATCOMC__) -void GetTSC(unsigned long&); -#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax]; -#elif defined(__GNUC__) -inline -void GetTSC(unsigned long& tsc) -{ - asm volatile(".byte 15, 49\n\t" - : "=eax" (tsc) - : - : "%edx", "%eax"); -} -#elif defined(_MSC_VER) -inline -void GetTSC(unsigned long& tsc) -{ - unsigned long a; - __asm _emit 0fh - __asm _emit 31h - __asm mov a, eax; - tsc=a; -} -#endif - -#include -#include -#include - -#define sha1_block_x86 sha1_block_asm_data_order -extern "C" { -void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num); -} - -void main(int argc,char *argv[]) - { - unsigned char buffer[64*256]; - SHA_CTX ctx; - unsigned long s1,s2,e1,e2; - unsigned char k[16]; - unsigned long data[2]; - unsigned char iv[8]; - int i,num=0,numm; - int j=0; - - if (argc >= 2) - num=atoi(argv[1]); - - if (num == 0) num=16; - if (num > 250) num=16; - numm=num+2; -#if 0 - num*=64; - numm*=64; -#endif - - for (j=0; j<6; j++) - { - for (i=0; i<10; i++) /**/ - { - sha1_block_x86(&ctx,buffer,numm); - GetTSC(s1); - sha1_block_x86(&ctx,buffer,numm); - GetTSC(e1); - GetTSC(s2); - sha1_block_x86(&ctx,buffer,num); - GetTSC(e2); - sha1_block_x86(&ctx,buffer,num); - } - - printf("sha1 (%d bytes) %d %d (%.2f)\n",num*64, - e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2); - } - } - diff --git a/src/lib/libcrypto/sha/sha_dgst.c b/src/lib/libcrypto/sha/sha_dgst.c index 598f4d721a..70eb56032c 100644 --- a/src/lib/libcrypto/sha/sha_dgst.c +++ b/src/lib/libcrypto/sha/sha_dgst.c @@ -57,12 +57,6 @@ */ #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - -#include #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) #undef SHA_1 diff --git a/src/lib/libcrypto/sha/sha_locl.h b/src/lib/libcrypto/sha/sha_locl.h index da46ddfe79..672c26eee1 100644 --- a/src/lib/libcrypto/sha/sha_locl.h +++ b/src/lib/libcrypto/sha/sha_locl.h @@ -122,23 +122,14 @@ void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num); #define INIT_DATA_h3 0x10325476UL #define INIT_DATA_h4 0xc3d2e1f0UL -#if defined(SHA_0) && defined(OPENSSL_FIPS) -FIPS_NON_FIPS_MD_Init(SHA) -#else int HASH_INIT (SHA_CTX *c) -#endif { -#if defined(SHA_1) && defined(OPENSSL_FIPS) - FIPS_selftest_check(); -#endif + memset (c,0,sizeof(*c)); c->h0=INIT_DATA_h0; c->h1=INIT_DATA_h1; c->h2=INIT_DATA_h2; c->h3=INIT_DATA_h3; c->h4=INIT_DATA_h4; - c->Nl=0; - c->Nh=0; - c->num=0; return 1; } diff --git a/src/lib/libcrypto/sha/shatest.c b/src/lib/libcrypto/sha/shatest.c index ed0fe06a7b..27614646d1 100644 --- a/src/lib/libcrypto/sha/shatest.c +++ b/src/lib/libcrypto/sha/shatest.c @@ -123,9 +123,9 @@ int main(int argc, char *argv[]) i=1; while (*P != NULL) { - EVP_Digest(*P,strlen((char *)*P),md,NULL,EVP_sha(), NULL); + EVP_Digest(*P,strlen(*P),md,NULL,EVP_sha(), NULL); p=pt(md); - if (strcmp(p,(char *)*R) != 0) + if (strcmp(p,*R) != 0) { printf("error calculating SHA on '%s'\n",*P); printf("got %s instead of %s\n",p,*R); diff --git a/src/lib/libcrypto/stack/Makefile.ssl b/src/lib/libcrypto/stack/Makefile.ssl deleted file mode 100644 index 7120fb804a..0000000000 --- a/src/lib/libcrypto/stack/Makefile.ssl +++ /dev/null @@ -1,88 +0,0 @@ -# -# SSLeay/crypto/stack/Makefile -# - -DIR= stack -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=stack.c -LIBOBJ=stack.o - -SRC= $(LIBSRC) - -EXHEADER= stack.h safestack.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -stack.o: ../../e_os.h ../../include/openssl/bio.h -stack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -stack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -stack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -stack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -stack.o: ../cryptlib.h stack.c diff --git a/src/lib/libcrypto/stack/safestack.h b/src/lib/libcrypto/stack/safestack.h index 40b17902e0..891cb84a51 100644 --- a/src/lib/libcrypto/stack/safestack.h +++ b/src/lib/libcrypto/stack/safestack.h @@ -57,18 +57,27 @@ #include -#ifdef DEBUG_SAFESTACK - #ifndef CHECKED_PTR_OF #define CHECKED_PTR_OF(type, p) \ ((void*) (1 ? p : (type*)0)) #endif +/* In C++ we get problems because an explicit cast is needed from (void *) + * we use CHECKED_STACK_OF to ensure the correct type is passed in the macros + * below. + */ + +#define CHECKED_STACK_OF(type, p) \ + ((_STACK*) (1 ? p : (STACK_OF(type)*)0)) + #define CHECKED_SK_FREE_FUNC(type, p) \ ((void (*)(void *)) ((1 ? p : (void (*)(type *))0))) +#define CHECKED_SK_FREE_FUNC2(type, p) \ + ((void (*)(void *)) ((1 ? p : (void (*)(type))0))) + #define CHECKED_SK_CMP_FUNC(type, p) \ - ((int (*)(const char * const *, const char * const *)) \ + ((int (*)(const void *, const void *)) \ ((1 ? p : (int (*)(const type * const *, const type * const *))0))) #define STACK_OF(type) struct stack_st_##type @@ -77,11 +86,51 @@ #define DECLARE_STACK_OF(type) \ STACK_OF(type) \ { \ - STACK stack; \ + _STACK stack; \ + }; +#define DECLARE_SPECIAL_STACK_OF(type, type2) \ +STACK_OF(type) \ + { \ + _STACK stack; \ }; #define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/ + +/* Strings are special: normally an lhash entry will point to a single + * (somewhat) mutable object. In the case of strings: + * + * a) Instead of a single char, there is an array of chars, NUL-terminated. + * b) The string may have be immutable. + * + * So, they need their own declarations. Especially important for + * type-checking tools, such as Deputy. + * +o * In practice, however, it appears to be hard to have a const + * string. For now, I'm settling for dealing with the fact it is a + * string at all. + */ +typedef char *OPENSSL_STRING; + +typedef const char *OPENSSL_CSTRING; + +/* Confusingly, LHASH_OF(STRING) deals with char ** throughout, but + * STACK_OF(STRING) is really more like STACK_OF(char), only, as + * mentioned above, instead of a single char each entry is a + * NUL-terminated array of chars. So, we have to implement STRING + * specially for STACK_OF. This is dealt with in the autogenerated + * macros below. + */ + +DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) + +/* Similarly, we sometimes use a block of characters, NOT + * nul-terminated. These should also be distinguished from "normal" + * stacks. */ + +typedef void *OPENSSL_BLOCK; +DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) + /* SKM_sk_... stack macros are internal to safestack.h: * never use them directly, use sk__... instead */ #define SKM_sk_new(type, cmp) \ @@ -89,52 +138,55 @@ STACK_OF(type) \ #define SKM_sk_new_null(type) \ ((STACK_OF(type) *)sk_new_null()) #define SKM_sk_free(type, st) \ - sk_free(CHECKED_PTR_OF(STACK_OF(type), st)) + sk_free(CHECKED_STACK_OF(type, st)) #define SKM_sk_num(type, st) \ - sk_num(CHECKED_PTR_OF(STACK_OF(type), st)) + sk_num(CHECKED_STACK_OF(type, st)) #define SKM_sk_value(type, st,i) \ - ((type *)sk_value(CHECKED_PTR_OF(STACK_OF(type), st), i)) + ((type *)sk_value(CHECKED_STACK_OF(type, st), i)) #define SKM_sk_set(type, st,i,val) \ - sk_set(CHECKED_PTR_OF(STACK_OF(type), st), i, CHECKED_PTR_OF(type, val)) + sk_set(CHECKED_STACK_OF(type, st), i, CHECKED_PTR_OF(type, val)) #define SKM_sk_zero(type, st) \ - sk_zero(CHECKED_PTR_OF(STACK_OF(type), st)) -#define SKM_sk_push(type, st,val) \ - sk_push(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val)) -#define SKM_sk_unshift(type, st,val) \ - sk_unshift(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val)) -#define SKM_sk_find(type, st,val) \ - sk_find(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val)) -#define SKM_sk_delete(type, st,i) \ - (type *)sk_delete(CHECKED_PTR_OF(STACK_OF(type), st), i) -#define SKM_sk_delete_ptr(type, st,ptr) \ - (type *)sk_delete_ptr(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, ptr)) -#define SKM_sk_insert(type, st,val,i) \ - sk_insert(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val), i) -#define SKM_sk_set_cmp_func(type, st,cmp) \ + sk_zero(CHECKED_STACK_OF(type, st)) +#define SKM_sk_push(type, st, val) \ + sk_push(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) +#define SKM_sk_unshift(type, st, val) \ + sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) +#define SKM_sk_find(type, st, val) \ + sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) +#define SKM_sk_find_ex(type, st, val) \ + sk_find_ex(CHECKED_STACK_OF(type, st), \ + CHECKED_PTR_OF(type, val)) +#define SKM_sk_delete(type, st, i) \ + (type *)sk_delete(CHECKED_STACK_OF(type, st), i) +#define SKM_sk_delete_ptr(type, st, ptr) \ + (type *)sk_delete_ptr(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, ptr)) +#define SKM_sk_insert(type, st,val, i) \ + sk_insert(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val), i) +#define SKM_sk_set_cmp_func(type, st, cmp) \ ((int (*)(const type * const *,const type * const *)) \ - sk_set_cmp_func(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_CMP_FUNC(type, cmp))) + sk_set_cmp_func(CHECKED_STACK_OF(type, st), CHECKED_SK_CMP_FUNC(type, cmp))) #define SKM_sk_dup(type, st) \ - (STACK_OF(type) *)sk_dup(CHECKED_PTR_OF(STACK_OF(type), st)) -#define SKM_sk_pop_free(type, st,free_func) \ - sk_pop_free(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_FREE_FUNC(type, free_func)) + (STACK_OF(type) *)sk_dup(CHECKED_STACK_OF(type, st)) +#define SKM_sk_pop_free(type, st, free_func) \ + sk_pop_free(CHECKED_STACK_OF(type, st), CHECKED_SK_FREE_FUNC(type, free_func)) #define SKM_sk_shift(type, st) \ - (type *)sk_shift(CHECKED_PTR_OF(STACK_OF(type), st)) + (type *)sk_shift(CHECKED_STACK_OF(type, st)) #define SKM_sk_pop(type, st) \ - (type *)sk_pop(CHECKED_PTR_OF(STACK_OF(type), st)) + (type *)sk_pop(CHECKED_STACK_OF(type, st)) #define SKM_sk_sort(type, st) \ - sk_sort(CHECKED_PTR_OF(STACK_OF(type), st)) + sk_sort(CHECKED_STACK_OF(type, st)) #define SKM_sk_is_sorted(type, st) \ - sk_is_sorted(CHECKED_PTR_OF(STACK_OF(type), st)) + sk_is_sorted(CHECKED_STACK_OF(type, st)) #define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - (STACK_OF(type) *)d2i_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), \ + (STACK_OF(type) *)d2i_ASN1_SET((STACK_OF(OPENSSL_BLOCK) **)CHECKED_STACK_OF(type, st), \ pp, length, \ CHECKED_D2I_OF(type, d2i_func), \ CHECKED_SK_FREE_FUNC(type, free_func), \ ex_tag, ex_class) #define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ - i2d_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), pp, \ + i2d_ASN1_SET((STACK_OF(OPENSSL_BLOCK) *)CHECKED_STACK_OF(type, st), pp, \ CHECKED_I2D_OF(type, i2d_func), \ ex_tag, ex_class, is_set) @@ -151,72 +203,8 @@ STACK_OF(type) \ CHECKED_SK_FREE_FUNC(type, free_func), \ pass, passlen, oct, seq) -#else - -#define STACK_OF(type) STACK -#define PREDECLARE_STACK_OF(type) /* nada */ -#define DECLARE_STACK_OF(type) /* nada */ -#define IMPLEMENT_STACK_OF(type) /* nada */ - -#define SKM_sk_new(type, cmp) \ - sk_new((int (*)(const char * const *, const char * const *))(cmp)) -#define SKM_sk_new_null(type) \ - sk_new_null() -#define SKM_sk_free(type, st) \ - sk_free(st) -#define SKM_sk_num(type, st) \ - sk_num(st) -#define SKM_sk_value(type, st,i) \ - ((type *)sk_value(st, i)) -#define SKM_sk_set(type, st,i,val) \ - ((type *)sk_set(st, i,(char *)val)) -#define SKM_sk_zero(type, st) \ - sk_zero(st) -#define SKM_sk_push(type, st,val) \ - sk_push(st, (char *)val) -#define SKM_sk_unshift(type, st,val) \ - sk_unshift(st, (char *)val) -#define SKM_sk_find(type, st,val) \ - sk_find(st, (char *)val) -#define SKM_sk_delete(type, st,i) \ - ((type *)sk_delete(st, i)) -#define SKM_sk_delete_ptr(type, st,ptr) \ - ((type *)sk_delete_ptr(st,(char *)ptr)) -#define SKM_sk_insert(type, st,val,i) \ - sk_insert(st, (char *)val, i) -#define SKM_sk_set_cmp_func(type, st,cmp) \ - ((int (*)(const type * const *,const type * const *)) \ - sk_set_cmp_func(st, (int (*)(const char * const *, const char * const *))(cmp))) -#define SKM_sk_dup(type, st) \ - sk_dup(st) -#define SKM_sk_pop_free(type, st,free_func) \ - sk_pop_free(st, (void (*)(void *))free_func) -#define SKM_sk_shift(type, st) \ - ((type *)sk_shift(st)) -#define SKM_sk_pop(type, st) \ - ((type *)sk_pop(st)) -#define SKM_sk_sort(type, st) \ - sk_sort(st) -#define SKM_sk_is_sorted(type, st) \ - sk_is_sorted(st) - -#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - d2i_ASN1_SET(st,pp,length, (void *(*)(void ** ,const unsigned char ** ,long))d2i_func, (void (*)(void *))free_func, ex_tag,ex_class) -#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ - i2d_ASN1_SET(st,pp,(int (*)(void *, unsigned char **))i2d_func,ex_tag,ex_class,is_set) - -#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \ - ASN1_seq_pack(st, (int (*)(void *, unsigned char **))i2d_func, buf, len) -#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \ - ASN1_seq_unpack(buf,len,(void *(*)(void **,const unsigned char **,long))d2i_func, (void(*)(void *))free_func) - -#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ - ((STACK *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i_func, (void(*)(void *))free_func,pass,passlen,oct,seq)) - -#endif - /* This block of defines is updated by util/mkstack.pl, please do not touch! */ -#define sk_ACCESS_DESCRIPTION_new(st) SKM_sk_new(ACCESS_DESCRIPTION, (st)) +#define sk_ACCESS_DESCRIPTION_new(cmp) SKM_sk_new(ACCESS_DESCRIPTION, (cmp)) #define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION) #define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st)) #define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st)) @@ -238,7 +226,7 @@ STACK_OF(type) \ #define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) #define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st)) -#define sk_ASIdOrRange_new(st) SKM_sk_new(ASIdOrRange, (st)) +#define sk_ASIdOrRange_new(cmp) SKM_sk_new(ASIdOrRange, (cmp)) #define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange) #define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st)) #define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st)) @@ -260,7 +248,7 @@ STACK_OF(type) \ #define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st)) #define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st)) -#define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st)) +#define sk_ASN1_GENERALSTRING_new(cmp) SKM_sk_new(ASN1_GENERALSTRING, (cmp)) #define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING) #define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st)) @@ -282,7 +270,7 @@ STACK_OF(type) \ #define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st)) +#define sk_ASN1_INTEGER_new(cmp) SKM_sk_new(ASN1_INTEGER, (cmp)) #define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER) #define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st)) #define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st)) @@ -304,7 +292,7 @@ STACK_OF(type) \ #define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st)) #define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st)) -#define sk_ASN1_OBJECT_new(st) SKM_sk_new(ASN1_OBJECT, (st)) +#define sk_ASN1_OBJECT_new(cmp) SKM_sk_new(ASN1_OBJECT, (cmp)) #define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT) #define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st)) #define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st)) @@ -326,7 +314,7 @@ STACK_OF(type) \ #define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st)) #define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st)) -#define sk_ASN1_STRING_TABLE_new(st) SKM_sk_new(ASN1_STRING_TABLE, (st)) +#define sk_ASN1_STRING_TABLE_new(cmp) SKM_sk_new(ASN1_STRING_TABLE, (cmp)) #define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE) #define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st)) #define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st)) @@ -348,7 +336,7 @@ STACK_OF(type) \ #define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st)) #define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_TYPE_new(st) SKM_sk_new(ASN1_TYPE, (st)) +#define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp)) #define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE) #define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st)) #define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st)) @@ -370,7 +358,29 @@ STACK_OF(type) \ #define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st)) #define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st)) -#define sk_ASN1_VALUE_new(st) SKM_sk_new(ASN1_VALUE, (st)) +#define sk_ASN1_UTF8STRING_new(cmp) SKM_sk_new(ASN1_UTF8STRING, (cmp)) +#define sk_ASN1_UTF8STRING_new_null() SKM_sk_new_null(ASN1_UTF8STRING) +#define sk_ASN1_UTF8STRING_free(st) SKM_sk_free(ASN1_UTF8STRING, (st)) +#define sk_ASN1_UTF8STRING_num(st) SKM_sk_num(ASN1_UTF8STRING, (st)) +#define sk_ASN1_UTF8STRING_value(st, i) SKM_sk_value(ASN1_UTF8STRING, (st), (i)) +#define sk_ASN1_UTF8STRING_set(st, i, val) SKM_sk_set(ASN1_UTF8STRING, (st), (i), (val)) +#define sk_ASN1_UTF8STRING_zero(st) SKM_sk_zero(ASN1_UTF8STRING, (st)) +#define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val)) +#define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val)) +#define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val)) +#define sk_ASN1_UTF8STRING_find_ex(st, val) SKM_sk_find_ex(ASN1_UTF8STRING, (st), (val)) +#define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i)) +#define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr)) +#define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i)) +#define sk_ASN1_UTF8STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_UTF8STRING, (st), (cmp)) +#define sk_ASN1_UTF8STRING_dup(st) SKM_sk_dup(ASN1_UTF8STRING, st) +#define sk_ASN1_UTF8STRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_UTF8STRING, (st), (free_func)) +#define sk_ASN1_UTF8STRING_shift(st) SKM_sk_shift(ASN1_UTF8STRING, (st)) +#define sk_ASN1_UTF8STRING_pop(st) SKM_sk_pop(ASN1_UTF8STRING, (st)) +#define sk_ASN1_UTF8STRING_sort(st) SKM_sk_sort(ASN1_UTF8STRING, (st)) +#define sk_ASN1_UTF8STRING_is_sorted(st) SKM_sk_is_sorted(ASN1_UTF8STRING, (st)) + +#define sk_ASN1_VALUE_new(cmp) SKM_sk_new(ASN1_VALUE, (cmp)) #define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE) #define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st)) #define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st)) @@ -392,7 +402,7 @@ STACK_OF(type) \ #define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st)) #define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st)) -#define sk_BIO_new(st) SKM_sk_new(BIO, (st)) +#define sk_BIO_new(cmp) SKM_sk_new(BIO, (cmp)) #define sk_BIO_new_null() SKM_sk_new_null(BIO) #define sk_BIO_free(st) SKM_sk_free(BIO, (st)) #define sk_BIO_num(st) SKM_sk_num(BIO, (st)) @@ -414,7 +424,51 @@ STACK_OF(type) \ #define sk_BIO_sort(st) SKM_sk_sort(BIO, (st)) #define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st)) -#define sk_CMS_CertificateChoices_new(st) SKM_sk_new(CMS_CertificateChoices, (st)) +#define sk_BY_DIR_ENTRY_new(cmp) SKM_sk_new(BY_DIR_ENTRY, (cmp)) +#define sk_BY_DIR_ENTRY_new_null() SKM_sk_new_null(BY_DIR_ENTRY) +#define sk_BY_DIR_ENTRY_free(st) SKM_sk_free(BY_DIR_ENTRY, (st)) +#define sk_BY_DIR_ENTRY_num(st) SKM_sk_num(BY_DIR_ENTRY, (st)) +#define sk_BY_DIR_ENTRY_value(st, i) SKM_sk_value(BY_DIR_ENTRY, (st), (i)) +#define sk_BY_DIR_ENTRY_set(st, i, val) SKM_sk_set(BY_DIR_ENTRY, (st), (i), (val)) +#define sk_BY_DIR_ENTRY_zero(st) SKM_sk_zero(BY_DIR_ENTRY, (st)) +#define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val)) +#define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val)) +#define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val)) +#define sk_BY_DIR_ENTRY_find_ex(st, val) SKM_sk_find_ex(BY_DIR_ENTRY, (st), (val)) +#define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i)) +#define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr)) +#define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i)) +#define sk_BY_DIR_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_ENTRY, (st), (cmp)) +#define sk_BY_DIR_ENTRY_dup(st) SKM_sk_dup(BY_DIR_ENTRY, st) +#define sk_BY_DIR_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_ENTRY, (st), (free_func)) +#define sk_BY_DIR_ENTRY_shift(st) SKM_sk_shift(BY_DIR_ENTRY, (st)) +#define sk_BY_DIR_ENTRY_pop(st) SKM_sk_pop(BY_DIR_ENTRY, (st)) +#define sk_BY_DIR_ENTRY_sort(st) SKM_sk_sort(BY_DIR_ENTRY, (st)) +#define sk_BY_DIR_ENTRY_is_sorted(st) SKM_sk_is_sorted(BY_DIR_ENTRY, (st)) + +#define sk_BY_DIR_HASH_new(cmp) SKM_sk_new(BY_DIR_HASH, (cmp)) +#define sk_BY_DIR_HASH_new_null() SKM_sk_new_null(BY_DIR_HASH) +#define sk_BY_DIR_HASH_free(st) SKM_sk_free(BY_DIR_HASH, (st)) +#define sk_BY_DIR_HASH_num(st) SKM_sk_num(BY_DIR_HASH, (st)) +#define sk_BY_DIR_HASH_value(st, i) SKM_sk_value(BY_DIR_HASH, (st), (i)) +#define sk_BY_DIR_HASH_set(st, i, val) SKM_sk_set(BY_DIR_HASH, (st), (i), (val)) +#define sk_BY_DIR_HASH_zero(st) SKM_sk_zero(BY_DIR_HASH, (st)) +#define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val)) +#define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val)) +#define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val)) +#define sk_BY_DIR_HASH_find_ex(st, val) SKM_sk_find_ex(BY_DIR_HASH, (st), (val)) +#define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i)) +#define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr)) +#define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i)) +#define sk_BY_DIR_HASH_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_HASH, (st), (cmp)) +#define sk_BY_DIR_HASH_dup(st) SKM_sk_dup(BY_DIR_HASH, st) +#define sk_BY_DIR_HASH_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_HASH, (st), (free_func)) +#define sk_BY_DIR_HASH_shift(st) SKM_sk_shift(BY_DIR_HASH, (st)) +#define sk_BY_DIR_HASH_pop(st) SKM_sk_pop(BY_DIR_HASH, (st)) +#define sk_BY_DIR_HASH_sort(st) SKM_sk_sort(BY_DIR_HASH, (st)) +#define sk_BY_DIR_HASH_is_sorted(st) SKM_sk_is_sorted(BY_DIR_HASH, (st)) + +#define sk_CMS_CertificateChoices_new(cmp) SKM_sk_new(CMS_CertificateChoices, (cmp)) #define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices) #define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st)) #define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st)) @@ -436,7 +490,7 @@ STACK_OF(type) \ #define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st)) #define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st)) -#define sk_CMS_RecipientInfo_new(st) SKM_sk_new(CMS_RecipientInfo, (st)) +#define sk_CMS_RecipientInfo_new(cmp) SKM_sk_new(CMS_RecipientInfo, (cmp)) #define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo) #define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st)) #define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st)) @@ -458,7 +512,7 @@ STACK_OF(type) \ #define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st)) #define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st)) -#define sk_CMS_RevocationInfoChoice_new(st) SKM_sk_new(CMS_RevocationInfoChoice, (st)) +#define sk_CMS_RevocationInfoChoice_new(cmp) SKM_sk_new(CMS_RevocationInfoChoice, (cmp)) #define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice) #define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st)) #define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st)) @@ -480,7 +534,7 @@ STACK_OF(type) \ #define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st)) #define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_SignerInfo_new(st) SKM_sk_new(CMS_SignerInfo, (st)) +#define sk_CMS_SignerInfo_new(cmp) SKM_sk_new(CMS_SignerInfo, (cmp)) #define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo) #define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st)) #define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st)) @@ -502,7 +556,7 @@ STACK_OF(type) \ #define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st)) #define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st)) -#define sk_CONF_IMODULE_new(st) SKM_sk_new(CONF_IMODULE, (st)) +#define sk_CONF_IMODULE_new(cmp) SKM_sk_new(CONF_IMODULE, (cmp)) #define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE) #define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st)) #define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st)) @@ -524,7 +578,7 @@ STACK_OF(type) \ #define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st)) #define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st)) -#define sk_CONF_MODULE_new(st) SKM_sk_new(CONF_MODULE, (st)) +#define sk_CONF_MODULE_new(cmp) SKM_sk_new(CONF_MODULE, (cmp)) #define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE) #define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st)) #define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st)) @@ -546,7 +600,7 @@ STACK_OF(type) \ #define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st)) #define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st)) -#define sk_CONF_VALUE_new(st) SKM_sk_new(CONF_VALUE, (st)) +#define sk_CONF_VALUE_new(cmp) SKM_sk_new(CONF_VALUE, (cmp)) #define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE) #define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st)) #define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st)) @@ -568,7 +622,7 @@ STACK_OF(type) \ #define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st)) #define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_new(st) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (st)) +#define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp)) #define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS) #define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st)) #define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st)) @@ -590,7 +644,7 @@ STACK_OF(type) \ #define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st)) #define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_dynlock_new(st) SKM_sk_new(CRYPTO_dynlock, (st)) +#define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp)) #define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock) #define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st)) #define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st)) @@ -612,7 +666,7 @@ STACK_OF(type) \ #define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st)) #define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st)) -#define sk_DIST_POINT_new(st) SKM_sk_new(DIST_POINT, (st)) +#define sk_DIST_POINT_new(cmp) SKM_sk_new(DIST_POINT, (cmp)) #define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT) #define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st)) #define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st)) @@ -634,7 +688,7 @@ STACK_OF(type) \ #define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st)) #define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st)) -#define sk_ENGINE_new(st) SKM_sk_new(ENGINE, (st)) +#define sk_ENGINE_new(cmp) SKM_sk_new(ENGINE, (cmp)) #define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE) #define sk_ENGINE_free(st) SKM_sk_free(ENGINE, (st)) #define sk_ENGINE_num(st) SKM_sk_num(ENGINE, (st)) @@ -656,7 +710,7 @@ STACK_OF(type) \ #define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st)) #define sk_ENGINE_is_sorted(st) SKM_sk_is_sorted(ENGINE, (st)) -#define sk_ENGINE_CLEANUP_ITEM_new(st) SKM_sk_new(ENGINE_CLEANUP_ITEM, (st)) +#define sk_ENGINE_CLEANUP_ITEM_new(cmp) SKM_sk_new(ENGINE_CLEANUP_ITEM, (cmp)) #define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM) #define sk_ENGINE_CLEANUP_ITEM_free(st) SKM_sk_free(ENGINE_CLEANUP_ITEM, (st)) #define sk_ENGINE_CLEANUP_ITEM_num(st) SKM_sk_num(ENGINE_CLEANUP_ITEM, (st)) @@ -678,7 +732,117 @@ STACK_OF(type) \ #define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st)) #define sk_ENGINE_CLEANUP_ITEM_is_sorted(st) SKM_sk_is_sorted(ENGINE_CLEANUP_ITEM, (st)) -#define sk_GENERAL_NAME_new(st) SKM_sk_new(GENERAL_NAME, (st)) +#define sk_ESS_CERT_ID_new(cmp) SKM_sk_new(ESS_CERT_ID, (cmp)) +#define sk_ESS_CERT_ID_new_null() SKM_sk_new_null(ESS_CERT_ID) +#define sk_ESS_CERT_ID_free(st) SKM_sk_free(ESS_CERT_ID, (st)) +#define sk_ESS_CERT_ID_num(st) SKM_sk_num(ESS_CERT_ID, (st)) +#define sk_ESS_CERT_ID_value(st, i) SKM_sk_value(ESS_CERT_ID, (st), (i)) +#define sk_ESS_CERT_ID_set(st, i, val) SKM_sk_set(ESS_CERT_ID, (st), (i), (val)) +#define sk_ESS_CERT_ID_zero(st) SKM_sk_zero(ESS_CERT_ID, (st)) +#define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val)) +#define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val)) +#define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val)) +#define sk_ESS_CERT_ID_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID, (st), (val)) +#define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i)) +#define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr)) +#define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i)) +#define sk_ESS_CERT_ID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID, (st), (cmp)) +#define sk_ESS_CERT_ID_dup(st) SKM_sk_dup(ESS_CERT_ID, st) +#define sk_ESS_CERT_ID_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID, (st), (free_func)) +#define sk_ESS_CERT_ID_shift(st) SKM_sk_shift(ESS_CERT_ID, (st)) +#define sk_ESS_CERT_ID_pop(st) SKM_sk_pop(ESS_CERT_ID, (st)) +#define sk_ESS_CERT_ID_sort(st) SKM_sk_sort(ESS_CERT_ID, (st)) +#define sk_ESS_CERT_ID_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID, (st)) + +#define sk_EVP_MD_new(cmp) SKM_sk_new(EVP_MD, (cmp)) +#define sk_EVP_MD_new_null() SKM_sk_new_null(EVP_MD) +#define sk_EVP_MD_free(st) SKM_sk_free(EVP_MD, (st)) +#define sk_EVP_MD_num(st) SKM_sk_num(EVP_MD, (st)) +#define sk_EVP_MD_value(st, i) SKM_sk_value(EVP_MD, (st), (i)) +#define sk_EVP_MD_set(st, i, val) SKM_sk_set(EVP_MD, (st), (i), (val)) +#define sk_EVP_MD_zero(st) SKM_sk_zero(EVP_MD, (st)) +#define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val)) +#define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val)) +#define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val)) +#define sk_EVP_MD_find_ex(st, val) SKM_sk_find_ex(EVP_MD, (st), (val)) +#define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i)) +#define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr)) +#define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i)) +#define sk_EVP_MD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_MD, (st), (cmp)) +#define sk_EVP_MD_dup(st) SKM_sk_dup(EVP_MD, st) +#define sk_EVP_MD_pop_free(st, free_func) SKM_sk_pop_free(EVP_MD, (st), (free_func)) +#define sk_EVP_MD_shift(st) SKM_sk_shift(EVP_MD, (st)) +#define sk_EVP_MD_pop(st) SKM_sk_pop(EVP_MD, (st)) +#define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st)) +#define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st)) + +#define sk_EVP_PBE_CTL_new(cmp) SKM_sk_new(EVP_PBE_CTL, (cmp)) +#define sk_EVP_PBE_CTL_new_null() SKM_sk_new_null(EVP_PBE_CTL) +#define sk_EVP_PBE_CTL_free(st) SKM_sk_free(EVP_PBE_CTL, (st)) +#define sk_EVP_PBE_CTL_num(st) SKM_sk_num(EVP_PBE_CTL, (st)) +#define sk_EVP_PBE_CTL_value(st, i) SKM_sk_value(EVP_PBE_CTL, (st), (i)) +#define sk_EVP_PBE_CTL_set(st, i, val) SKM_sk_set(EVP_PBE_CTL, (st), (i), (val)) +#define sk_EVP_PBE_CTL_zero(st) SKM_sk_zero(EVP_PBE_CTL, (st)) +#define sk_EVP_PBE_CTL_push(st, val) SKM_sk_push(EVP_PBE_CTL, (st), (val)) +#define sk_EVP_PBE_CTL_unshift(st, val) SKM_sk_unshift(EVP_PBE_CTL, (st), (val)) +#define sk_EVP_PBE_CTL_find(st, val) SKM_sk_find(EVP_PBE_CTL, (st), (val)) +#define sk_EVP_PBE_CTL_find_ex(st, val) SKM_sk_find_ex(EVP_PBE_CTL, (st), (val)) +#define sk_EVP_PBE_CTL_delete(st, i) SKM_sk_delete(EVP_PBE_CTL, (st), (i)) +#define sk_EVP_PBE_CTL_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PBE_CTL, (st), (ptr)) +#define sk_EVP_PBE_CTL_insert(st, val, i) SKM_sk_insert(EVP_PBE_CTL, (st), (val), (i)) +#define sk_EVP_PBE_CTL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PBE_CTL, (st), (cmp)) +#define sk_EVP_PBE_CTL_dup(st) SKM_sk_dup(EVP_PBE_CTL, st) +#define sk_EVP_PBE_CTL_pop_free(st, free_func) SKM_sk_pop_free(EVP_PBE_CTL, (st), (free_func)) +#define sk_EVP_PBE_CTL_shift(st) SKM_sk_shift(EVP_PBE_CTL, (st)) +#define sk_EVP_PBE_CTL_pop(st) SKM_sk_pop(EVP_PBE_CTL, (st)) +#define sk_EVP_PBE_CTL_sort(st) SKM_sk_sort(EVP_PBE_CTL, (st)) +#define sk_EVP_PBE_CTL_is_sorted(st) SKM_sk_is_sorted(EVP_PBE_CTL, (st)) + +#define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp)) +#define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD) +#define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st)) +#define sk_EVP_PKEY_ASN1_METHOD_num(st) SKM_sk_num(EVP_PKEY_ASN1_METHOD, (st)) +#define sk_EVP_PKEY_ASN1_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_ASN1_METHOD, (st), (i)) +#define sk_EVP_PKEY_ASN1_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_ASN1_METHOD, (st), (i), (val)) +#define sk_EVP_PKEY_ASN1_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_ASN1_METHOD, (st)) +#define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val)) +#define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val)) +#define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val)) +#define sk_EVP_PKEY_ASN1_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_ASN1_METHOD, (st), (val)) +#define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i)) +#define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr)) +#define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i)) +#define sk_EVP_PKEY_ASN1_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_ASN1_METHOD, (st), (cmp)) +#define sk_EVP_PKEY_ASN1_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_ASN1_METHOD, st) +#define sk_EVP_PKEY_ASN1_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_ASN1_METHOD, (st), (free_func)) +#define sk_EVP_PKEY_ASN1_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_ASN1_METHOD, (st)) +#define sk_EVP_PKEY_ASN1_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_ASN1_METHOD, (st)) +#define sk_EVP_PKEY_ASN1_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_ASN1_METHOD, (st)) +#define sk_EVP_PKEY_ASN1_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_ASN1_METHOD, (st)) + +#define sk_EVP_PKEY_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_METHOD, (cmp)) +#define sk_EVP_PKEY_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_METHOD) +#define sk_EVP_PKEY_METHOD_free(st) SKM_sk_free(EVP_PKEY_METHOD, (st)) +#define sk_EVP_PKEY_METHOD_num(st) SKM_sk_num(EVP_PKEY_METHOD, (st)) +#define sk_EVP_PKEY_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_METHOD, (st), (i)) +#define sk_EVP_PKEY_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_METHOD, (st), (i), (val)) +#define sk_EVP_PKEY_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_METHOD, (st)) +#define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val)) +#define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val)) +#define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val)) +#define sk_EVP_PKEY_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_METHOD, (st), (val)) +#define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i)) +#define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr)) +#define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i)) +#define sk_EVP_PKEY_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_METHOD, (st), (cmp)) +#define sk_EVP_PKEY_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_METHOD, st) +#define sk_EVP_PKEY_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_METHOD, (st), (free_func)) +#define sk_EVP_PKEY_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_METHOD, (st)) +#define sk_EVP_PKEY_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_METHOD, (st)) +#define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st)) +#define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st)) + +#define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp)) #define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME) #define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st)) #define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st)) @@ -700,7 +864,7 @@ STACK_OF(type) \ #define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st)) #define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st)) -#define sk_GENERAL_NAMES_new(st) SKM_sk_new(GENERAL_NAMES, (st)) +#define sk_GENERAL_NAMES_new(cmp) SKM_sk_new(GENERAL_NAMES, (cmp)) #define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES) #define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st)) #define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st)) @@ -722,7 +886,7 @@ STACK_OF(type) \ #define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st)) #define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st)) -#define sk_GENERAL_SUBTREE_new(st) SKM_sk_new(GENERAL_SUBTREE, (st)) +#define sk_GENERAL_SUBTREE_new(cmp) SKM_sk_new(GENERAL_SUBTREE, (cmp)) #define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE) #define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st)) #define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st)) @@ -744,7 +908,7 @@ STACK_OF(type) \ #define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st)) #define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st)) -#define sk_IPAddressFamily_new(st) SKM_sk_new(IPAddressFamily, (st)) +#define sk_IPAddressFamily_new(cmp) SKM_sk_new(IPAddressFamily, (cmp)) #define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily) #define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st)) #define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st)) @@ -766,7 +930,7 @@ STACK_OF(type) \ #define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st)) #define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st)) -#define sk_IPAddressOrRange_new(st) SKM_sk_new(IPAddressOrRange, (st)) +#define sk_IPAddressOrRange_new(cmp) SKM_sk_new(IPAddressOrRange, (cmp)) #define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange) #define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st)) @@ -788,7 +952,7 @@ STACK_OF(type) \ #define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st)) #define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st)) -#define sk_KRB5_APREQBODY_new(st) SKM_sk_new(KRB5_APREQBODY, (st)) +#define sk_KRB5_APREQBODY_new(cmp) SKM_sk_new(KRB5_APREQBODY, (cmp)) #define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY) #define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st)) #define sk_KRB5_APREQBODY_num(st) SKM_sk_num(KRB5_APREQBODY, (st)) @@ -810,7 +974,7 @@ STACK_OF(type) \ #define sk_KRB5_APREQBODY_sort(st) SKM_sk_sort(KRB5_APREQBODY, (st)) #define sk_KRB5_APREQBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_APREQBODY, (st)) -#define sk_KRB5_AUTHDATA_new(st) SKM_sk_new(KRB5_AUTHDATA, (st)) +#define sk_KRB5_AUTHDATA_new(cmp) SKM_sk_new(KRB5_AUTHDATA, (cmp)) #define sk_KRB5_AUTHDATA_new_null() SKM_sk_new_null(KRB5_AUTHDATA) #define sk_KRB5_AUTHDATA_free(st) SKM_sk_free(KRB5_AUTHDATA, (st)) #define sk_KRB5_AUTHDATA_num(st) SKM_sk_num(KRB5_AUTHDATA, (st)) @@ -832,7 +996,7 @@ STACK_OF(type) \ #define sk_KRB5_AUTHDATA_sort(st) SKM_sk_sort(KRB5_AUTHDATA, (st)) #define sk_KRB5_AUTHDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHDATA, (st)) -#define sk_KRB5_AUTHENTBODY_new(st) SKM_sk_new(KRB5_AUTHENTBODY, (st)) +#define sk_KRB5_AUTHENTBODY_new(cmp) SKM_sk_new(KRB5_AUTHENTBODY, (cmp)) #define sk_KRB5_AUTHENTBODY_new_null() SKM_sk_new_null(KRB5_AUTHENTBODY) #define sk_KRB5_AUTHENTBODY_free(st) SKM_sk_free(KRB5_AUTHENTBODY, (st)) #define sk_KRB5_AUTHENTBODY_num(st) SKM_sk_num(KRB5_AUTHENTBODY, (st)) @@ -854,7 +1018,7 @@ STACK_OF(type) \ #define sk_KRB5_AUTHENTBODY_sort(st) SKM_sk_sort(KRB5_AUTHENTBODY, (st)) #define sk_KRB5_AUTHENTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHENTBODY, (st)) -#define sk_KRB5_CHECKSUM_new(st) SKM_sk_new(KRB5_CHECKSUM, (st)) +#define sk_KRB5_CHECKSUM_new(cmp) SKM_sk_new(KRB5_CHECKSUM, (cmp)) #define sk_KRB5_CHECKSUM_new_null() SKM_sk_new_null(KRB5_CHECKSUM) #define sk_KRB5_CHECKSUM_free(st) SKM_sk_free(KRB5_CHECKSUM, (st)) #define sk_KRB5_CHECKSUM_num(st) SKM_sk_num(KRB5_CHECKSUM, (st)) @@ -876,7 +1040,7 @@ STACK_OF(type) \ #define sk_KRB5_CHECKSUM_sort(st) SKM_sk_sort(KRB5_CHECKSUM, (st)) #define sk_KRB5_CHECKSUM_is_sorted(st) SKM_sk_is_sorted(KRB5_CHECKSUM, (st)) -#define sk_KRB5_ENCDATA_new(st) SKM_sk_new(KRB5_ENCDATA, (st)) +#define sk_KRB5_ENCDATA_new(cmp) SKM_sk_new(KRB5_ENCDATA, (cmp)) #define sk_KRB5_ENCDATA_new_null() SKM_sk_new_null(KRB5_ENCDATA) #define sk_KRB5_ENCDATA_free(st) SKM_sk_free(KRB5_ENCDATA, (st)) #define sk_KRB5_ENCDATA_num(st) SKM_sk_num(KRB5_ENCDATA, (st)) @@ -898,7 +1062,7 @@ STACK_OF(type) \ #define sk_KRB5_ENCDATA_sort(st) SKM_sk_sort(KRB5_ENCDATA, (st)) #define sk_KRB5_ENCDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCDATA, (st)) -#define sk_KRB5_ENCKEY_new(st) SKM_sk_new(KRB5_ENCKEY, (st)) +#define sk_KRB5_ENCKEY_new(cmp) SKM_sk_new(KRB5_ENCKEY, (cmp)) #define sk_KRB5_ENCKEY_new_null() SKM_sk_new_null(KRB5_ENCKEY) #define sk_KRB5_ENCKEY_free(st) SKM_sk_free(KRB5_ENCKEY, (st)) #define sk_KRB5_ENCKEY_num(st) SKM_sk_num(KRB5_ENCKEY, (st)) @@ -920,7 +1084,7 @@ STACK_OF(type) \ #define sk_KRB5_ENCKEY_sort(st) SKM_sk_sort(KRB5_ENCKEY, (st)) #define sk_KRB5_ENCKEY_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCKEY, (st)) -#define sk_KRB5_PRINCNAME_new(st) SKM_sk_new(KRB5_PRINCNAME, (st)) +#define sk_KRB5_PRINCNAME_new(cmp) SKM_sk_new(KRB5_PRINCNAME, (cmp)) #define sk_KRB5_PRINCNAME_new_null() SKM_sk_new_null(KRB5_PRINCNAME) #define sk_KRB5_PRINCNAME_free(st) SKM_sk_free(KRB5_PRINCNAME, (st)) #define sk_KRB5_PRINCNAME_num(st) SKM_sk_num(KRB5_PRINCNAME, (st)) @@ -942,7 +1106,7 @@ STACK_OF(type) \ #define sk_KRB5_PRINCNAME_sort(st) SKM_sk_sort(KRB5_PRINCNAME, (st)) #define sk_KRB5_PRINCNAME_is_sorted(st) SKM_sk_is_sorted(KRB5_PRINCNAME, (st)) -#define sk_KRB5_TKTBODY_new(st) SKM_sk_new(KRB5_TKTBODY, (st)) +#define sk_KRB5_TKTBODY_new(cmp) SKM_sk_new(KRB5_TKTBODY, (cmp)) #define sk_KRB5_TKTBODY_new_null() SKM_sk_new_null(KRB5_TKTBODY) #define sk_KRB5_TKTBODY_free(st) SKM_sk_free(KRB5_TKTBODY, (st)) #define sk_KRB5_TKTBODY_num(st) SKM_sk_num(KRB5_TKTBODY, (st)) @@ -964,7 +1128,29 @@ STACK_OF(type) \ #define sk_KRB5_TKTBODY_sort(st) SKM_sk_sort(KRB5_TKTBODY, (st)) #define sk_KRB5_TKTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_TKTBODY, (st)) -#define sk_MIME_HEADER_new(st) SKM_sk_new(MIME_HEADER, (st)) +#define sk_MEM_OBJECT_DATA_new(cmp) SKM_sk_new(MEM_OBJECT_DATA, (cmp)) +#define sk_MEM_OBJECT_DATA_new_null() SKM_sk_new_null(MEM_OBJECT_DATA) +#define sk_MEM_OBJECT_DATA_free(st) SKM_sk_free(MEM_OBJECT_DATA, (st)) +#define sk_MEM_OBJECT_DATA_num(st) SKM_sk_num(MEM_OBJECT_DATA, (st)) +#define sk_MEM_OBJECT_DATA_value(st, i) SKM_sk_value(MEM_OBJECT_DATA, (st), (i)) +#define sk_MEM_OBJECT_DATA_set(st, i, val) SKM_sk_set(MEM_OBJECT_DATA, (st), (i), (val)) +#define sk_MEM_OBJECT_DATA_zero(st) SKM_sk_zero(MEM_OBJECT_DATA, (st)) +#define sk_MEM_OBJECT_DATA_push(st, val) SKM_sk_push(MEM_OBJECT_DATA, (st), (val)) +#define sk_MEM_OBJECT_DATA_unshift(st, val) SKM_sk_unshift(MEM_OBJECT_DATA, (st), (val)) +#define sk_MEM_OBJECT_DATA_find(st, val) SKM_sk_find(MEM_OBJECT_DATA, (st), (val)) +#define sk_MEM_OBJECT_DATA_find_ex(st, val) SKM_sk_find_ex(MEM_OBJECT_DATA, (st), (val)) +#define sk_MEM_OBJECT_DATA_delete(st, i) SKM_sk_delete(MEM_OBJECT_DATA, (st), (i)) +#define sk_MEM_OBJECT_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(MEM_OBJECT_DATA, (st), (ptr)) +#define sk_MEM_OBJECT_DATA_insert(st, val, i) SKM_sk_insert(MEM_OBJECT_DATA, (st), (val), (i)) +#define sk_MEM_OBJECT_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MEM_OBJECT_DATA, (st), (cmp)) +#define sk_MEM_OBJECT_DATA_dup(st) SKM_sk_dup(MEM_OBJECT_DATA, st) +#define sk_MEM_OBJECT_DATA_pop_free(st, free_func) SKM_sk_pop_free(MEM_OBJECT_DATA, (st), (free_func)) +#define sk_MEM_OBJECT_DATA_shift(st) SKM_sk_shift(MEM_OBJECT_DATA, (st)) +#define sk_MEM_OBJECT_DATA_pop(st) SKM_sk_pop(MEM_OBJECT_DATA, (st)) +#define sk_MEM_OBJECT_DATA_sort(st) SKM_sk_sort(MEM_OBJECT_DATA, (st)) +#define sk_MEM_OBJECT_DATA_is_sorted(st) SKM_sk_is_sorted(MEM_OBJECT_DATA, (st)) + +#define sk_MIME_HEADER_new(cmp) SKM_sk_new(MIME_HEADER, (cmp)) #define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER) #define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st)) #define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st)) @@ -986,51 +1172,7 @@ STACK_OF(type) \ #define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st)) #define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st)) -#define sk_MIME_HEADER_new(st) SKM_sk_new(MIME_HEADER, (st)) -#define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER) -#define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st)) -#define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st)) -#define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i)) -#define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val)) -#define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st)) -#define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i)) -#define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr)) -#define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i)) -#define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp)) -#define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st) -#define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func)) -#define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st)) -#define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st)) -#define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st)) -#define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st)) - -#define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st)) -#define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM) -#define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st)) -#define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st)) -#define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i)) -#define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val)) -#define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st)) -#define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i)) -#define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr)) -#define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i)) -#define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp)) -#define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st) -#define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func)) -#define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st)) -#define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st)) -#define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st)) -#define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st)) - -#define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st)) +#define sk_MIME_PARAM_new(cmp) SKM_sk_new(MIME_PARAM, (cmp)) #define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM) #define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st)) #define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st)) @@ -1052,7 +1194,7 @@ STACK_OF(type) \ #define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st)) #define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st)) -#define sk_NAME_FUNCS_new(st) SKM_sk_new(NAME_FUNCS, (st)) +#define sk_NAME_FUNCS_new(cmp) SKM_sk_new(NAME_FUNCS, (cmp)) #define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS) #define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st)) #define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st)) @@ -1074,7 +1216,7 @@ STACK_OF(type) \ #define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st)) #define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st)) -#define sk_OCSP_CERTID_new(st) SKM_sk_new(OCSP_CERTID, (st)) +#define sk_OCSP_CERTID_new(cmp) SKM_sk_new(OCSP_CERTID, (cmp)) #define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID) #define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st)) #define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st)) @@ -1096,7 +1238,7 @@ STACK_OF(type) \ #define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st)) #define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st)) -#define sk_OCSP_ONEREQ_new(st) SKM_sk_new(OCSP_ONEREQ, (st)) +#define sk_OCSP_ONEREQ_new(cmp) SKM_sk_new(OCSP_ONEREQ, (cmp)) #define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ) #define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st)) #define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st)) @@ -1118,7 +1260,7 @@ STACK_OF(type) \ #define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st)) #define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st)) -#define sk_OCSP_RESPID_new(st) SKM_sk_new(OCSP_RESPID, (st)) +#define sk_OCSP_RESPID_new(cmp) SKM_sk_new(OCSP_RESPID, (cmp)) #define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID) #define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st)) #define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st)) @@ -1140,7 +1282,7 @@ STACK_OF(type) \ #define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st)) #define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st)) -#define sk_OCSP_SINGLERESP_new(st) SKM_sk_new(OCSP_SINGLERESP, (st)) +#define sk_OCSP_SINGLERESP_new(cmp) SKM_sk_new(OCSP_SINGLERESP, (cmp)) #define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP) #define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st)) #define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st)) @@ -1162,7 +1304,7 @@ STACK_OF(type) \ #define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st)) #define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st)) -#define sk_PKCS12_SAFEBAG_new(st) SKM_sk_new(PKCS12_SAFEBAG, (st)) +#define sk_PKCS12_SAFEBAG_new(cmp) SKM_sk_new(PKCS12_SAFEBAG, (cmp)) #define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG) #define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st)) #define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st)) @@ -1184,7 +1326,7 @@ STACK_OF(type) \ #define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st)) #define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st)) -#define sk_PKCS7_new(st) SKM_sk_new(PKCS7, (st)) +#define sk_PKCS7_new(cmp) SKM_sk_new(PKCS7, (cmp)) #define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7) #define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st)) #define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st)) @@ -1206,7 +1348,7 @@ STACK_OF(type) \ #define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st)) #define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st)) -#define sk_PKCS7_RECIP_INFO_new(st) SKM_sk_new(PKCS7_RECIP_INFO, (st)) +#define sk_PKCS7_RECIP_INFO_new(cmp) SKM_sk_new(PKCS7_RECIP_INFO, (cmp)) #define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO) #define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st)) #define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st)) @@ -1228,7 +1370,7 @@ STACK_OF(type) \ #define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st)) #define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_new(st) SKM_sk_new(PKCS7_SIGNER_INFO, (st)) +#define sk_PKCS7_SIGNER_INFO_new(cmp) SKM_sk_new(PKCS7_SIGNER_INFO, (cmp)) #define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO) #define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st)) #define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st)) @@ -1250,7 +1392,7 @@ STACK_OF(type) \ #define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st)) #define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st)) -#define sk_POLICYINFO_new(st) SKM_sk_new(POLICYINFO, (st)) +#define sk_POLICYINFO_new(cmp) SKM_sk_new(POLICYINFO, (cmp)) #define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO) #define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st)) #define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st)) @@ -1272,7 +1414,7 @@ STACK_OF(type) \ #define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st)) #define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st)) -#define sk_POLICYQUALINFO_new(st) SKM_sk_new(POLICYQUALINFO, (st)) +#define sk_POLICYQUALINFO_new(cmp) SKM_sk_new(POLICYQUALINFO, (cmp)) #define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO) #define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st)) #define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st)) @@ -1294,7 +1436,7 @@ STACK_OF(type) \ #define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st)) #define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st)) -#define sk_POLICY_MAPPING_new(st) SKM_sk_new(POLICY_MAPPING, (st)) +#define sk_POLICY_MAPPING_new(cmp) SKM_sk_new(POLICY_MAPPING, (cmp)) #define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING) #define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st)) @@ -1316,7 +1458,7 @@ STACK_OF(type) \ #define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st)) -#define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st)) +#define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp)) #define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER) #define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st)) #define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st)) @@ -1338,7 +1480,7 @@ STACK_OF(type) \ #define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st)) #define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st)) -#define sk_SSL_COMP_new(st) SKM_sk_new(SSL_COMP, (st)) +#define sk_SSL_COMP_new(cmp) SKM_sk_new(SSL_COMP, (cmp)) #define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP) #define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st)) #define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st)) @@ -1360,7 +1502,51 @@ STACK_OF(type) \ #define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st)) #define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st)) -#define sk_STORE_OBJECT_new(st) SKM_sk_new(STORE_OBJECT, (st)) +#define sk_STACK_OF_X509_NAME_ENTRY_new(cmp) SKM_sk_new(STACK_OF_X509_NAME_ENTRY, (cmp)) +#define sk_STACK_OF_X509_NAME_ENTRY_new_null() SKM_sk_new_null(STACK_OF_X509_NAME_ENTRY) +#define sk_STACK_OF_X509_NAME_ENTRY_free(st) SKM_sk_free(STACK_OF_X509_NAME_ENTRY, (st)) +#define sk_STACK_OF_X509_NAME_ENTRY_num(st) SKM_sk_num(STACK_OF_X509_NAME_ENTRY, (st)) +#define sk_STACK_OF_X509_NAME_ENTRY_value(st, i) SKM_sk_value(STACK_OF_X509_NAME_ENTRY, (st), (i)) +#define sk_STACK_OF_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(STACK_OF_X509_NAME_ENTRY, (st), (i), (val)) +#define sk_STACK_OF_X509_NAME_ENTRY_zero(st) SKM_sk_zero(STACK_OF_X509_NAME_ENTRY, (st)) +#define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val)) +#define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val)) +#define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val)) +#define sk_STACK_OF_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(STACK_OF_X509_NAME_ENTRY, (st), (val)) +#define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i)) +#define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr)) +#define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i)) +#define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STACK_OF_X509_NAME_ENTRY, (st), (cmp)) +#define sk_STACK_OF_X509_NAME_ENTRY_dup(st) SKM_sk_dup(STACK_OF_X509_NAME_ENTRY, st) +#define sk_STACK_OF_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(STACK_OF_X509_NAME_ENTRY, (st), (free_func)) +#define sk_STACK_OF_X509_NAME_ENTRY_shift(st) SKM_sk_shift(STACK_OF_X509_NAME_ENTRY, (st)) +#define sk_STACK_OF_X509_NAME_ENTRY_pop(st) SKM_sk_pop(STACK_OF_X509_NAME_ENTRY, (st)) +#define sk_STACK_OF_X509_NAME_ENTRY_sort(st) SKM_sk_sort(STACK_OF_X509_NAME_ENTRY, (st)) +#define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(STACK_OF_X509_NAME_ENTRY, (st)) + +#define sk_STORE_ATTR_INFO_new(cmp) SKM_sk_new(STORE_ATTR_INFO, (cmp)) +#define sk_STORE_ATTR_INFO_new_null() SKM_sk_new_null(STORE_ATTR_INFO) +#define sk_STORE_ATTR_INFO_free(st) SKM_sk_free(STORE_ATTR_INFO, (st)) +#define sk_STORE_ATTR_INFO_num(st) SKM_sk_num(STORE_ATTR_INFO, (st)) +#define sk_STORE_ATTR_INFO_value(st, i) SKM_sk_value(STORE_ATTR_INFO, (st), (i)) +#define sk_STORE_ATTR_INFO_set(st, i, val) SKM_sk_set(STORE_ATTR_INFO, (st), (i), (val)) +#define sk_STORE_ATTR_INFO_zero(st) SKM_sk_zero(STORE_ATTR_INFO, (st)) +#define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val)) +#define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val)) +#define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val)) +#define sk_STORE_ATTR_INFO_find_ex(st, val) SKM_sk_find_ex(STORE_ATTR_INFO, (st), (val)) +#define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i)) +#define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr)) +#define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i)) +#define sk_STORE_ATTR_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_ATTR_INFO, (st), (cmp)) +#define sk_STORE_ATTR_INFO_dup(st) SKM_sk_dup(STORE_ATTR_INFO, st) +#define sk_STORE_ATTR_INFO_pop_free(st, free_func) SKM_sk_pop_free(STORE_ATTR_INFO, (st), (free_func)) +#define sk_STORE_ATTR_INFO_shift(st) SKM_sk_shift(STORE_ATTR_INFO, (st)) +#define sk_STORE_ATTR_INFO_pop(st) SKM_sk_pop(STORE_ATTR_INFO, (st)) +#define sk_STORE_ATTR_INFO_sort(st) SKM_sk_sort(STORE_ATTR_INFO, (st)) +#define sk_STORE_ATTR_INFO_is_sorted(st) SKM_sk_is_sorted(STORE_ATTR_INFO, (st)) + +#define sk_STORE_OBJECT_new(cmp) SKM_sk_new(STORE_OBJECT, (cmp)) #define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT) #define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st)) #define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st)) @@ -1382,7 +1568,7 @@ STACK_OF(type) \ #define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st)) #define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st)) -#define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st)) +#define sk_SXNETID_new(cmp) SKM_sk_new(SXNETID, (cmp)) #define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID) #define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st)) #define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st)) @@ -1404,7 +1590,7 @@ STACK_OF(type) \ #define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st)) #define sk_SXNETID_is_sorted(st) SKM_sk_is_sorted(SXNETID, (st)) -#define sk_UI_STRING_new(st) SKM_sk_new(UI_STRING, (st)) +#define sk_UI_STRING_new(cmp) SKM_sk_new(UI_STRING, (cmp)) #define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING) #define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st)) #define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st)) @@ -1426,7 +1612,7 @@ STACK_OF(type) \ #define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st)) #define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st)) -#define sk_X509_new(st) SKM_sk_new(X509, (st)) +#define sk_X509_new(cmp) SKM_sk_new(X509, (cmp)) #define sk_X509_new_null() SKM_sk_new_null(X509) #define sk_X509_free(st) SKM_sk_free(X509, (st)) #define sk_X509_num(st) SKM_sk_num(X509, (st)) @@ -1448,7 +1634,7 @@ STACK_OF(type) \ #define sk_X509_sort(st) SKM_sk_sort(X509, (st)) #define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st)) -#define sk_X509V3_EXT_METHOD_new(st) SKM_sk_new(X509V3_EXT_METHOD, (st)) +#define sk_X509V3_EXT_METHOD_new(cmp) SKM_sk_new(X509V3_EXT_METHOD, (cmp)) #define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD) #define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st)) #define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st)) @@ -1470,7 +1656,7 @@ STACK_OF(type) \ #define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st)) #define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st)) -#define sk_X509_ALGOR_new(st) SKM_sk_new(X509_ALGOR, (st)) +#define sk_X509_ALGOR_new(cmp) SKM_sk_new(X509_ALGOR, (cmp)) #define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR) #define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st)) #define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st)) @@ -1492,7 +1678,7 @@ STACK_OF(type) \ #define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st)) #define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st)) -#define sk_X509_ATTRIBUTE_new(st) SKM_sk_new(X509_ATTRIBUTE, (st)) +#define sk_X509_ATTRIBUTE_new(cmp) SKM_sk_new(X509_ATTRIBUTE, (cmp)) #define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE) #define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st)) #define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st)) @@ -1514,7 +1700,7 @@ STACK_OF(type) \ #define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st)) #define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st)) -#define sk_X509_CRL_new(st) SKM_sk_new(X509_CRL, (st)) +#define sk_X509_CRL_new(cmp) SKM_sk_new(X509_CRL, (cmp)) #define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL) #define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st)) #define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st)) @@ -1536,7 +1722,7 @@ STACK_OF(type) \ #define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st)) #define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st)) -#define sk_X509_EXTENSION_new(st) SKM_sk_new(X509_EXTENSION, (st)) +#define sk_X509_EXTENSION_new(cmp) SKM_sk_new(X509_EXTENSION, (cmp)) #define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION) #define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st)) #define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st)) @@ -1558,7 +1744,7 @@ STACK_OF(type) \ #define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st)) #define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st)) -#define sk_X509_INFO_new(st) SKM_sk_new(X509_INFO, (st)) +#define sk_X509_INFO_new(cmp) SKM_sk_new(X509_INFO, (cmp)) #define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO) #define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st)) #define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st)) @@ -1580,7 +1766,7 @@ STACK_OF(type) \ #define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st)) #define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st)) -#define sk_X509_LOOKUP_new(st) SKM_sk_new(X509_LOOKUP, (st)) +#define sk_X509_LOOKUP_new(cmp) SKM_sk_new(X509_LOOKUP, (cmp)) #define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP) #define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st)) #define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st)) @@ -1602,7 +1788,7 @@ STACK_OF(type) \ #define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st)) #define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st)) -#define sk_X509_NAME_new(st) SKM_sk_new(X509_NAME, (st)) +#define sk_X509_NAME_new(cmp) SKM_sk_new(X509_NAME, (cmp)) #define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME) #define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st)) #define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st)) @@ -1624,7 +1810,7 @@ STACK_OF(type) \ #define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st)) #define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st)) -#define sk_X509_NAME_ENTRY_new(st) SKM_sk_new(X509_NAME_ENTRY, (st)) +#define sk_X509_NAME_ENTRY_new(cmp) SKM_sk_new(X509_NAME_ENTRY, (cmp)) #define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY) #define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st)) #define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st)) @@ -1646,7 +1832,7 @@ STACK_OF(type) \ #define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st)) #define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st)) -#define sk_X509_OBJECT_new(st) SKM_sk_new(X509_OBJECT, (st)) +#define sk_X509_OBJECT_new(cmp) SKM_sk_new(X509_OBJECT, (cmp)) #define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT) #define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st)) #define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st)) @@ -1668,7 +1854,7 @@ STACK_OF(type) \ #define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st)) #define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st)) -#define sk_X509_POLICY_DATA_new(st) SKM_sk_new(X509_POLICY_DATA, (st)) +#define sk_X509_POLICY_DATA_new(cmp) SKM_sk_new(X509_POLICY_DATA, (cmp)) #define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA) #define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st)) #define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st)) @@ -1690,7 +1876,7 @@ STACK_OF(type) \ #define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st)) #define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st)) -#define sk_X509_POLICY_NODE_new(st) SKM_sk_new(X509_POLICY_NODE, (st)) +#define sk_X509_POLICY_NODE_new(cmp) SKM_sk_new(X509_POLICY_NODE, (cmp)) #define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE) #define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st)) #define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st)) @@ -1712,29 +1898,7 @@ STACK_OF(type) \ #define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st)) #define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_REF_new(st) SKM_sk_new(X509_POLICY_REF, (st)) -#define sk_X509_POLICY_REF_new_null() SKM_sk_new_null(X509_POLICY_REF) -#define sk_X509_POLICY_REF_free(st) SKM_sk_free(X509_POLICY_REF, (st)) -#define sk_X509_POLICY_REF_num(st) SKM_sk_num(X509_POLICY_REF, (st)) -#define sk_X509_POLICY_REF_value(st, i) SKM_sk_value(X509_POLICY_REF, (st), (i)) -#define sk_X509_POLICY_REF_set(st, i, val) SKM_sk_set(X509_POLICY_REF, (st), (i), (val)) -#define sk_X509_POLICY_REF_zero(st) SKM_sk_zero(X509_POLICY_REF, (st)) -#define sk_X509_POLICY_REF_push(st, val) SKM_sk_push(X509_POLICY_REF, (st), (val)) -#define sk_X509_POLICY_REF_unshift(st, val) SKM_sk_unshift(X509_POLICY_REF, (st), (val)) -#define sk_X509_POLICY_REF_find(st, val) SKM_sk_find(X509_POLICY_REF, (st), (val)) -#define sk_X509_POLICY_REF_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_REF, (st), (val)) -#define sk_X509_POLICY_REF_delete(st, i) SKM_sk_delete(X509_POLICY_REF, (st), (i)) -#define sk_X509_POLICY_REF_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_REF, (st), (ptr)) -#define sk_X509_POLICY_REF_insert(st, val, i) SKM_sk_insert(X509_POLICY_REF, (st), (val), (i)) -#define sk_X509_POLICY_REF_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_REF, (st), (cmp)) -#define sk_X509_POLICY_REF_dup(st) SKM_sk_dup(X509_POLICY_REF, st) -#define sk_X509_POLICY_REF_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_REF, (st), (free_func)) -#define sk_X509_POLICY_REF_shift(st) SKM_sk_shift(X509_POLICY_REF, (st)) -#define sk_X509_POLICY_REF_pop(st) SKM_sk_pop(X509_POLICY_REF, (st)) -#define sk_X509_POLICY_REF_sort(st) SKM_sk_sort(X509_POLICY_REF, (st)) -#define sk_X509_POLICY_REF_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_REF, (st)) - -#define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st)) +#define sk_X509_PURPOSE_new(cmp) SKM_sk_new(X509_PURPOSE, (cmp)) #define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE) #define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st)) #define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st)) @@ -1756,7 +1920,7 @@ STACK_OF(type) \ #define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st)) #define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st)) -#define sk_X509_REVOKED_new(st) SKM_sk_new(X509_REVOKED, (st)) +#define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp)) #define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED) #define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st)) #define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st)) @@ -1778,7 +1942,7 @@ STACK_OF(type) \ #define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st)) #define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st)) -#define sk_X509_TRUST_new(st) SKM_sk_new(X509_TRUST, (st)) +#define sk_X509_TRUST_new(cmp) SKM_sk_new(X509_TRUST, (cmp)) #define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST) #define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st)) #define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st)) @@ -1800,7 +1964,7 @@ STACK_OF(type) \ #define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st)) #define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st)) -#define sk_X509_VERIFY_PARAM_new(st) SKM_sk_new(X509_VERIFY_PARAM, (st)) +#define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp)) #define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM) #define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st)) #define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st)) @@ -1822,6 +1986,125 @@ STACK_OF(type) \ #define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st)) #define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st)) +#define sk_nid_triple_new(cmp) SKM_sk_new(nid_triple, (cmp)) +#define sk_nid_triple_new_null() SKM_sk_new_null(nid_triple) +#define sk_nid_triple_free(st) SKM_sk_free(nid_triple, (st)) +#define sk_nid_triple_num(st) SKM_sk_num(nid_triple, (st)) +#define sk_nid_triple_value(st, i) SKM_sk_value(nid_triple, (st), (i)) +#define sk_nid_triple_set(st, i, val) SKM_sk_set(nid_triple, (st), (i), (val)) +#define sk_nid_triple_zero(st) SKM_sk_zero(nid_triple, (st)) +#define sk_nid_triple_push(st, val) SKM_sk_push(nid_triple, (st), (val)) +#define sk_nid_triple_unshift(st, val) SKM_sk_unshift(nid_triple, (st), (val)) +#define sk_nid_triple_find(st, val) SKM_sk_find(nid_triple, (st), (val)) +#define sk_nid_triple_find_ex(st, val) SKM_sk_find_ex(nid_triple, (st), (val)) +#define sk_nid_triple_delete(st, i) SKM_sk_delete(nid_triple, (st), (i)) +#define sk_nid_triple_delete_ptr(st, ptr) SKM_sk_delete_ptr(nid_triple, (st), (ptr)) +#define sk_nid_triple_insert(st, val, i) SKM_sk_insert(nid_triple, (st), (val), (i)) +#define sk_nid_triple_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(nid_triple, (st), (cmp)) +#define sk_nid_triple_dup(st) SKM_sk_dup(nid_triple, st) +#define sk_nid_triple_pop_free(st, free_func) SKM_sk_pop_free(nid_triple, (st), (free_func)) +#define sk_nid_triple_shift(st) SKM_sk_shift(nid_triple, (st)) +#define sk_nid_triple_pop(st) SKM_sk_pop(nid_triple, (st)) +#define sk_nid_triple_sort(st) SKM_sk_sort(nid_triple, (st)) +#define sk_nid_triple_is_sorted(st) SKM_sk_is_sorted(nid_triple, (st)) + +#define sk_void_new(cmp) SKM_sk_new(void, (cmp)) +#define sk_void_new_null() SKM_sk_new_null(void) +#define sk_void_free(st) SKM_sk_free(void, (st)) +#define sk_void_num(st) SKM_sk_num(void, (st)) +#define sk_void_value(st, i) SKM_sk_value(void, (st), (i)) +#define sk_void_set(st, i, val) SKM_sk_set(void, (st), (i), (val)) +#define sk_void_zero(st) SKM_sk_zero(void, (st)) +#define sk_void_push(st, val) SKM_sk_push(void, (st), (val)) +#define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val)) +#define sk_void_find(st, val) SKM_sk_find(void, (st), (val)) +#define sk_void_find_ex(st, val) SKM_sk_find_ex(void, (st), (val)) +#define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i)) +#define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr)) +#define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i)) +#define sk_void_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(void, (st), (cmp)) +#define sk_void_dup(st) SKM_sk_dup(void, st) +#define sk_void_pop_free(st, free_func) SKM_sk_pop_free(void, (st), (free_func)) +#define sk_void_shift(st) SKM_sk_shift(void, (st)) +#define sk_void_pop(st) SKM_sk_pop(void, (st)) +#define sk_void_sort(st) SKM_sk_sort(void, (st)) +#define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st)) + +#define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp))) +#define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null()) +#define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val)) +#define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val)) +#define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), i)) +#define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st) +#define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_SK_FREE_FUNC2(OPENSSL_BLOCK, free_func)) +#define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val), i) +#define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st) +#define sk_OPENSSL_BLOCK_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), i, CHECKED_PTR_OF(void, val)) +#define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st)) +#define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val)) +#define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val)) +#define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i)) +#define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, ptr)) +#define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp) \ + ((int (*)(const void * const *,const void * const *)) \ + sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_SK_CMP_FUNC(void, cmp))) +#define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st) +#define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st)) +#define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st)) +#define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st)) +#define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st)) + + +#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) +#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null()) +#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val)) +#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val)) +#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), i)) +#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st) +#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func)) +#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val), i) +#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st) +#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), i, CHECKED_PTR_OF(OPENSSL_STRING, val)) +#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st)) +#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val)) +#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val)) +#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i)) +#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, ptr)) +#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \ + ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \ + sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) +#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st) +#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st)) +#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st)) +#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st)) +#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st)) + + +#define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp))) +#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null()) +#define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val)) +#define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val)) +#define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), i)) +#define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st) +#define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_SK_FREE_FUNC2(OPENSSL_STRING, free_func)) +#define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val), i) +#define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st) +#define sk_OPENSSL_STRING_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), i, CHECKED_PTR_OF(char, val)) +#define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st)) +#define sk_OPENSSL_STRING_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val)) +#define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val)) +#define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i)) +#define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, ptr)) +#define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \ + ((int (*)(const char * const *,const char * const *)) \ + sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_SK_CMP_FUNC(char, cmp))) +#define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st) +#define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st)) +#define sk_OPENSSL_STRING_pop(st) (char *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st)) +#define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st)) +#define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st)) + + #define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) #define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \ @@ -1858,6 +2141,15 @@ STACK_OF(type) \ #define ASN1_seq_unpack_ASN1_TYPE(buf, len, d2i_func, free_func) \ SKM_ASN1_seq_unpack(ASN1_TYPE, (buf), (len), (d2i_func), (free_func)) +#define d2i_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ + SKM_ASN1_SET_OF_d2i(ASN1_UTF8STRING, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) +#define i2d_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, i2d_func, ex_tag, ex_class, is_set) \ + SKM_ASN1_SET_OF_i2d(ASN1_UTF8STRING, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) +#define ASN1_seq_pack_ASN1_UTF8STRING(st, i2d_func, buf, len) \ + SKM_ASN1_seq_pack(ASN1_UTF8STRING, (st), (i2d_func), (buf), (len)) +#define ASN1_seq_unpack_ASN1_UTF8STRING(buf, len, d2i_func, free_func) \ + SKM_ASN1_seq_unpack(ASN1_UTF8STRING, (buf), (len), (d2i_func), (free_func)) + #define d2i_ASN1_SET_OF_DIST_POINT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ SKM_ASN1_SET_OF_d2i(DIST_POINT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) #define i2d_ASN1_SET_OF_DIST_POINT(st, pp, i2d_func, ex_tag, ex_class, is_set) \ @@ -1867,6 +2159,24 @@ STACK_OF(type) \ #define ASN1_seq_unpack_DIST_POINT(buf, len, d2i_func, free_func) \ SKM_ASN1_seq_unpack(DIST_POINT, (buf), (len), (d2i_func), (free_func)) +#define d2i_ASN1_SET_OF_ESS_CERT_ID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ + SKM_ASN1_SET_OF_d2i(ESS_CERT_ID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) +#define i2d_ASN1_SET_OF_ESS_CERT_ID(st, pp, i2d_func, ex_tag, ex_class, is_set) \ + SKM_ASN1_SET_OF_i2d(ESS_CERT_ID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) +#define ASN1_seq_pack_ESS_CERT_ID(st, i2d_func, buf, len) \ + SKM_ASN1_seq_pack(ESS_CERT_ID, (st), (i2d_func), (buf), (len)) +#define ASN1_seq_unpack_ESS_CERT_ID(buf, len, d2i_func, free_func) \ + SKM_ASN1_seq_unpack(ESS_CERT_ID, (buf), (len), (d2i_func), (free_func)) + +#define d2i_ASN1_SET_OF_EVP_MD(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ + SKM_ASN1_SET_OF_d2i(EVP_MD, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) +#define i2d_ASN1_SET_OF_EVP_MD(st, pp, i2d_func, ex_tag, ex_class, is_set) \ + SKM_ASN1_SET_OF_i2d(EVP_MD, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) +#define ASN1_seq_pack_EVP_MD(st, i2d_func, buf, len) \ + SKM_ASN1_seq_pack(EVP_MD, (st), (i2d_func), (buf), (len)) +#define ASN1_seq_unpack_EVP_MD(buf, len, d2i_func, free_func) \ + SKM_ASN1_seq_unpack(EVP_MD, (buf), (len), (d2i_func), (free_func)) + #define d2i_ASN1_SET_OF_GENERAL_NAME(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ SKM_ASN1_SET_OF_d2i(GENERAL_NAME, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) #define i2d_ASN1_SET_OF_GENERAL_NAME(st, pp, i2d_func, ex_tag, ex_class, is_set) \ @@ -2025,6 +2335,240 @@ STACK_OF(type) \ #define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \ SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq)) + +#define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj) +#define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst) +#define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst) +#define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst) +#define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn) +#define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg) +#define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh) +#define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh) +#define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh) +#define lh_ADDED_OBJ_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(ADDED_OBJ,lh,out) +#define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out) +#define lh_ADDED_OBJ_stats_bio(lh,out) \ + LHM_lh_stats_bio(ADDED_OBJ,lh,out) +#define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh) + +#define lh_APP_INFO_new() LHM_lh_new(APP_INFO,app_info) +#define lh_APP_INFO_insert(lh,inst) LHM_lh_insert(APP_INFO,lh,inst) +#define lh_APP_INFO_retrieve(lh,inst) LHM_lh_retrieve(APP_INFO,lh,inst) +#define lh_APP_INFO_delete(lh,inst) LHM_lh_delete(APP_INFO,lh,inst) +#define lh_APP_INFO_doall(lh,fn) LHM_lh_doall(APP_INFO,lh,fn) +#define lh_APP_INFO_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(APP_INFO,lh,fn,arg_type,arg) +#define lh_APP_INFO_error(lh) LHM_lh_error(APP_INFO,lh) +#define lh_APP_INFO_num_items(lh) LHM_lh_num_items(APP_INFO,lh) +#define lh_APP_INFO_down_load(lh) LHM_lh_down_load(APP_INFO,lh) +#define lh_APP_INFO_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(APP_INFO,lh,out) +#define lh_APP_INFO_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(APP_INFO,lh,out) +#define lh_APP_INFO_stats_bio(lh,out) \ + LHM_lh_stats_bio(APP_INFO,lh,out) +#define lh_APP_INFO_free(lh) LHM_lh_free(APP_INFO,lh) + +#define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value) +#define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst) +#define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst) +#define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst) +#define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn) +#define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg) +#define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh) +#define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh) +#define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh) +#define lh_CONF_VALUE_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(CONF_VALUE,lh,out) +#define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out) +#define lh_CONF_VALUE_stats_bio(lh,out) \ + LHM_lh_stats_bio(CONF_VALUE,lh,out) +#define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh) + +#define lh_ENGINE_PILE_new() LHM_lh_new(ENGINE_PILE,engine_pile) +#define lh_ENGINE_PILE_insert(lh,inst) LHM_lh_insert(ENGINE_PILE,lh,inst) +#define lh_ENGINE_PILE_retrieve(lh,inst) LHM_lh_retrieve(ENGINE_PILE,lh,inst) +#define lh_ENGINE_PILE_delete(lh,inst) LHM_lh_delete(ENGINE_PILE,lh,inst) +#define lh_ENGINE_PILE_doall(lh,fn) LHM_lh_doall(ENGINE_PILE,lh,fn) +#define lh_ENGINE_PILE_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(ENGINE_PILE,lh,fn,arg_type,arg) +#define lh_ENGINE_PILE_error(lh) LHM_lh_error(ENGINE_PILE,lh) +#define lh_ENGINE_PILE_num_items(lh) LHM_lh_num_items(ENGINE_PILE,lh) +#define lh_ENGINE_PILE_down_load(lh) LHM_lh_down_load(ENGINE_PILE,lh) +#define lh_ENGINE_PILE_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(ENGINE_PILE,lh,out) +#define lh_ENGINE_PILE_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(ENGINE_PILE,lh,out) +#define lh_ENGINE_PILE_stats_bio(lh,out) \ + LHM_lh_stats_bio(ENGINE_PILE,lh,out) +#define lh_ENGINE_PILE_free(lh) LHM_lh_free(ENGINE_PILE,lh) + +#define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state) +#define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst) +#define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst) +#define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst) +#define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn) +#define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg) +#define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh) +#define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh) +#define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh) +#define lh_ERR_STATE_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(ERR_STATE,lh,out) +#define lh_ERR_STATE_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out) +#define lh_ERR_STATE_stats_bio(lh,out) \ + LHM_lh_stats_bio(ERR_STATE,lh,out) +#define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh) + +#define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data) +#define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst) +#define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst) +#define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst) +#define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn) +#define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg) +#define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh) +#define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh) +#define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh) +#define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out) +#define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out) +#define lh_ERR_STRING_DATA_stats_bio(lh,out) \ + LHM_lh_stats_bio(ERR_STRING_DATA,lh,out) +#define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh) + +#define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item) +#define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst) +#define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst) +#define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst) +#define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn) +#define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg) +#define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh) +#define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh) +#define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh) +#define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out) +#define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out) +#define lh_EX_CLASS_ITEM_stats_bio(lh,out) \ + LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out) +#define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh) + +#define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function) +#define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst) +#define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst) +#define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst) +#define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn) +#define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg) +#define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh) +#define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh) +#define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh) +#define lh_FUNCTION_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(FUNCTION,lh,out) +#define lh_FUNCTION_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(FUNCTION,lh,out) +#define lh_FUNCTION_stats_bio(lh,out) \ + LHM_lh_stats_bio(FUNCTION,lh,out) +#define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh) + +#define lh_MEM_new() LHM_lh_new(MEM,mem) +#define lh_MEM_insert(lh,inst) LHM_lh_insert(MEM,lh,inst) +#define lh_MEM_retrieve(lh,inst) LHM_lh_retrieve(MEM,lh,inst) +#define lh_MEM_delete(lh,inst) LHM_lh_delete(MEM,lh,inst) +#define lh_MEM_doall(lh,fn) LHM_lh_doall(MEM,lh,fn) +#define lh_MEM_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(MEM,lh,fn,arg_type,arg) +#define lh_MEM_error(lh) LHM_lh_error(MEM,lh) +#define lh_MEM_num_items(lh) LHM_lh_num_items(MEM,lh) +#define lh_MEM_down_load(lh) LHM_lh_down_load(MEM,lh) +#define lh_MEM_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(MEM,lh,out) +#define lh_MEM_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(MEM,lh,out) +#define lh_MEM_stats_bio(lh,out) \ + LHM_lh_stats_bio(MEM,lh,out) +#define lh_MEM_free(lh) LHM_lh_free(MEM,lh) + +#define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name) +#define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst) +#define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst) +#define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst) +#define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn) +#define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg) +#define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh) +#define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh) +#define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh) +#define lh_OBJ_NAME_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(OBJ_NAME,lh,out) +#define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out) +#define lh_OBJ_NAME_stats_bio(lh,out) \ + LHM_lh_stats_bio(OBJ_NAME,lh,out) +#define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh) + +#define lh_OPENSSL_CSTRING_new() LHM_lh_new(OPENSSL_CSTRING,openssl_cstring) +#define lh_OPENSSL_CSTRING_insert(lh,inst) LHM_lh_insert(OPENSSL_CSTRING,lh,inst) +#define lh_OPENSSL_CSTRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_CSTRING,lh,inst) +#define lh_OPENSSL_CSTRING_delete(lh,inst) LHM_lh_delete(OPENSSL_CSTRING,lh,inst) +#define lh_OPENSSL_CSTRING_doall(lh,fn) LHM_lh_doall(OPENSSL_CSTRING,lh,fn) +#define lh_OPENSSL_CSTRING_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(OPENSSL_CSTRING,lh,fn,arg_type,arg) +#define lh_OPENSSL_CSTRING_error(lh) LHM_lh_error(OPENSSL_CSTRING,lh) +#define lh_OPENSSL_CSTRING_num_items(lh) LHM_lh_num_items(OPENSSL_CSTRING,lh) +#define lh_OPENSSL_CSTRING_down_load(lh) LHM_lh_down_load(OPENSSL_CSTRING,lh) +#define lh_OPENSSL_CSTRING_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(OPENSSL_CSTRING,lh,out) +#define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(OPENSSL_CSTRING,lh,out) +#define lh_OPENSSL_CSTRING_stats_bio(lh,out) \ + LHM_lh_stats_bio(OPENSSL_CSTRING,lh,out) +#define lh_OPENSSL_CSTRING_free(lh) LHM_lh_free(OPENSSL_CSTRING,lh) + +#define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string) +#define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst) +#define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst) +#define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst) +#define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn) +#define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg) +#define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh) +#define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh) +#define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh) +#define lh_OPENSSL_STRING_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out) +#define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out) +#define lh_OPENSSL_STRING_stats_bio(lh,out) \ + LHM_lh_stats_bio(OPENSSL_STRING,lh,out) +#define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh) + +#define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session) +#define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst) +#define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst) +#define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst) +#define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn) +#define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg) +#define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh) +#define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh) +#define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh) +#define lh_SSL_SESSION_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(SSL_SESSION,lh,out) +#define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out) +#define lh_SSL_SESSION_stats_bio(lh,out) \ + LHM_lh_stats_bio(SSL_SESSION,lh,out) +#define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh) /* End of util/mkstack.pl block, you may now edit :-) */ #endif /* !defined HEADER_SAFESTACK_H */ diff --git a/src/lib/libcrypto/stack/stack.c b/src/lib/libcrypto/stack/stack.c index 378bd7c796..76cf1a1168 100644 --- a/src/lib/libcrypto/stack/stack.c +++ b/src/lib/libcrypto/stack/stack.c @@ -77,10 +77,10 @@ const char STACK_version[]="Stack" OPENSSL_VERSION_PTEXT; #include -int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,const char * const *))) - (const char * const *, const char * const *) +int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *))) + (const void *, const void *) { - int (*old)(const char * const *,const char * const *)=sk->comp; + int (*old)(const void *,const void *)=sk->comp; if (sk->comp != c) sk->sorted=0; @@ -89,9 +89,9 @@ int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,const char * cons return old; } -STACK *sk_dup(STACK *sk) +_STACK *sk_dup(_STACK *sk) { - STACK *ret; + _STACK *ret; char **s; if ((ret=sk_new(sk->comp)) == NULL) goto err; @@ -112,19 +112,19 @@ err: return(NULL); } -STACK *sk_new_null(void) +_STACK *sk_new_null(void) { - return sk_new((int (*)(const char * const *, const char * const *))0); + return sk_new((int (*)(const void *, const void *))0); } -STACK *sk_new(int (*c)(const char * const *, const char * const *)) +_STACK *sk_new(int (*c)(const void *, const void *)) { - STACK *ret; + _STACK *ret; int i; - if ((ret=(STACK *)OPENSSL_malloc(sizeof(STACK))) == NULL) + if ((ret=OPENSSL_malloc(sizeof(_STACK))) == NULL) goto err; - if ((ret->data=(char **)OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL) + if ((ret->data=OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL) goto err; for (i=0; idata[i]=NULL; @@ -139,14 +139,14 @@ err: return(NULL); } -int sk_insert(STACK *st, char *data, int loc) +int sk_insert(_STACK *st, void *data, int loc) { char **s; if(st == NULL) return 0; if (st->num_alloc <= st->num+1) { - s=(char **)OPENSSL_realloc((char *)st->data, + s=OPENSSL_realloc((char *)st->data, (unsigned int)sizeof(char *)*st->num_alloc*2); if (s == NULL) return(0); @@ -160,14 +160,14 @@ int sk_insert(STACK *st, char *data, int loc) int i; char **f,**t; - f=(char **)st->data; - t=(char **)&(st->data[1]); + f=st->data; + t=&(st->data[1]); for (i=st->num; i>=loc; i--) t[i]=f[i]; #ifdef undef /* no memmove on sunos :-( */ - memmove( (char *)&(st->data[loc+1]), - (char *)&(st->data[loc]), + memmove(&(st->data[loc+1]), + &(st->data[loc]), sizeof(char *)*(st->num-loc)); #endif st->data[loc]=data; @@ -177,7 +177,7 @@ int sk_insert(STACK *st, char *data, int loc) return(st->num); } -char *sk_delete_ptr(STACK *st, char *p) +void *sk_delete_ptr(_STACK *st, void *p) { int i; @@ -187,7 +187,7 @@ char *sk_delete_ptr(STACK *st, char *p) return(NULL); } -char *sk_delete(STACK *st, int loc) +void *sk_delete(_STACK *st, int loc) { char *ret; int i,j; @@ -210,11 +210,11 @@ char *sk_delete(STACK *st, int loc) return(ret); } -static int internal_find(STACK *st, char *data, int ret_val_options) +static int internal_find(_STACK *st, void *data, int ret_val_options) { - char **r; + const void * const *r; int i; - int (*comp_func)(const void *,const void *); + if(st == NULL) return -1; if (st->comp == NULL) @@ -226,53 +226,46 @@ static int internal_find(STACK *st, char *data, int ret_val_options) } sk_sort(st); if (data == NULL) return(-1); - /* This (and the "qsort" below) are the two places in OpenSSL - * where we need to convert from our standard (type **,type **) - * compare callback type to the (void *,void *) type required by - * bsearch. However, the "data" it is being called(back) with are - * not (type *) pointers, but the *pointers* to (type *) pointers, - * so we get our extra level of pointer dereferencing that way. */ - comp_func=(int (*)(const void *,const void *))(st->comp); - r=(char **)OBJ_bsearch_ex((char *)&data,(char *)st->data, - st->num,sizeof(char *),comp_func,ret_val_options); + r=OBJ_bsearch_ex_(&data,st->data,st->num,sizeof(void *),st->comp, + ret_val_options); if (r == NULL) return(-1); - return((int)(r-st->data)); + return (int)((char **)r-st->data); } -int sk_find(STACK *st, char *data) +int sk_find(_STACK *st, void *data) { return internal_find(st, data, OBJ_BSEARCH_FIRST_VALUE_ON_MATCH); } -int sk_find_ex(STACK *st, char *data) +int sk_find_ex(_STACK *st, void *data) { return internal_find(st, data, OBJ_BSEARCH_VALUE_ON_NOMATCH); } -int sk_push(STACK *st, char *data) +int sk_push(_STACK *st, void *data) { return(sk_insert(st,data,st->num)); } -int sk_unshift(STACK *st, char *data) +int sk_unshift(_STACK *st, void *data) { return(sk_insert(st,data,0)); } -char *sk_shift(STACK *st) +void *sk_shift(_STACK *st) { if (st == NULL) return(NULL); if (st->num <= 0) return(NULL); return(sk_delete(st,0)); } -char *sk_pop(STACK *st) +void *sk_pop(_STACK *st) { if (st == NULL) return(NULL); if (st->num <= 0) return(NULL); return(sk_delete(st,st->num-1)); } -void sk_zero(STACK *st) +void sk_zero(_STACK *st) { if (st == NULL) return; if (st->num <= 0) return; @@ -280,7 +273,7 @@ void sk_zero(STACK *st) st->num=0; } -void sk_pop_free(STACK *st, void (*func)(void *)) +void sk_pop_free(_STACK *st, void (*func)(void *)) { int i; @@ -291,32 +284,32 @@ void sk_pop_free(STACK *st, void (*func)(void *)) sk_free(st); } -void sk_free(STACK *st) +void sk_free(_STACK *st) { if (st == NULL) return; if (st->data != NULL) OPENSSL_free(st->data); OPENSSL_free(st); } -int sk_num(const STACK *st) +int sk_num(const _STACK *st) { if(st == NULL) return -1; return st->num; } -char *sk_value(const STACK *st, int i) +void *sk_value(const _STACK *st, int i) { if(!st || (i < 0) || (i >= st->num)) return NULL; return st->data[i]; } -char *sk_set(STACK *st, int i, char *value) +void *sk_set(_STACK *st, int i, void *value) { if(!st || (i < 0) || (i >= st->num)) return NULL; return (st->data[i] = value); } -void sk_sort(STACK *st) +void sk_sort(_STACK *st) { if (st && !st->sorted) { @@ -333,7 +326,7 @@ void sk_sort(STACK *st) } } -int sk_is_sorted(const STACK *st) +int sk_is_sorted(const _STACK *st) { if (!st) return 1; diff --git a/src/lib/libcrypto/stack/stack.h b/src/lib/libcrypto/stack/stack.h index 5cbb116a8b..ce35e554eb 100644 --- a/src/lib/libcrypto/stack/stack.h +++ b/src/lib/libcrypto/stack/stack.h @@ -70,37 +70,36 @@ typedef struct stack_st int sorted; int num_alloc; - int (*comp)(const char * const *, const char * const *); - } STACK; + int (*comp)(const void *, const void *); + } _STACK; /* Use STACK_OF(...) instead */ #define M_sk_num(sk) ((sk) ? (sk)->num:-1) #define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL) -int sk_num(const STACK *); -char *sk_value(const STACK *, int); +int sk_num(const _STACK *); +void *sk_value(const _STACK *, int); -char *sk_set(STACK *, int, char *); +void *sk_set(_STACK *, int, void *); -STACK *sk_new(int (*cmp)(const char * const *, const char * const *)); -STACK *sk_new_null(void); -void sk_free(STACK *); -void sk_pop_free(STACK *st, void (*func)(void *)); -int sk_insert(STACK *sk,char *data,int where); -char *sk_delete(STACK *st,int loc); -char *sk_delete_ptr(STACK *st, char *p); -int sk_find(STACK *st,char *data); -int sk_find_ex(STACK *st,char *data); -int sk_push(STACK *st,char *data); -int sk_unshift(STACK *st,char *data); -char *sk_shift(STACK *st); -char *sk_pop(STACK *st); -void sk_zero(STACK *st); -int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *, - const char * const *))) - (const char * const *, const char * const *); -STACK *sk_dup(STACK *st); -void sk_sort(STACK *st); -int sk_is_sorted(const STACK *st); +_STACK *sk_new(int (*cmp)(const void *, const void *)); +_STACK *sk_new_null(void); +void sk_free(_STACK *); +void sk_pop_free(_STACK *st, void (*func)(void *)); +int sk_insert(_STACK *sk, void *data, int where); +void *sk_delete(_STACK *st, int loc); +void *sk_delete_ptr(_STACK *st, void *p); +int sk_find(_STACK *st, void *data); +int sk_find_ex(_STACK *st, void *data); +int sk_push(_STACK *st, void *data); +int sk_unshift(_STACK *st, void *data); +void *sk_shift(_STACK *st); +void *sk_pop(_STACK *st); +void sk_zero(_STACK *st); +int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *))) + (const void *, const void *); +_STACK *sk_dup(_STACK *st); +void sk_sort(_STACK *st); +int sk_is_sorted(const _STACK *st); #ifdef __cplusplus } diff --git a/src/lib/libcrypto/symhacks.h b/src/lib/libcrypto/symhacks.h index 8728e6124d..3fd4a81692 100644 --- a/src/lib/libcrypto/symhacks.h +++ b/src/lib/libcrypto/symhacks.h @@ -60,12 +60,13 @@ /* Hacks to solve the problem with linkers incapable of handling very long symbol names. In the case of VMS, the limit is 31 characters on VMS for VAX. */ +/* Note that this affects util/libeay.num and util/ssleay.num... you may + change those manually, but that's not recommended, as those files are + controlled centrally and updated on Unix, and the central definition + may disagree with yours, which in turn may come with shareable library + incompatibilities. */ #ifdef OPENSSL_SYS_VMS -/* Hack a long name in crypto/cryptlib.c */ -#undef int_CRYPTO_set_do_dynlock_callback -#define int_CRYPTO_set_do_dynlock_callback int_CRYPTO_set_do_dynlock_cb - /* Hack a long name in crypto/ex_data.c */ #undef CRYPTO_get_ex_data_implementation #define CRYPTO_get_ex_data_implementation CRYPTO_get_ex_data_impl @@ -137,6 +138,8 @@ #define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers #undef X509_STORE_CTX_get_explicit_policy #define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy +#undef X509_STORE_CTX_get0_current_issuer +#define X509_STORE_CTX_get0_current_issuer X509_STORE_CTX_get0_cur_issuer /* Hack some long CRYPTO names */ #undef CRYPTO_set_dynlock_destroy_callback @@ -144,9 +147,9 @@ #undef CRYPTO_set_dynlock_create_callback #define CRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_create_cb #undef CRYPTO_set_dynlock_lock_callback -#define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb +#define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb #undef CRYPTO_get_dynlock_lock_callback -#define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb +#define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb #undef CRYPTO_get_dynlock_destroy_callback #define CRYPTO_get_dynlock_destroy_callback CRYPTO_get_dynlock_destroy_cb #undef CRYPTO_get_dynlock_create_callback @@ -158,7 +161,7 @@ /* Hack some long SSL names */ #undef SSL_CTX_set_default_verify_paths -#define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths +#define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths #undef SSL_get_ex_data_X509_STORE_CTX_idx #define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx #undef SSL_add_file_cert_subjects_to_stack @@ -168,21 +171,38 @@ #undef SSL_CTX_use_certificate_chain_file #define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file #undef SSL_CTX_set_cert_verify_callback -#define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb +#define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb #undef SSL_CTX_set_default_passwd_cb_userdata #define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud #undef SSL_COMP_get_compression_methods #define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods +#undef ssl_add_clienthello_renegotiate_ext +#define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext +#undef ssl_add_serverhello_renegotiate_ext +#define ssl_add_serverhello_renegotiate_ext ssl_add_serverhello_reneg_ext +#undef ssl_parse_clienthello_renegotiate_ext +#define ssl_parse_clienthello_renegotiate_ext ssl_parse_clienthello_reneg_ext +#undef ssl_parse_serverhello_renegotiate_ext +#define ssl_parse_serverhello_renegotiate_ext ssl_parse_serverhello_reneg_ext + /* Hack some long ENGINE names */ #undef ENGINE_get_default_BN_mod_exp_crt #define ENGINE_get_default_BN_mod_exp_crt ENGINE_get_def_BN_mod_exp_crt #undef ENGINE_set_default_BN_mod_exp_crt #define ENGINE_set_default_BN_mod_exp_crt ENGINE_set_def_BN_mod_exp_crt #undef ENGINE_set_load_privkey_function -#define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn +#define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn #undef ENGINE_get_load_privkey_function -#define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn +#define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn +#undef ENGINE_unregister_pkey_asn1_meths +#define ENGINE_unregister_pkey_asn1_meths ENGINE_unreg_pkey_asn1_meths +#undef ENGINE_register_all_pkey_asn1_meths +#define ENGINE_register_all_pkey_asn1_meths ENGINE_reg_all_pkey_asn1_meths +#undef ENGINE_set_default_pkey_asn1_meths +#define ENGINE_set_default_pkey_asn1_meths ENGINE_set_def_pkey_asn1_meths +#undef ENGINE_get_pkey_asn1_meth_engine +#define ENGINE_get_pkey_asn1_meth_engine ENGINE_get_pkey_asn1_meth_eng #undef ENGINE_set_load_ssl_client_cert_function #define ENGINE_set_load_ssl_client_cert_function \ ENGINE_set_ld_ssl_clnt_cert_fn @@ -191,7 +211,7 @@ /* Hack some long OCSP names */ #undef OCSP_REQUEST_get_ext_by_critical -#define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit +#define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit #undef OCSP_BASICRESP_get_ext_by_critical #define OCSP_BASICRESP_get_ext_by_critical OCSP_BASICRESP_get_ext_by_crit #undef OCSP_SINGLERESP_get_ext_by_critical @@ -208,6 +228,8 @@ #define OPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algo_noconf #undef OPENSSL_add_all_algorithms_conf #define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf +#undef EVP_PKEY_meth_set_verify_recover +#define EVP_PKEY_meth_set_verify_recover EVP_PKEY_meth_set_vrfy_recover /* Hack some long EC names */ #undef EC_GROUP_set_point_conversion_form @@ -236,15 +258,15 @@ #define EC_POINT_set_compressed_coordinates_GF2m \ EC_POINT_set_compr_coords_GF2m #undef ec_GF2m_simple_group_clear_finish -#define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish +#define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish #undef ec_GF2m_simple_group_check_discriminant #define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim #undef ec_GF2m_simple_point_clear_finish -#define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish +#define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish #undef ec_GF2m_simple_point_set_to_infinity -#define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf +#define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf #undef ec_GF2m_simple_points_make_affine -#define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine +#define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine #undef ec_GF2m_simple_point_set_affine_coordinates #define ec_GF2m_simple_point_set_affine_coordinates \ ec_GF2m_smp_pt_set_af_coords @@ -259,19 +281,19 @@ #undef ec_GFp_simple_group_get_curve_GFp #define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp #undef ec_GFp_simple_group_clear_finish -#define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish +#define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish #undef ec_GFp_simple_group_set_generator #define ec_GFp_simple_group_set_generator ec_GFp_simple_grp_set_generator #undef ec_GFp_simple_group_get0_generator #define ec_GFp_simple_group_get0_generator ec_GFp_simple_grp_gt0_generator #undef ec_GFp_simple_group_get_cofactor -#define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor +#define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor #undef ec_GFp_simple_point_clear_finish -#define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish +#define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish #undef ec_GFp_simple_point_set_to_infinity #define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf #undef ec_GFp_simple_points_make_affine -#define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine +#define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine #undef ec_GFp_simple_group_get_curve_GFp #define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp #undef ec_GFp_simple_set_Jprojective_coordinates_GFp @@ -351,6 +373,14 @@ #undef STORE_method_get_unlock_store_function #define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn +/* Hack some long TS names */ +#undef TS_RESP_CTX_set_status_info_cond +#define TS_RESP_CTX_set_status_info_cond TS_RESP_CTX_set_stat_info_cond +#undef TS_RESP_CTX_set_clock_precision_digits +#define TS_RESP_CTX_set_clock_precision_digits TS_RESP_CTX_set_clk_prec_digits +#undef TS_CONF_set_clock_precision_digits +#define TS_CONF_set_clock_precision_digits TS_CONF_set_clk_prec_digits + /* Hack some long CMS names */ #undef CMS_RecipientInfo_ktri_get0_algs #define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs @@ -365,24 +395,34 @@ #undef cms_SignerIdentifier_get0_signer_id #define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id +/* Hack some long DTLS1 names */ +#undef dtls1_retransmit_buffered_messages +#define dtls1_retransmit_buffered_messages dtls1_retransmit_buffered_msgs + +/* Hack some long UI names */ +#undef UI_method_get_prompt_constructor +#define UI_method_get_prompt_constructor UI_method_get_prompt_constructr +#undef UI_method_set_prompt_constructor +#define UI_method_set_prompt_constructor UI_method_set_prompt_constructr + #endif /* defined OPENSSL_SYS_VMS */ -/* Case insensiteve linking causes problems.... */ -#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) +/* Case insensitive linking causes problems.... */ +#if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) #undef ERR_load_CRYPTO_strings #define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings #undef OCSP_crlID_new -#define OCSP_crlID_new OCSP_crlID2_new +#define OCSP_crlID_new OCSP_crlID2_new #undef d2i_ECPARAMETERS -#define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS +#define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS #undef i2d_ECPARAMETERS -#define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS +#define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS #undef d2i_ECPKPARAMETERS -#define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS +#define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS #undef i2d_ECPKPARAMETERS -#define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS +#define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS /* These functions do not seem to exist! However, I'm paranoid... Original command in x509v3.h: @@ -391,19 +431,19 @@ hide them a little, by giving them an extra 'o' at the beginning of the name... */ #undef X509v3_cleanup_extensions -#define X509v3_cleanup_extensions oX509v3_cleanup_extensions +#define X509v3_cleanup_extensions oX509v3_cleanup_extensions #undef X509v3_add_extension -#define X509v3_add_extension oX509v3_add_extension +#define X509v3_add_extension oX509v3_add_extension #undef X509v3_add_netscape_extensions -#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions +#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions #undef X509v3_add_standard_extensions -#define X509v3_add_standard_extensions oX509v3_add_standard_extensions +#define X509v3_add_standard_extensions oX509v3_add_standard_extensions +/* This one clashes with CMS_data_create */ +#undef cms_Data_create +#define cms_Data_create priv_cms_Data_create #endif #endif /* ! defined HEADER_VMS_IDHACKS_H */ -/* This one clashes with CMS_data_create */ -#undef cms_Data_create -#define cms_Data_create priv_cms_Data_create diff --git a/src/lib/libcrypto/threads/mttest.c b/src/lib/libcrypto/threads/mttest.c index f6f3df4b6a..eba7aa8a6e 100644 --- a/src/lib/libcrypto/threads/mttest.c +++ b/src/lib/libcrypto/threads/mttest.c @@ -117,11 +117,13 @@ void solaris_locking_callback(int mode,int type,char *file,int line); void win32_locking_callback(int mode,int type,char *file,int line); void pthreads_locking_callback(int mode,int type,char *file,int line); void netware_locking_callback(int mode,int type,char *file,int line); +void beos_locking_callback(int mode,int type,const char *file,int line); unsigned long irix_thread_id(void ); unsigned long solaris_thread_id(void ); unsigned long pthreads_thread_id(void ); unsigned long netware_thread_id(void ); +unsigned long beos_thread_id(void ); #if defined(OPENSSL_SYS_NETWARE) static MPKMutex *lock_cs; @@ -1209,3 +1211,100 @@ unsigned long netware_thread_id(void) return(ret); } #endif /* NETWARE */ + +#ifdef BEOS_THREADS + +#include + +static BLocker** lock_cs; +static long* lock_count; + +void thread_setup(void) + { + int i; + + lock_cs=(BLocker**)OPENSSL_malloc(CRYPTO_num_locks() * sizeof(BLocker*)); + lock_count=(long*)OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); + for (i=0; iLock(); + lock_count[type]++; + } + else + { + lock_cs[type]->Unlock(); + } + } + +void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx) + { + SSL_CTX *ssl_ctx[2]; + thread_id thread_ctx[MAX_THREAD_NUMBER]; + int i; + + ssl_ctx[0]=s_ctx; + ssl_ctx[1]=c_ctx; + + for (i=0; ireferences,c_ctx->references); + } + +unsigned long beos_thread_id(void) + { + unsigned long ret; + + ret=(unsigned long)find_thread(NULL); + return(ret); + } + +#endif /* BEOS_THREADS */ diff --git a/src/lib/libcrypto/threads/pthreads-vms.com b/src/lib/libcrypto/threads/pthreads-vms.com index 63f5b8cc2e..1cf92bdf57 100644 --- a/src/lib/libcrypto/threads/pthreads-vms.com +++ b/src/lib/libcrypto/threads/pthreads-vms.com @@ -2,8 +2,13 @@ $! To compile mttest on VMS. $! $! WARNING: only tested with DEC C so far. $ -$ arch := vax -$ if f$getsyi("CPU") .ge. 128 then arch := axp +$ if (f$getsyi("cpu").lt.128) +$ then +$ arch := VAX +$ else +$ arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") +$ if (arch .eqs. "") then arch = "UNK" +$ endif $ define/user openssl [--.include.openssl] $ cc/def=PTHREADS mttest.c $ link mttest,[--.'arch'.exe.ssl]libssl/lib,[--.'arch'.exe.crypto]libcrypto/lib diff --git a/src/lib/libcrypto/tmdiff.c b/src/lib/libcrypto/tmdiff.c deleted file mode 100644 index 1c6e052ac9..0000000000 --- a/src/lib/libcrypto/tmdiff.c +++ /dev/null @@ -1,260 +0,0 @@ -/* crypto/tmdiff.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include "cryptlib.h" -#include -#if !defined(OPENSSL_SYS_MSDOS) -#include OPENSSL_UNISTD -#endif - -#ifdef TIMEB -#undef OPENSSL_SYS_WIN32 -#undef TIMES -#endif - -#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) && !(defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX_RHAPSODY) && !defined(OPENSSL_SYS_VXWORKS) -# define TIMES -#endif - -#ifdef OPENSSL_SYS_NETWARE -#undef TIMES -#endif - -#if !defined(_IRIX) || defined (OPENSSL_SYS_NETWARE) -# include -#endif -#ifdef TIMES -# include -# include -#endif - -/* Depending on the VMS version, the tms structure is perhaps defined. - The __TMS macro will show if it was. If it wasn't defined, we should - undefine TIMES, since that tells the rest of the program how things - should be handled. -- Richard Levitte */ -#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) -#undef TIMES -#endif - -#if defined(sun) || defined(__ultrix) -#define _POSIX_SOURCE -#include -#include -#endif - -#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE) -#include -#endif - -#ifdef OPENSSL_SYS_WIN32 -#include -#endif - -/* The following if from times(3) man page. It may need to be changed */ -#ifndef HZ -# if defined(_SC_CLK_TCK) \ - && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000) -/* # define HZ ((double)sysconf(_SC_CLK_TCK)) */ -# define HZ sysconf(_SC_CLK_TCK) -# else -# ifndef CLK_TCK -# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ -# define HZ 100.0 -# else /* _BSD_CLK_TCK_ */ -# define HZ ((double)_BSD_CLK_TCK_) -# endif -# else /* CLK_TCK */ -# define HZ ((double)CLK_TCK) -# endif -# endif -#endif - -struct ms_tm - { -#ifdef TIMES - struct tms ms_tms; -#else -# ifdef OPENSSL_SYS_WIN32 - HANDLE thread_id; - FILETIME ms_win32; -# elif defined (OPENSSL_SYS_NETWARE) - clock_t ms_clock; -# else -# ifdef OPENSSL_SYS_VXWORKS - unsigned long ticks; -# else - struct timeb ms_timeb; -# endif -# endif -#endif - }; - -MS_TM *ms_time_new(void) - { - MS_TM *ret; - - ret=(MS_TM *)OPENSSL_malloc(sizeof(MS_TM)); - if (ret == NULL) - return(NULL); - memset(ret,0,sizeof(MS_TM)); -#ifdef OPENSSL_SYS_WIN32 - ret->thread_id=GetCurrentThread(); -#endif - return ret; - } - -void ms_time_free(MS_TM *a) - { - if (a != NULL) - OPENSSL_free(a); - } - -void ms_time_get(MS_TM *tm) - { -#ifdef OPENSSL_SYS_WIN32 - FILETIME tmpa,tmpb,tmpc; -#endif - -#ifdef TIMES - times(&tm->ms_tms); -#else -# ifdef OPENSSL_SYS_WIN32 - GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); -# elif defined (OPENSSL_SYS_NETWARE) - tm->ms_clock = clock(); -# else -# ifdef OPENSSL_SYS_VXWORKS - tm->ticks = tickGet(); -# else - ftime(&tm->ms_timeb); -# endif -# endif -#endif - } - -double ms_time_diff(MS_TM *a, MS_TM *b) - { - double ret; - -#ifdef TIMES - ret = HZ; - ret = (b->ms_tms.tms_utime-a->ms_tms.tms_utime) / ret; -#else -# ifdef OPENSSL_SYS_WIN32 - { -#ifdef __GNUC__ - signed long long la,lb; -#else - signed _int64 la,lb; -#endif - la=a->ms_win32.dwHighDateTime; - lb=b->ms_win32.dwHighDateTime; - la<<=32; - lb<<=32; - la+=a->ms_win32.dwLowDateTime; - lb+=b->ms_win32.dwLowDateTime; - ret=((double)(lb-la))/1e7; - } -# elif defined (OPENSSL_SYS_NETWARE) - ret= (double)(b->ms_clock - a->ms_clock); -# else -# ifdef OPENSSL_SYS_VXWORKS - ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet(); -# else - ret= (double)(b->ms_timeb.time-a->ms_timeb.time)+ - (((double)b->ms_timeb.millitm)- - ((double)a->ms_timeb.millitm))/1000.0; -# endif -# endif -#endif - return((ret < 0.0000001)?0.0000001:ret); - } - -int ms_time_cmp(const MS_TM *a, const MS_TM *b) - { - double d; - int ret; - -#ifdef TIMES - d = HZ; - d = (b->ms_tms.tms_utime-a->ms_tms.tms_utime) / d; -#else -# ifdef OPENSSL_SYS_WIN32 - d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; - d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; -# elif defined (OPENSSL_SYS_NETWARE) - d= (double)(b->ms_clock - a->ms_clock); -# else -# ifdef OPENSSL_SYS_VXWORKS - d = (b->ticks - a->ticks); -# else - d= (double)(b->ms_timeb.time-a->ms_timeb.time)+ - (((double)b->ms_timeb.millitm)-(double)a->ms_timeb.millitm)/1000.0; -# endif -# endif -#endif - if (d == 0.0) - ret=0; - else if (d < 0) - ret= -1; - else - ret=1; - return(ret); - } - diff --git a/src/lib/libcrypto/tmdiff.h b/src/lib/libcrypto/tmdiff.h deleted file mode 100644 index af5c41c649..0000000000 --- a/src/lib/libcrypto/tmdiff.h +++ /dev/null @@ -1,93 +0,0 @@ -/* crypto/tmdiff.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Header for dynamic hash table routines - * Author - Eric Young - */ -/* ... erm yeah, "dynamic hash tables" you say? - * - * And what would dynamic hash tables have to do with any of this code *now*? - * AFAICS, this code is only referenced by crypto/bn/exp.c which is an unused - * file that I doubt compiles any more. speed.c is the only thing that could - * use this (and it has nothing to do with hash tables), yet it instead has its - * own duplication of all this stuff and looks, if anything, more complete. See - * the corresponding note in apps/speed.c. - * The Bemused - Geoff - */ - -#ifndef HEADER_TMDIFF_H -#define HEADER_TMDIFF_H - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct ms_tm MS_TM; - -MS_TM *ms_time_new(void ); -void ms_time_free(MS_TM *a); -void ms_time_get(MS_TM *a); -double ms_time_diff(MS_TM *start, MS_TM *end); -int ms_time_cmp(const MS_TM *ap, const MS_TM *bp); - -#ifdef __cplusplus -} -#endif - -#endif - diff --git a/src/lib/libcrypto/ts/ts_rsp_verify.c b/src/lib/libcrypto/ts/ts_rsp_verify.c index e1f3b534af..ed0252d7d7 100644 --- a/src/lib/libcrypto/ts/ts_rsp_verify.c +++ b/src/lib/libcrypto/ts/ts_rsp_verify.c @@ -509,15 +509,17 @@ static int TS_check_status_info(TS_RESP *response) TS_failure_info[i].code)) { if (!first) - strcpy(failure_text, ","); + strlcat(failure_text, ",", + TS_STATUS_BUF_SIZE); else first = 0; - strcat(failure_text, TS_failure_info[i].text); + strlcat(failure_text, TS_failure_info[i].text, + TS_STATUS_BUF_SIZE); } } } if (failure_text[0] == '\0') - strcpy(failure_text, "unspecified"); + strlcpy(failure_text, "unspecified", TS_STATUS_BUF_SIZE); /* Making up the error string. */ TSerr(TS_F_TS_CHECK_STATUS_INFO, TS_R_NO_TIME_STAMP_TOKEN); diff --git a/src/lib/libcrypto/txt_db/Makefile.ssl b/src/lib/libcrypto/txt_db/Makefile.ssl deleted file mode 100644 index 6221dfae4d..0000000000 --- a/src/lib/libcrypto/txt_db/Makefile.ssl +++ /dev/null @@ -1,88 +0,0 @@ -# -# SSLeay/crypto/txt_db/Makefile -# - -DIR= txt_db -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=txt_db.c -LIBOBJ=txt_db.o - -SRC= $(LIBSRC) - -EXHEADER= txt_db.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -txt_db.o: ../../e_os.h ../../include/openssl/bio.h -txt_db.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -txt_db.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -txt_db.o: ../../include/openssl/txt_db.h ../cryptlib.h txt_db.c diff --git a/src/lib/libcrypto/txt_db/txt_db.c b/src/lib/libcrypto/txt_db/txt_db.c index 3ed5f72ee9..6f2ce3b5a4 100644 --- a/src/lib/libcrypto/txt_db/txt_db.c +++ b/src/lib/libcrypto/txt_db/txt_db.c @@ -77,22 +77,23 @@ TXT_DB *TXT_DB_read(BIO *in, int num) int i,add,n; int size=BUFSIZE; int offset=0; - char *p,**pp,*f; + char *p,*f; + OPENSSL_STRING *pp; BUF_MEM *buf=NULL; if ((buf=BUF_MEM_new()) == NULL) goto err; if (!BUF_MEM_grow(buf,size)) goto err; - if ((ret=(TXT_DB *)OPENSSL_malloc(sizeof(TXT_DB))) == NULL) + if ((ret=OPENSSL_malloc(sizeof(TXT_DB))) == NULL) goto err; ret->num_fields=num; ret->index=NULL; ret->qual=NULL; - if ((ret->data=sk_new_null()) == NULL) + if ((ret->data=sk_OPENSSL_PSTRING_new_null()) == NULL) goto err; - if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL) + if ((ret->index=OPENSSL_malloc(sizeof(*ret->index)*num)) == NULL) goto err; - if ((ret->qual=(int (**)(char **))OPENSSL_malloc(sizeof(int (**)(char **))*num)) == NULL) + if ((ret->qual=OPENSSL_malloc(sizeof(*(ret->qual))*num)) == NULL) goto err; for (i=0; idata[offset-1]='\0'; /* blat the '\n' */ - if (!(p=(char *)OPENSSL_malloc(add+offset))) goto err; + if (!(p=OPENSSL_malloc(add+offset))) goto err; offset=0; } pp=(char **)p; @@ -155,16 +156,16 @@ TXT_DB *TXT_DB_read(BIO *in, int num) *(p++)='\0'; if ((n != num) || (*f != '\0')) { -#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporaty fix :-( */ +#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporary fix :-( */ fprintf(stderr,"wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",ln,num,n,f); #endif er=2; goto err; } pp[n]=p; - if (!sk_push(ret->data,(char *)pp)) + if (!sk_OPENSSL_PSTRING_push(ret->data,pp)) { -#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporaty fix :-( */ +#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporary fix :-( */ fprintf(stderr,"failure in sk_push\n"); #endif er=2; @@ -181,7 +182,7 @@ err: #endif if (ret != NULL) { - if (ret->data != NULL) sk_free(ret->data); + if (ret->data != NULL) sk_OPENSSL_PSTRING_free(ret->data); if (ret->index != NULL) OPENSSL_free(ret->index); if (ret->qual != NULL) OPENSSL_free(ret->qual); if (ret != NULL) OPENSSL_free(ret); @@ -192,10 +193,10 @@ err: return(ret); } -char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value) +OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value) { - char **ret; - LHASH *lh; + OPENSSL_STRING *ret; + LHASH_OF(OPENSSL_STRING) *lh; if (idx >= db->num_fields) { @@ -208,16 +209,16 @@ char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value) db->error=DB_ERROR_NO_INDEX; return(NULL); } - ret=(char **)lh_retrieve(lh,value); + ret=lh_OPENSSL_STRING_retrieve(lh,value); db->error=DB_ERROR_OK; return(ret); } -int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(char **), - LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp) +int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(OPENSSL_STRING *), + LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp) { - LHASH *idx; - char **r; + LHASH_OF(OPENSSL_STRING) *idx; + OPENSSL_STRING *r; int i,n; if (field >= db->num_fields) @@ -225,26 +226,27 @@ int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(char **), db->error=DB_ERROR_INDEX_OUT_OF_RANGE; return(0); } - if ((idx=lh_new(hash,cmp)) == NULL) + /* FIXME: we lose type checking at this point */ + if ((idx=(LHASH_OF(OPENSSL_STRING) *)lh_new(hash,cmp)) == NULL) { db->error=DB_ERROR_MALLOC; return(0); } - n=sk_num(db->data); + n=sk_OPENSSL_PSTRING_num(db->data); for (i=0; idata,i); + r=sk_OPENSSL_PSTRING_value(db->data,i); if ((qual != NULL) && (qual(r) == 0)) continue; - if ((r=lh_insert(idx,r)) != NULL) + if ((r=lh_OPENSSL_STRING_insert(idx,r)) != NULL) { db->error=DB_ERROR_INDEX_CLASH; - db->arg1=sk_find(db->data,(char *)r); + db->arg1=sk_OPENSSL_PSTRING_find(db->data,r); db->arg2=i; - lh_free(idx); + lh_OPENSSL_STRING_free(idx); return(0); } } - if (db->index[field] != NULL) lh_free(db->index[field]); + if (db->index[field] != NULL) lh_OPENSSL_STRING_free(db->index[field]); db->index[field]=idx; db->qual[field]=qual; return(1); @@ -259,11 +261,11 @@ long TXT_DB_write(BIO *out, TXT_DB *db) if ((buf=BUF_MEM_new()) == NULL) goto err; - n=sk_num(db->data); + n=sk_OPENSSL_PSTRING_num(db->data); nn=db->num_fields; for (i=0; idata,i); + pp=sk_OPENSSL_PSTRING_value(db->data,i); l=0; for (j=0; jnum_fields; i++) { @@ -309,7 +311,7 @@ int TXT_DB_insert(TXT_DB *db, char **row) { if ((db->qual[i] != NULL) && (db->qual[i](row) == 0)) continue; - r=(char **)lh_retrieve(db->index[i],row); + r=lh_OPENSSL_STRING_retrieve(db->index[i],row); if (r != NULL) { db->error=DB_ERROR_INDEX_CLASH; @@ -320,7 +322,7 @@ int TXT_DB_insert(TXT_DB *db, char **row) } } /* We have passed the index checks, now just append and insert */ - if (!sk_push(db->data,(char *)row)) + if (!sk_OPENSSL_PSTRING_push(db->data,row)) { db->error=DB_ERROR_MALLOC; goto err; @@ -332,7 +334,7 @@ int TXT_DB_insert(TXT_DB *db, char **row) { if ((db->qual[i] != NULL) && (db->qual[i](row) == 0)) continue; - lh_insert(db->index[i],row); + (void)lh_OPENSSL_STRING_insert(db->index[i],row); } } return(1); @@ -351,18 +353,18 @@ void TXT_DB_free(TXT_DB *db) if (db->index != NULL) { for (i=db->num_fields-1; i>=0; i--) - if (db->index[i] != NULL) lh_free(db->index[i]); + if (db->index[i] != NULL) lh_OPENSSL_STRING_free(db->index[i]); OPENSSL_free(db->index); } if (db->qual != NULL) OPENSSL_free(db->qual); if (db->data != NULL) { - for (i=sk_num(db->data)-1; i>=0; i--) + for (i=sk_OPENSSL_PSTRING_num(db->data)-1; i>=0; i--) { /* check if any 'fields' have been allocated * from outside of the initial block */ - p=(char **)sk_value(db->data,i); + p=sk_OPENSSL_PSTRING_value(db->data,i); max=p[db->num_fields]; /* last address */ if (max == NULL) /* new row */ { @@ -378,9 +380,9 @@ void TXT_DB_free(TXT_DB *db) OPENSSL_free(p[n]); } } - OPENSSL_free(sk_value(db->data,i)); + OPENSSL_free(sk_OPENSSL_PSTRING_value(db->data,i)); } - sk_free(db->data); + sk_OPENSSL_PSTRING_free(db->data); } OPENSSL_free(db); } diff --git a/src/lib/libcrypto/txt_db/txt_db.h b/src/lib/libcrypto/txt_db/txt_db.h index 307e1ba23f..6abe435bc8 100644 --- a/src/lib/libcrypto/txt_db/txt_db.h +++ b/src/lib/libcrypto/txt_db/txt_db.h @@ -77,16 +77,19 @@ extern "C" { #endif +typedef OPENSSL_STRING *OPENSSL_PSTRING; +DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING) + typedef struct txt_db_st { int num_fields; - STACK /* char ** */ *data; - LHASH **index; - int (**qual)(char **); + STACK_OF(OPENSSL_PSTRING) *data; + LHASH_OF(OPENSSL_STRING) **index; + int (**qual)(OPENSSL_STRING *); long error; long arg1; long arg2; - char **arg_row; + OPENSSL_STRING *arg_row; } TXT_DB; #ifndef OPENSSL_NO_BIO @@ -96,11 +99,11 @@ long TXT_DB_write(BIO *out, TXT_DB *db); TXT_DB *TXT_DB_read(char *in, int num); long TXT_DB_write(char *out, TXT_DB *db); #endif -int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(char **), - LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp); +int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(OPENSSL_STRING *), + LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp); void TXT_DB_free(TXT_DB *db); -char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value); -int TXT_DB_insert(TXT_DB *db,char **value); +OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value); +int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value); #ifdef __cplusplus } diff --git a/src/lib/libcrypto/ui/Makefile.ssl b/src/lib/libcrypto/ui/Makefile.ssl deleted file mode 100644 index ba46951d1c..0000000000 --- a/src/lib/libcrypto/ui/Makefile.ssl +++ /dev/null @@ -1,117 +0,0 @@ -# -# OpenSSL/crypto/ui/Makefile -# - -DIR= ui -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -#TEST= uitest.c -TEST= -APPS= - -COMPATSRC= ui_compat.c -COMPATOBJ= ui_compat.o - -LIB=$(TOP)/libcrypto.a -LIBSRC= ui_err.c ui_lib.c ui_openssl.c ui_util.c $(COMPATSRC) -LIBOBJ= ui_err.o ui_lib.o ui_openssl.o ui_util.o $(COMPATOBJ) - -SRC= $(LIBSRC) - -EXHEADER= ui.h ui_compat.h -HEADER= $(EXHEADER) ui_locl.h - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -ui_compat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ui_compat.o: ../../include/openssl/opensslconf.h -ui_compat.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ui_compat.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ui_compat.o: ui_compat.c -ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ui_err.o: ../../include/openssl/ui.h ui_err.c -ui_lib.o: ../../e_os.h ../../include/openssl/bio.h -ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ui_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ui_lib.o: ../../include/openssl/ui.h ../cryptlib.h ui_lib.c ui_locl.h -ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h -ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ui_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ui_openssl.o: ../../include/openssl/opensslv.h -ui_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ui_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ui_openssl.o: ../cryptlib.h ui_locl.h ui_openssl.c -ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ui_util.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ui_util.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ui_util.o: ui_util.c diff --git a/src/lib/libcrypto/ui/ui.h b/src/lib/libcrypto/ui/ui.h index 018296412b..2b1cfa2289 100644 --- a/src/lib/libcrypto/ui/ui.h +++ b/src/lib/libcrypto/ui/ui.h @@ -287,8 +287,8 @@ UI_METHOD *UI_OpenSSL(void); /* The UI_STRING type is the data structure that contains all the needed info about a string or a prompt, including test data for a verification prompt. */ -DECLARE_STACK_OF(UI_STRING) typedef struct ui_string_st UI_STRING; +DECLARE_STACK_OF(UI_STRING) /* The different types of strings that are currently supported. This is only needed by method authors. */ @@ -310,11 +310,13 @@ int UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis int UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui)); int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis)); int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui)); +int UI_method_set_prompt_constructor(UI_METHOD *method, char *(*prompt_constructor)(UI* ui, const char* object_desc, const char* object_name)); int (*UI_method_get_opener(UI_METHOD *method))(UI*); int (*UI_method_get_writer(UI_METHOD *method))(UI*,UI_STRING*); int (*UI_method_get_flusher(UI_METHOD *method))(UI*); int (*UI_method_get_reader(UI_METHOD *method))(UI*,UI_STRING*); int (*UI_method_get_closer(UI_METHOD *method))(UI*); +char* (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*); /* The following functions are helpers for method writers to access relevant data from a UI_STRING. */ diff --git a/src/lib/libcrypto/ui/ui_err.c b/src/lib/libcrypto/ui/ui_err.c index 786bd0dbc3..a6b96299a0 100644 --- a/src/lib/libcrypto/ui/ui_err.c +++ b/src/lib/libcrypto/ui/ui_err.c @@ -1,6 +1,6 @@ /* crypto/ui/ui_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/src/lib/libcrypto/ui/ui_lib.c b/src/lib/libcrypto/ui/ui_lib.c index ac0100808f..a8abc27064 100644 --- a/src/lib/libcrypto/ui/ui_lib.c +++ b/src/lib/libcrypto/ui/ui_lib.c @@ -693,6 +693,17 @@ int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui)) return -1; } +int UI_method_set_prompt_constructor(UI_METHOD *method, char *(*prompt_constructor)(UI* ui, const char* object_desc, const char* object_name)) + { + if (method) + { + method->ui_construct_prompt = prompt_constructor; + return 0; + } + else + return -1; + } + int (*UI_method_get_opener(UI_METHOD *method))(UI*) { if (method) @@ -733,6 +744,14 @@ int (*UI_method_get_closer(UI_METHOD *method))(UI*) return NULL; } +char* (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*) + { + if (method) + return method->ui_construct_prompt; + else + return NULL; + } + enum UI_string_types UI_get_string_type(UI_STRING *uis) { if (!uis) diff --git a/src/lib/libcrypto/ui/ui_openssl.c b/src/lib/libcrypto/ui/ui_openssl.c index 5fbedf6ff8..1e3dba0833 100644 --- a/src/lib/libcrypto/ui/ui_openssl.c +++ b/src/lib/libcrypto/ui/ui_openssl.c @@ -122,7 +122,9 @@ * sigaction and fileno included. -pedantic would be more appropriate for * the intended purposes, but we can't prevent users from adding -ansi. */ -#define _POSIX_C_SOURCE 1 +#ifndef _POSIX_C_SOURCE +#define _POSIX_C_SOURCE 2 +#endif #include #include #include @@ -297,7 +299,7 @@ static int is_a_tty; /* Declare static functions */ #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) -static void read_till_nl(FILE *); +static int read_till_nl(FILE *); static void recsig(int); static void pushsig(void); static void popsig(void); @@ -390,7 +392,7 @@ static int read_string(UI *ui, UI_STRING *uis) #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) /* Internal functions to read a string without echoing */ -static void read_till_nl(FILE *in) +static int read_till_nl(FILE *in) { #define SIZE 4 char buf[SIZE+1]; @@ -399,6 +401,7 @@ static void read_till_nl(FILE *in) if (fgets(buf,sizeof(buf),in) == NULL) break; } while (strchr(buf,'\n') == NULL); + return 1; } static volatile sig_atomic_t intr_signal; @@ -446,7 +449,8 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl) *p='\0'; } else - read_till_nl(tty_in); + if (!read_till_nl(tty_in)) + goto error; if (UI_set_result(ui, uis, result) >= 0) ok=1; @@ -474,7 +478,7 @@ static int open_console(UI *ui) CRYPTO_w_lock(CRYPTO_LOCK_UI); is_a_tty = 1; -#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) +#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS) tty_in=stdin; tty_out=stderr; #else diff --git a/src/lib/libcrypto/util/arx.pl b/src/lib/libcrypto/util/arx.pl deleted file mode 100644 index ce62625c33..0000000000 --- a/src/lib/libcrypto/util/arx.pl +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/perl - -# Simple perl script to wrap round "ar" program and exclude any -# object files in the environment variable EXCL_OBJ - -map { s/^.*\/([^\/]*)$/$1/ ; $EXCL{$_} = 1} split(' ', $ENV{EXCL_OBJ}); - -#my @ks = keys %EXCL; -#print STDERR "Excluding: @ks \n"; - -my @ARGS = grep { !exists $EXCL{$_} } @ARGV; - -system @ARGS; - -exit $? >> 8; diff --git a/src/lib/libcrypto/util/checkhash.pl b/src/lib/libcrypto/util/checkhash.pl deleted file mode 100644 index c61fa72178..0000000000 --- a/src/lib/libcrypto/util/checkhash.pl +++ /dev/null @@ -1,222 +0,0 @@ -#!/usr/bin/env perl -w - -my $package = caller; - -if (!(defined $package)) - { - my $retval = check_hashes(@ARGV); - exit $retval; - } - -1; - -sub check_hashes - { - - my @args = @_; - - my $change_dir = ""; - my $check_program = "sha/fips_standalone_sha1"; - - my $verbose = 0; - my $badfiles = 0; - my $rebuild = 0; - my $force_rewrite = 0; - my $hash_file = "fipshashes.c"; - my $recurse = 0; - - my @fingerprint_files; - - while (@args) - { - my $arg = $args[0]; - if ($arg eq "-chdir") - { - shift @args; - $change_dir = shift @args; - } - elsif ($arg eq "-rebuild") - { - shift @args; - $rebuild = 1; - } - elsif ($arg eq "-verbose") - { - shift @args; - $verbose = 1; - } - elsif ($arg eq "-force-rewrite") - { - shift @args; - $force_rewrite = 1; - } - elsif ($arg eq "-hash_file") - { - shift @args; - $hash_file = shift @args; - } - elsif ($arg eq "-recurse") - { - shift @args; - $recurse = 1; - } - elsif ($arg eq "-program_path") - { - shift @args; - $check_program = shift @args; - } - else - { - print STDERR "Unknown Option $arg"; - return 1; - } - - } - - chdir $change_dir if $change_dir ne ""; - - if ($recurse) - { - @fingerprint_files = ("fingerprint.sha1", - <*/fingerprint.sha1>); - } - else - { - push @fingerprint_files, $hash_file; - } - - foreach $fp (@fingerprint_files) - { - if (!open(IN, "$fp")) - { - print STDERR "Can't open file $fp"; - return 1; - } - print STDERR "Opening Fingerprint file $fp\n" if $verbose; - my $dir = $fp; - $dir =~ s/[^\/]*$//; - while () - { - chomp; - if (!(($file, $hash) = /^\"HMAC-SHA1\((.*)\)\s*=\s*(\w*)\",$/)) - { - /^\"/ || next; - print STDERR "FATAL: Invalid syntax in file $fp\n"; - print STDERR "Line:\n$_\n"; - fatal_error(); - return 1; - } - if (!$rebuild && length($hash) != 40) - { - print STDERR "FATAL: Invalid hash length in $fp for file $file\n"; - fatal_error(); - return 1; - } - push @hashed_files, "$dir$file"; - if (exists $hashes{"$dir$file"}) - { - print STDERR "FATAL: Duplicate Hash file $dir$file\n"; - fatal_error(); - return 1; - } - if (! -r "$dir$file") - { - print STDERR "FATAL: Can't access $dir$file\n"; - fatal_error(); - return 1; - } - $hashes{"$dir$file"} = $hash; - } - close IN; - } - - @checked_hashes = `$check_program @hashed_files`; - - if ($? != 0) - { - print STDERR "Error running hash program $check_program\n"; - fatal_error(); - return 1; - } - - if (@checked_hashes != @hashed_files) - { - print STDERR "FATAL: hash count incorrect\n"; - fatal_error(); - return 1; - } - - foreach (@checked_hashes) - { - chomp; - if (!(($file, $hash) = /^HMAC-SHA1\((.*)\)\s*=\s*(\w*)$/)) - { - print STDERR "FATAL: Invalid syntax in file $fp\n"; - print STDERR "Line:\n$_\n"; - fatal_error(); - return 1; - } - if (length($hash) != 40) - { - print STDERR "FATAL: Invalid hash length for file $file\n"; - fatal_error(); - return 1; - } - if ($hash ne $hashes{$file}) - { - if ($rebuild) - { - print STDERR "Updating hash on file $file\n"; - $hashes{$file} = $hash; - } - else - { - print STDERR "Hash check failed for file $file\n"; - } - $badfiles++; - } - elsif ($verbose) - { print "Hash Check OK for $file\n";} - } - - - if ($badfiles && !$rebuild) - { - print STDERR "FATAL: hash mismatch on $badfiles files\n"; - fatal_error(); - return 1; - } - - if ($badfiles || $force_rewrite) - { - print "Updating Hash file $hash_file\n"; - if (!open(OUT, ">$hash_file")) - { - print STDERR "Error rewriting $hash_file"; - return 1; - } - print OUT "const char * const FIPS_source_hashes[] = {\n"; - foreach (@hashed_files) - { - print OUT "\"HMAC-SHA1($_)= $hashes{$_}\",\n"; - } - print OUT "};\n"; - close OUT; - } - - if (!$badfiles) - { - print "FIPS hash check successful\n"; - } - - return 0; - - } - - -sub fatal_error - { - print STDERR "*** Your source code does not match the FIPS validated source ***\n"; - } - - diff --git a/src/lib/libcrypto/util/ck_errf.pl b/src/lib/libcrypto/util/ck_errf.pl index 344b422c34..f13af5c50b 100644 --- a/src/lib/libcrypto/util/ck_errf.pl +++ b/src/lib/libcrypto/util/ck_errf.pl @@ -7,8 +7,16 @@ # perl util/ck_errf.pl */*.c */*/*.c # +my $err_strict = 0; +my $bad = 0; + foreach $file (@ARGV) { + if ($file eq "-strict") + { + $err_strict = 1; + next; + } open(IN,"<$file") || die "unable to open $file\n"; $func=""; while () @@ -20,13 +28,13 @@ foreach $file (@ARGV) $func = $1; $func =~ tr/A-Z/a-z/; } - if (/([A-Z0-9]+)err\(([^,]+)/) + if (/([A-Z0-9]+)err\(([^,]+)/ && ! /ckerr_ignore/) { $errlib=$1; $n=$2; if ($func eq "") - { print "$file:$.:???:$n\n"; next; } + { print "$file:$.:???:$n\n"; $bad = 1; next; } if ($n !~ /([^_]+)_F_(.+)$/) { @@ -37,14 +45,20 @@ foreach $file (@ARGV) $n=$2; if ($lib ne $errlib) - { print "$file:$.:$func:$n [${errlib}err]\n"; next; } + { print "$file:$.:$func:$n [${errlib}err]\n"; $bad = 1; next; } $n =~ tr/A-Z/a-z/; if (($n ne $func) && ($errlib ne "SYS")) - { print "$file:$.:$func:$n\n"; next; } + { print "$file:$.:$func:$n\n"; $bad = 1; next; } # print "$func:$1\n"; } } close(IN); } +if ($bad && $err_strict) + { + print STDERR "FATAL: error discrepancy\n"; + exit 1; + } + diff --git a/src/lib/libcrypto/util/clean-depend.pl b/src/lib/libcrypto/util/clean-depend.pl index 2b2bdb4048..d3525b0ed0 100644 --- a/src/lib/libcrypto/util/clean-depend.pl +++ b/src/lib/libcrypto/util/clean-depend.pl @@ -42,6 +42,7 @@ foreach $file (sort keys %files) { my @deps = map { $_ =~ s/^\.\///; $_ } @{$files{$file}}; foreach $dep (sort @deps) { + $dep=~s/^\.\///; next if $prevdep eq $dep; # to exterminate duplicates... $prevdep = $dep; $len=0 if $len+length($dep)+1 >= 80; diff --git a/src/lib/libcrypto/util/copy.pl b/src/lib/libcrypto/util/copy.pl index e20b45530a..eba6d5815e 100644 --- a/src/lib/libcrypto/util/copy.pl +++ b/src/lib/libcrypto/util/copy.pl @@ -8,9 +8,16 @@ use Fcntl; # Perl script 'copy' comment. On Windows the built in "copy" command also # copies timestamps: this messes up Makefile dependencies. +my $stripcr = 0; + my $arg; foreach $arg (@ARGV) { + if ($arg eq "-stripcr") + { + $stripcr = 1; + next; + } $arg =~ s|\\|/|g; # compensate for bug/feature in cygwin glob... foreach (glob $arg) { @@ -49,6 +56,10 @@ foreach (@filelist) || die "Can't Open $dfile"; while (sysread IN, $buf, 10240) { + if ($stripcr) + { + $buf =~ tr/\015//d; + } syswrite(OUT, $buf, length($buf)); } close(IN); diff --git a/src/lib/libcrypto/util/cygwin.sh b/src/lib/libcrypto/util/cygwin.sh index 89d1dda95b..a4f2e740b4 100644 --- a/src/lib/libcrypto/util/cygwin.sh +++ b/src/lib/libcrypto/util/cygwin.sh @@ -7,7 +7,7 @@ # Uncomment when debugging #set -x -CONFIG_OPTIONS="--prefix=/usr shared no-idea no-rc5 no-mdc2" +CONFIG_OPTIONS="--prefix=/usr shared zlib no-idea no-rc5" INSTALL_PREFIX=/tmp/install VERSION= @@ -66,7 +66,7 @@ function create_cygwin_readme() ./config ${CONFIG_OPTIONS} - The IDEA, RC5 and MDC2 algorithms are disabled due to patent and/or + The IDEA and RC5 algorithms are disabled due to patent and/or licensing issues. EOF } diff --git a/src/lib/libcrypto/util/domd b/src/lib/libcrypto/util/domd index 560ebeaf82..bab48cb7a2 100644 --- a/src/lib/libcrypto/util/domd +++ b/src/lib/libcrypto/util/domd @@ -14,7 +14,7 @@ if [ "$MAKEDEPEND" = "" ]; then MAKEDEPEND=makedepend; fi cp Makefile Makefile.save # fake the presence of Kerberos touch $TOP/krb5.h -if [ "$MAKEDEPEND" = "gcc" ]; then +if expr "$MAKEDEPEND" : '.*gcc$' > /dev/null; then args="" while [ $# -gt 0 ]; do if [ "$1" != "--" ]; then args="$args $1"; fi @@ -22,13 +22,17 @@ if [ "$MAKEDEPEND" = "gcc" ]; then done sed -e '/^# DO NOT DELETE.*/,$d' < Makefile > Makefile.tmp echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp - ${CC:-gcc} -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp + ${MAKEDEPEND} -Werror -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp || exit 1 ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new + RC=$? rm -f Makefile.tmp else - ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND $@ + ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND $@ && \ ${PERL} $TOP/util/clean-depend.pl < Makefile > Makefile.new + RC=$? fi mv Makefile.new Makefile # unfake the presence of Kerberos rm $TOP/krb5.h + +exit $RC diff --git a/src/lib/libcrypto/util/fipslink.pl b/src/lib/libcrypto/util/fipslink.pl deleted file mode 100644 index 3597bc1740..0000000000 --- a/src/lib/libcrypto/util/fipslink.pl +++ /dev/null @@ -1,78 +0,0 @@ -#!/usr/bin/perl - -sub check_env - { - my @ret; - foreach (@_) - { - die "Environment variable $_ not defined!\n" unless exists $ENV{$_}; - push @ret, $ENV{$_}; - } - return @ret; - } - - -my ($fips_cc,$fips_cc_args, $fips_link,$fips_target, $fips_libdir, $sha1_exe) - = check_env("FIPS_CC", "FIPS_CC_ARGS", "FIPS_LINK", "FIPS_TARGET", - "FIPSLIB_D", "FIPS_SHA1_EXE"); - - - -if (exists $ENV{"PREMAIN_DSO_EXE"}) - { - $fips_premain_dso = $ENV{"PREMAIN_DSO_EXE"}; - } - else - { - $fips_premain_dso = ""; - } - -check_hash($sha1_exe, "fips_premain.c"); -check_hash($sha1_exe, "fipscanister.lib"); - - -print "Integrity check OK\n"; - -print "$fips_cc $fips_cc_args $fips_libdir/fips_premain.c\n"; -system "$fips_cc $fips_cc_args $fips_libdir/fips_premain.c"; -die "First stage Compile failure" if $? != 0; - -print "$fips_link @ARGV\n"; -system "$fips_link @ARGV"; -die "First stage Link failure" if $? != 0; - - -print "$fips_premain_dso $fips_target\n"; -$fips_hash=`$fips_premain_dso $fips_target`; -chomp $fips_hash; -die "Get hash failure" if $? != 0; - - -print "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c\n"; -system "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c"; -die "Second stage Compile failure" if $? != 0; - - -print "$fips_link @ARGV\n"; -system "$fips_link @ARGV"; -die "Second stage Link failure" if $? != 0; - -sub check_hash - { - my ($sha1_exe, $filename) = @_; - my ($hashfile, $hashval); - - open(IN, "${fips_libdir}/${filename}.sha1") || die "Cannot open file hash file ${fips_libdir}/${filename}.sha1"; - $hashfile = ; - close IN; - $hashval = `$sha1_exe ${fips_libdir}/$filename`; - chomp $hashfile; - chomp $hashval; - $hashfile =~ s/^.*=\s+//; - $hashval =~ s/^.*=\s+//; - die "Invalid hash syntax in file" if (length($hashfile) != 40); - die "Invalid hash received for file" if (length($hashval) != 40); - die "***HASH VALUE MISMATCH FOR FILE $filename ***" if ($hashval ne $hashfile); - } - - diff --git a/src/lib/libcrypto/util/libeay.num b/src/lib/libcrypto/util/libeay.num index 0bad595233..c68047e955 100644 --- a/src/lib/libcrypto/util/libeay.num +++ b/src/lib/libcrypto/util/libeay.num @@ -1,9 +1,9 @@ SSLeay 1 EXIST::FUNCTION: SSLeay_version 2 EXIST::FUNCTION: -ASN1_BIT_STRING_asn1_meth 3 EXIST::FUNCTION: -ASN1_HEADER_free 4 EXIST::FUNCTION: -ASN1_HEADER_new 5 EXIST::FUNCTION: -ASN1_IA5STRING_asn1_meth 6 EXIST::FUNCTION: +ASN1_BIT_STRING_asn1_meth 3 NOEXIST::FUNCTION: +ASN1_HEADER_free 4 NOEXIST::FUNCTION: +ASN1_HEADER_new 5 NOEXIST::FUNCTION: +ASN1_IA5STRING_asn1_meth 6 NOEXIST::FUNCTION: ASN1_INTEGER_get 7 EXIST::FUNCTION: ASN1_INTEGER_set 8 EXIST::FUNCTION: ASN1_INTEGER_to_BN 9 EXIST::FUNCTION: @@ -75,8 +75,8 @@ BIO_new 78 EXIST::FUNCTION: BIO_new_accept 79 EXIST::FUNCTION: BIO_new_connect 80 EXIST::FUNCTION: BIO_new_fd 81 EXIST::FUNCTION: -BIO_new_file 82 EXIST:!WIN16:FUNCTION:FP_API -BIO_new_fp 83 EXIST:!WIN16:FUNCTION:FP_API +BIO_new_file 82 EXIST::FUNCTION:FP_API +BIO_new_fp 83 EXIST::FUNCTION:FP_API BIO_new_socket 84 EXIST::FUNCTION: BIO_pop 85 EXIST::FUNCTION: BIO_printf 86 EXIST::FUNCTION: @@ -86,7 +86,7 @@ BIO_read 89 EXIST::FUNCTION: BIO_s_accept 90 EXIST::FUNCTION: BIO_s_connect 91 EXIST::FUNCTION: BIO_s_fd 92 EXIST::FUNCTION: -BIO_s_file 93 EXIST:!WIN16:FUNCTION:FP_API +BIO_s_file 93 EXIST::FUNCTION:FP_API BIO_s_mem 95 EXIST::FUNCTION: BIO_s_null 96 EXIST::FUNCTION: BIO_s_proxy_client 97 NOEXIST::FUNCTION: @@ -172,7 +172,7 @@ CRYPTO_dbg_realloc 179 EXIST::FUNCTION: CRYPTO_dbg_remalloc 180 NOEXIST::FUNCTION: CRYPTO_free 181 EXIST::FUNCTION: CRYPTO_get_add_lock_callback 182 EXIST::FUNCTION: -CRYPTO_get_id_callback 183 EXIST::FUNCTION: +CRYPTO_get_id_callback 183 EXIST::FUNCTION:DEPRECATED CRYPTO_get_lock_name 184 EXIST::FUNCTION: CRYPTO_get_locking_callback 185 EXIST::FUNCTION: CRYPTO_get_mem_functions 186 EXIST::FUNCTION: @@ -185,10 +185,10 @@ CRYPTO_mem_leaks_fp 192 EXIST::FUNCTION:FP_API CRYPTO_realloc 193 EXIST::FUNCTION: CRYPTO_remalloc 194 EXIST::FUNCTION: CRYPTO_set_add_lock_callback 195 EXIST::FUNCTION: -CRYPTO_set_id_callback 196 EXIST::FUNCTION: +CRYPTO_set_id_callback 196 EXIST::FUNCTION:DEPRECATED CRYPTO_set_locking_callback 197 EXIST::FUNCTION: CRYPTO_set_mem_functions 198 EXIST::FUNCTION: -CRYPTO_thread_id 199 EXIST::FUNCTION: +CRYPTO_thread_id 199 EXIST::FUNCTION:DEPRECATED DH_check 200 EXIST::FUNCTION:DH DH_compute_key 201 EXIST::FUNCTION:DH DH_free 202 EXIST::FUNCTION:DH @@ -243,7 +243,7 @@ ERR_print_errors 250 EXIST::FUNCTION:BIO ERR_print_errors_fp 251 EXIST::FUNCTION:FP_API ERR_put_error 252 EXIST::FUNCTION: ERR_reason_error_string 253 EXIST::FUNCTION: -ERR_remove_state 254 EXIST::FUNCTION: +ERR_remove_state 254 EXIST::FUNCTION:DEPRECATED EVP_BytesToKey 255 EXIST::FUNCTION: EVP_CIPHER_CTX_cleanup 256 EXIST::FUNCTION: EVP_CipherFinal 257 EXIST::FUNCTION: @@ -343,7 +343,7 @@ NETSCAPE_SPKI_new 350 EXIST::FUNCTION: NETSCAPE_SPKI_sign 351 EXIST::FUNCTION:EVP NETSCAPE_SPKI_verify 352 EXIST::FUNCTION:EVP OBJ_add_object 353 EXIST::FUNCTION: -OBJ_bsearch 354 EXIST::FUNCTION: +OBJ_bsearch 354 NOEXIST::FUNCTION: OBJ_cleanup 355 EXIST::FUNCTION: OBJ_cmp 356 EXIST::FUNCTION: OBJ_create 357 EXIST::FUNCTION: @@ -356,9 +356,9 @@ OBJ_nid2sn 363 EXIST::FUNCTION: OBJ_obj2nid 364 EXIST::FUNCTION: OBJ_sn2nid 365 EXIST::FUNCTION: OBJ_txt2nid 366 EXIST::FUNCTION: -PEM_ASN1_read 367 EXIST:!WIN16:FUNCTION: +PEM_ASN1_read 367 EXIST::FUNCTION: PEM_ASN1_read_bio 368 EXIST::FUNCTION:BIO -PEM_ASN1_write 369 EXIST:!WIN16:FUNCTION: +PEM_ASN1_write 369 EXIST::FUNCTION: PEM_ASN1_write_bio 370 EXIST::FUNCTION:BIO PEM_SealFinal 371 EXIST::FUNCTION:RSA PEM_SealInit 372 EXIST::FUNCTION:RSA @@ -366,14 +366,14 @@ PEM_SealUpdate 373 EXIST::FUNCTION:RSA PEM_SignFinal 374 EXIST::FUNCTION: PEM_SignInit 375 EXIST::FUNCTION: PEM_SignUpdate 376 EXIST::FUNCTION: -PEM_X509_INFO_read 377 EXIST:!WIN16:FUNCTION: +PEM_X509_INFO_read 377 EXIST::FUNCTION: PEM_X509_INFO_read_bio 378 EXIST::FUNCTION:BIO PEM_X509_INFO_write_bio 379 EXIST::FUNCTION:BIO PEM_dek_info 380 EXIST::FUNCTION: PEM_do_header 381 EXIST::FUNCTION: PEM_get_EVP_CIPHER_INFO 382 EXIST::FUNCTION: PEM_proc_type 383 EXIST::FUNCTION: -PEM_read 384 EXIST:!WIN16:FUNCTION: +PEM_read 384 EXIST::FUNCTION: PEM_read_DHparams 385 EXIST:!WIN16:FUNCTION:DH PEM_read_DSAPrivateKey 386 EXIST:!WIN16:FUNCTION:DSA PEM_read_DSAparams 387 EXIST:!WIN16:FUNCTION:DSA @@ -393,7 +393,7 @@ PEM_read_bio_RSAPrivateKey 400 EXIST::FUNCTION:RSA PEM_read_bio_X509 401 EXIST::FUNCTION: PEM_read_bio_X509_CRL 402 EXIST::FUNCTION: PEM_read_bio_X509_REQ 403 EXIST::FUNCTION: -PEM_write 404 EXIST:!WIN16:FUNCTION: +PEM_write 404 EXIST::FUNCTION: PEM_write_DHparams 405 EXIST:!WIN16:FUNCTION:DH PEM_write_DSAPrivateKey 406 EXIST:!WIN16:FUNCTION:DSA PEM_write_DSAparams 407 EXIST:!WIN16:FUNCTION:DSA @@ -469,7 +469,7 @@ RC2_set_key 476 EXIST::FUNCTION:RC2 RC4 477 EXIST::FUNCTION:RC4 RC4_options 478 EXIST::FUNCTION:RC4 RC4_set_key 479 EXIST::FUNCTION:RC4 -RSAPrivateKey_asn1_meth 480 EXIST::FUNCTION:RSA +RSAPrivateKey_asn1_meth 480 NOEXIST::FUNCTION: RSAPrivateKey_dup 481 EXIST::FUNCTION:RSA RSAPublicKey_dup 482 EXIST::FUNCTION:RSA RSA_PKCS1_SSLeay 483 EXIST::FUNCTION:RSA @@ -624,7 +624,7 @@ X509_STORE_set_default_paths 630 EXIST::FUNCTION:STDIO X509_VAL_free 631 EXIST::FUNCTION: X509_VAL_new 632 EXIST::FUNCTION: X509_add_ext 633 EXIST::FUNCTION: -X509_asn1_meth 634 EXIST::FUNCTION: +X509_asn1_meth 634 NOEXIST::FUNCTION: X509_certificate_type 635 EXIST::FUNCTION: X509_check_private_key 636 EXIST::FUNCTION: X509_cmp_current_time 637 EXIST::FUNCTION: @@ -704,7 +704,7 @@ bn_sqr_words 710 EXIST::FUNCTION: _ossl_old_crypt 711 EXIST:!NeXT,!PERL5:FUNCTION:DES d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION: d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION: -d2i_ASN1_HEADER 714 EXIST::FUNCTION: +d2i_ASN1_HEADER 714 NOEXIST::FUNCTION: d2i_ASN1_IA5STRING 715 EXIST::FUNCTION: d2i_ASN1_INTEGER 716 EXIST::FUNCTION: d2i_ASN1_OBJECT 717 EXIST::FUNCTION: @@ -809,7 +809,7 @@ i2a_ASN1_OBJECT 816 EXIST::FUNCTION:BIO i2a_ASN1_STRING 817 EXIST::FUNCTION:BIO i2d_ASN1_BIT_STRING 818 EXIST::FUNCTION: i2d_ASN1_BOOLEAN 819 EXIST::FUNCTION: -i2d_ASN1_HEADER 820 EXIST::FUNCTION: +i2d_ASN1_HEADER 820 NOEXIST::FUNCTION: i2d_ASN1_IA5STRING 821 EXIST::FUNCTION: i2d_ASN1_INTEGER 822 EXIST::FUNCTION: i2d_ASN1_OBJECT 823 EXIST::FUNCTION: @@ -950,9 +950,9 @@ ERR_get_next_error_library 966 EXIST::FUNCTION: EVP_PKEY_cmp_parameters 967 EXIST::FUNCTION: HMAC_cleanup 968 NOEXIST::FUNCTION: BIO_ptr_ctrl 969 EXIST::FUNCTION: -BIO_new_file_internal 970 EXIST:WIN16:FUNCTION:FP_API -BIO_new_fp_internal 971 EXIST:WIN16:FUNCTION:FP_API -BIO_s_file_internal 972 EXIST:WIN16:FUNCTION:FP_API +BIO_new_file_internal 970 NOEXIST::FUNCTION: +BIO_new_fp_internal 971 NOEXIST::FUNCTION: +BIO_s_file_internal 972 NOEXIST::FUNCTION: BN_BLINDING_convert 973 EXIST::FUNCTION: BN_BLINDING_invert 974 EXIST::FUNCTION: BN_BLINDING_update 975 EXIST::FUNCTION: @@ -984,8 +984,8 @@ BIO_ghbn_ctrl 1003 NOEXIST::FUNCTION: CRYPTO_free_ex_data 1004 EXIST::FUNCTION: CRYPTO_get_ex_data 1005 EXIST::FUNCTION: CRYPTO_set_ex_data 1007 EXIST::FUNCTION: -ERR_load_CRYPTO_strings 1009 EXIST:!OS2,!VMS,!WIN16:FUNCTION: -ERR_load_CRYPTOlib_strings 1009 EXIST:OS2,VMS,WIN16:FUNCTION: +ERR_load_CRYPTO_strings 1009 EXIST:!OS2,!VMS:FUNCTION: +ERR_load_CRYPTOlib_strings 1009 EXIST:OS2,VMS:FUNCTION: EVP_PKEY_bits 1010 EXIST::FUNCTION: MD5_Transform 1011 EXIST::FUNCTION:MD5 SHA1_Transform 1012 EXIST::FUNCTION:SHA,SHA1 @@ -1117,11 +1117,11 @@ COMP_compress_block 1144 EXIST::FUNCTION: COMP_expand_block 1145 EXIST::FUNCTION: COMP_rle 1146 EXIST::FUNCTION: COMP_zlib 1147 EXIST::FUNCTION: -ms_time_diff 1148 EXIST::FUNCTION: -ms_time_new 1149 EXIST::FUNCTION: -ms_time_free 1150 EXIST::FUNCTION: -ms_time_cmp 1151 EXIST::FUNCTION: -ms_time_get 1152 EXIST::FUNCTION: +ms_time_diff 1148 NOEXIST::FUNCTION: +ms_time_new 1149 NOEXIST::FUNCTION: +ms_time_free 1150 NOEXIST::FUNCTION: +ms_time_cmp 1151 NOEXIST::FUNCTION: +ms_time_get 1152 NOEXIST::FUNCTION: PKCS7_set_attributes 1153 EXIST::FUNCTION: PKCS7_set_signed_attributes 1154 EXIST::FUNCTION: X509_ATTRIBUTE_create 1155 EXIST::FUNCTION: @@ -1255,8 +1255,8 @@ PKCS12_gen_mac 1278 EXIST::FUNCTION: PKCS12_verify_mac 1279 EXIST::FUNCTION: PKCS12_set_mac 1280 EXIST::FUNCTION: PKCS12_setup_mac 1281 EXIST::FUNCTION: -asc2uni 1282 EXIST::FUNCTION: -uni2asc 1283 EXIST::FUNCTION: +OPENSSL_asc2uni 1282 EXIST::FUNCTION: +OPENSSL_uni2asc 1283 EXIST::FUNCTION: i2d_PKCS12_BAGS 1284 EXIST::FUNCTION: PKCS12_BAGS_new 1285 EXIST::FUNCTION: d2i_PKCS12_BAGS 1286 EXIST::FUNCTION: @@ -2081,7 +2081,7 @@ NETSCAPE_SPKAC_it 2641 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA NETSCAPE_SPKAC_it 2641 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: X509_REVOKED_it 2642 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: X509_REVOKED_it 2642 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ASN1_STRING_encode 2643 EXIST::FUNCTION: +ASN1_STRING_encode 2643 NOEXIST::FUNCTION: EVP_aes_128_ecb 2644 EXIST::FUNCTION:AES KRB5_AUTHENT_free 2645 EXIST::FUNCTION: OCSP_BASICRESP_get_ext_by_critical 2646 EXIST:!VMS:FUNCTION: @@ -2732,8 +2732,8 @@ EC_POINT_point2oct 3178 EXIST::FUNCTION:EC KRB5_APREQ_free 3179 EXIST::FUNCTION: ASN1_OBJECT_it 3180 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: ASN1_OBJECT_it 3180 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -OCSP_crlID_new 3181 EXIST:!OS2,!VMS,!WIN16:FUNCTION: -OCSP_crlID2_new 3181 EXIST:OS2,VMS,WIN16:FUNCTION: +OCSP_crlID_new 3181 EXIST:!OS2,!VMS:FUNCTION: +OCSP_crlID2_new 3181 EXIST:OS2,VMS:FUNCTION: CONF_modules_load_file 3182 EXIST::FUNCTION: CONF_imodule_set_usr_data 3183 EXIST::FUNCTION: ENGINE_set_default_string 3184 EXIST::FUNCTION:ENGINE @@ -2804,57 +2804,57 @@ OPENSSL_cleanse 3245 EXIST::FUNCTION: ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES -FIPS_corrupt_rsa 3249 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_selftest_des 3250 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: +FIPS_selftest_des 3250 NOEXIST::FUNCTION: EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES -FIPS_mode_set 3253 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_selftest_dsa 3254 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_mode_set 3253 NOEXIST::FUNCTION: +FIPS_selftest_dsa 3254 NOEXIST::FUNCTION: EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES FIPS_allow_md5 3256 NOEXIST::FUNCTION: DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES FIPS_rand_seeded 3259 NOEXIST::FUNCTION: -AES_cfbr_encrypt_block 3260 EXIST::FUNCTION:AES +AES_cfbr_encrypt_block 3260 NOEXIST::FUNCTION: AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES -FIPS_rand_seed 3262 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_corrupt_des 3263 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_rand_seed 3262 NOEXIST::FUNCTION: +FIPS_corrupt_des 3263 NOEXIST::FUNCTION: EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES -FIPS_selftest_aes 3265 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_selftest_aes 3265 NOEXIST::FUNCTION: FIPS_set_prng_key 3266 NOEXIST::FUNCTION: EVP_des_cfb8 3267 EXIST::FUNCTION:DES -FIPS_corrupt_dsa 3268 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_corrupt_dsa 3268 NOEXIST::FUNCTION: FIPS_test_mode 3269 NOEXIST::FUNCTION: -FIPS_rand_method 3270 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_rand_method 3270 NOEXIST::FUNCTION: EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES -ERR_load_FIPS_strings 3272 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_corrupt_aes 3273 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_selftest_sha1 3274 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_selftest_rsa 3275 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_corrupt_sha1 3276 EXIST:OPENSSL_FIPS:FUNCTION: +ERR_load_FIPS_strings 3272 NOEXIST::FUNCTION: +FIPS_corrupt_aes 3273 NOEXIST::FUNCTION: +FIPS_selftest_sha1 3274 NOEXIST::FUNCTION: +FIPS_selftest_rsa 3275 NOEXIST::FUNCTION: +FIPS_corrupt_sha1 3276 NOEXIST::FUNCTION: EVP_des_cfb1 3277 EXIST::FUNCTION:DES FIPS_dsa_check 3278 NOEXIST::FUNCTION: AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES -FIPS_rand_check 3281 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_rand_check 3281 NOEXIST::FUNCTION: FIPS_md5_allowed 3282 NOEXIST::FUNCTION: -FIPS_mode 3283 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_selftest_failed 3284 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_mode 3283 NOEXIST::FUNCTION: +FIPS_selftest_failed 3284 NOEXIST::FUNCTION: sk_is_sorted 3285 EXIST::FUNCTION: X509_check_ca 3286 EXIST::FUNCTION: -private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA +private_idea_set_encrypt_key 3287 NOEXIST::FUNCTION: HMAC_CTX_set_flags 3288 EXIST::FUNCTION:HMAC -private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0 -private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST -private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD -private_RC5_32_set_key 3292 EXIST:OPENSSL_FIPS:FUNCTION:RC5 -private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5 -private_RC4_set_key 3294 EXIST:OPENSSL_FIPS:FUNCTION:RC4 -private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2 -private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2 -private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4 -private_BF_set_key 3298 EXIST:OPENSSL_FIPS:FUNCTION:BF -private_MD2_Init 3299 EXIST:OPENSSL_FIPS:FUNCTION:MD2 +private_SHA_Init 3289 NOEXIST::FUNCTION: +private_CAST_set_key 3290 NOEXIST::FUNCTION: +private_RIPEMD160_Init 3291 NOEXIST::FUNCTION: +private_RC5_32_set_key 3292 NOEXIST::FUNCTION: +private_MD5_Init 3293 NOEXIST::FUNCTION: +private_RC4_set_key 3294 NOEXIST::FUNCTION: +private_MDC2_Init 3295 NOEXIST::FUNCTION: +private_RC2_set_key 3296 NOEXIST::FUNCTION: +private_MD4_Init 3297 NOEXIST::FUNCTION: +private_BF_set_key 3298 NOEXIST::FUNCTION: +private_MD2_Init 3299 NOEXIST::FUNCTION: d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION: PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: @@ -2868,13 +2868,13 @@ PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI PROXY_POLICY_free 3308 EXIST::FUNCTION: PROXY_POLICY_new 3309 EXIST::FUNCTION: BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION: -FIPS_selftest_rng 3311 EXIST:OPENSSL_FIPS:FUNCTION: -EVP_sha384 3312 EXIST::FUNCTION:SHA,SHA512 -EVP_sha512 3313 EXIST::FUNCTION:SHA,SHA512 +FIPS_selftest_rng 3311 NOEXIST::FUNCTION: +EVP_sha384 3312 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 +EVP_sha512 3313 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 EVP_sha224 3314 EXIST::FUNCTION:SHA,SHA256 EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256 -FIPS_selftest_hmac 3316 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_corrupt_rng 3317 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_selftest_hmac 3316 NOEXIST::FUNCTION: +FIPS_corrupt_rng 3317 NOEXIST::FUNCTION: BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION: RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA @@ -2882,7 +2882,7 @@ RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA PKCS1_MGF1 3324 EXIST::FUNCTION:RSA -BN_X931_generate_Xpq 3325 EXIST::FUNCTION: +BN_X931_generate_Xpq 3325 NOEXIST::FUNCTION: RSA_X931_generate_key 3326 NOEXIST::FUNCTION: BN_X931_derive_prime 3327 NOEXIST::FUNCTION: BN_X931_generate_prime 3328 NOEXIST::FUNCTION: @@ -2893,43 +2893,43 @@ ERR_set_mark 3332 EXIST::FUNCTION: X509_STORE_CTX_set0_crls 3333 EXIST::FUNCTION: ENGINE_set_STORE 3334 EXIST::FUNCTION:ENGINE ENGINE_register_ECDSA 3335 EXIST::FUNCTION:ENGINE -STORE_method_set_list_start_function 3336 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_start_fn 3336 EXIST:VMS:FUNCTION: +STORE_meth_set_list_start_fn 3336 NOEXIST::FUNCTION: +STORE_method_set_list_start_function 3336 NOEXIST::FUNCTION: BN_BLINDING_invert_ex 3337 EXIST::FUNCTION: NAME_CONSTRAINTS_free 3338 EXIST::FUNCTION: -STORE_ATTR_INFO_set_number 3339 EXIST::FUNCTION: -BN_BLINDING_get_thread_id 3340 EXIST::FUNCTION: +STORE_ATTR_INFO_set_number 3339 NOEXIST::FUNCTION: +BN_BLINDING_get_thread_id 3340 EXIST::FUNCTION:DEPRECATED X509_STORE_CTX_set0_param 3341 EXIST::FUNCTION: POLICY_MAPPING_it 3342 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: POLICY_MAPPING_it 3342 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_parse_attrs_start 3343 EXIST::FUNCTION: +STORE_parse_attrs_start 3343 NOEXIST::FUNCTION: POLICY_CONSTRAINTS_free 3344 EXIST::FUNCTION: EVP_PKEY_add1_attr_by_NID 3345 EXIST::FUNCTION: BN_nist_mod_192 3346 EXIST::FUNCTION: EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC -STORE_set_method 3348 EXIST::FUNCTION: +STORE_set_method 3348 NOEXIST::FUNCTION: GENERAL_SUBTREE_free 3349 EXIST::FUNCTION: NAME_CONSTRAINTS_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: NAME_CONSTRAINTS_it 3350 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: ECDH_get_default_method 3351 EXIST::FUNCTION:ECDH PKCS12_add_safe 3352 EXIST::FUNCTION: EC_KEY_new_by_curve_name 3353 EXIST::FUNCTION:EC -STORE_method_get_update_store_function 3354 EXIST:!VMS:FUNCTION: -STORE_meth_get_update_store_fn 3354 EXIST:VMS:FUNCTION: +STORE_meth_get_update_store_fn 3354 NOEXIST::FUNCTION: +STORE_method_get_update_store_function 3354 NOEXIST::FUNCTION: ENGINE_register_ECDH 3355 EXIST::FUNCTION:ENGINE -SHA512_Update 3356 EXIST::FUNCTION:SHA,SHA512 +SHA512_Update 3356 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 i2d_ECPrivateKey 3357 EXIST::FUNCTION:EC BN_get0_nist_prime_192 3358 EXIST::FUNCTION: -STORE_modify_certificate 3359 EXIST::FUNCTION: +STORE_modify_certificate 3359 NOEXIST::FUNCTION: EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION: -STORE_ATTR_INFO_modify_number 3362 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_number 3362 NOEXIST::FUNCTION: X509_keyid_get0 3363 EXIST::FUNCTION: ENGINE_load_gmp 3364 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE pitem_new 3365 EXIST::FUNCTION: BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION: -STORE_list_public_key_endp 3367 EXIST::FUNCTION: +STORE_list_public_key_endp 3367 NOEXIST::FUNCTION: o2i_ECPublicKey 3368 EXIST::FUNCTION:EC EC_KEY_copy 3369 EXIST::FUNCTION:EC BIO_dump_fp 3370 EXIST::FUNCTION:FP_API @@ -2938,25 +2938,25 @@ EC_GROUP_check_discriminant 3372 EXIST::FUNCTION:EC i2o_ECPublicKey 3373 EXIST::FUNCTION:EC EC_KEY_precompute_mult 3374 EXIST::FUNCTION:EC a2i_IPADDRESS 3375 EXIST::FUNCTION: -STORE_method_set_initialise_function 3376 EXIST:!VMS:FUNCTION: -STORE_meth_set_initialise_fn 3376 EXIST:VMS:FUNCTION: +STORE_meth_set_initialise_fn 3376 NOEXIST::FUNCTION: +STORE_method_set_initialise_function 3376 NOEXIST::FUNCTION: X509_STORE_CTX_set_depth 3377 EXIST::FUNCTION: X509_VERIFY_PARAM_inherit 3378 EXIST::FUNCTION: EC_POINT_point2bn 3379 EXIST::FUNCTION:EC -STORE_ATTR_INFO_set_dn 3380 EXIST::FUNCTION: +STORE_ATTR_INFO_set_dn 3380 NOEXIST::FUNCTION: X509_policy_tree_get0_policies 3381 EXIST::FUNCTION: EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC -STORE_destroy_method 3383 EXIST::FUNCTION: +STORE_destroy_method 3383 NOEXIST::FUNCTION: ENGINE_unregister_STORE 3384 EXIST::FUNCTION:ENGINE EVP_PKEY_get1_EC_KEY 3385 EXIST::FUNCTION:EC -STORE_ATTR_INFO_get0_number 3386 EXIST::FUNCTION: +STORE_ATTR_INFO_get0_number 3386 NOEXIST::FUNCTION: ENGINE_get_default_ECDH 3387 EXIST::FUNCTION:ENGINE EC_KEY_get_conv_form 3388 EXIST::FUNCTION:EC ASN1_OCTET_STRING_NDEF_it 3389 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: ASN1_OCTET_STRING_NDEF_it 3389 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_delete_public_key 3390 EXIST::FUNCTION: -STORE_get_public_key 3391 EXIST::FUNCTION: -STORE_modify_arbitrary 3392 EXIST::FUNCTION: +STORE_delete_public_key 3390 NOEXIST::FUNCTION: +STORE_get_public_key 3391 NOEXIST::FUNCTION: +STORE_modify_arbitrary 3392 NOEXIST::FUNCTION: ENGINE_get_static_state 3393 EXIST::FUNCTION:ENGINE pqueue_iterator 3394 EXIST::FUNCTION: ECDSA_SIG_new 3395 EXIST::FUNCTION:ECDSA @@ -2965,14 +2965,14 @@ BN_GF2m_mod_sqr 3397 EXIST::FUNCTION: EC_POINT_bn2point 3398 EXIST::FUNCTION:EC X509_VERIFY_PARAM_set_depth 3399 EXIST::FUNCTION: EC_KEY_set_asn1_flag 3400 EXIST::FUNCTION:EC -STORE_get_method 3401 EXIST::FUNCTION: +STORE_get_method 3401 NOEXIST::FUNCTION: EC_KEY_get_key_method_data 3402 EXIST::FUNCTION:EC ECDSA_sign_ex 3403 EXIST::FUNCTION:ECDSA -STORE_parse_attrs_end 3404 EXIST::FUNCTION: +STORE_parse_attrs_end 3404 NOEXIST::FUNCTION: EC_GROUP_get_point_conversion_form 3405 EXIST:!VMS:FUNCTION:EC EC_GROUP_get_point_conv_form 3405 EXIST:VMS:FUNCTION:EC -STORE_method_set_store_function 3406 EXIST::FUNCTION: -STORE_ATTR_INFO_in 3407 EXIST::FUNCTION: +STORE_method_set_store_function 3406 NOEXIST::FUNCTION: +STORE_ATTR_INFO_in 3407 NOEXIST::FUNCTION: PEM_read_bio_ECPKParameters 3408 EXIST::FUNCTION:EC EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC EVP_PKEY_add1_attr_by_txt 3410 EXIST::FUNCTION: @@ -2980,7 +2980,7 @@ BN_BLINDING_set_flags 3411 EXIST::FUNCTION: X509_VERIFY_PARAM_set1_policies 3412 EXIST::FUNCTION: X509_VERIFY_PARAM_set1_name 3413 EXIST::FUNCTION: X509_VERIFY_PARAM_set_purpose 3414 EXIST::FUNCTION: -STORE_get_number 3415 EXIST::FUNCTION: +STORE_get_number 3415 NOEXIST::FUNCTION: ECDSA_sign_setup 3416 EXIST::FUNCTION:ECDSA BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION: EC_KEY_up_ref 3418 EXIST::FUNCTION:EC @@ -2988,14 +2988,14 @@ POLICY_MAPPING_free 3419 EXIST::FUNCTION: BN_GF2m_mod_div 3420 EXIST::FUNCTION: X509_VERIFY_PARAM_set_flags 3421 EXIST::FUNCTION: EC_KEY_free 3422 EXIST::FUNCTION:EC -STORE_method_set_list_next_function 3423 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_next_fn 3423 EXIST:VMS:FUNCTION: +STORE_meth_set_list_next_fn 3423 NOEXIST::FUNCTION: +STORE_method_set_list_next_function 3423 NOEXIST::FUNCTION: PEM_write_bio_ECPrivateKey 3424 EXIST::FUNCTION:EC d2i_EC_PUBKEY 3425 EXIST::FUNCTION:EC -STORE_method_get_generate_function 3426 EXIST:!VMS:FUNCTION: -STORE_meth_get_generate_fn 3426 EXIST:VMS:FUNCTION: -STORE_method_set_list_end_function 3427 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_end_fn 3427 EXIST:VMS:FUNCTION: +STORE_meth_get_generate_fn 3426 NOEXIST::FUNCTION: +STORE_method_get_generate_function 3426 NOEXIST::FUNCTION: +STORE_meth_set_list_end_fn 3427 NOEXIST::FUNCTION: +STORE_method_set_list_end_function 3427 NOEXIST::FUNCTION: pqueue_print 3428 EXIST::FUNCTION: EC_GROUP_have_precompute_mult 3429 EXIST::FUNCTION:EC EC_KEY_print_fp 3430 EXIST::FUNCTION:EC,FP_API @@ -3003,8 +3003,8 @@ BN_GF2m_mod_arr 3431 EXIST::FUNCTION: PEM_write_bio_X509_CERT_PAIR 3432 EXIST::FUNCTION: EVP_PKEY_cmp 3433 EXIST::FUNCTION: X509_policy_level_node_count 3434 EXIST::FUNCTION: -STORE_new_engine 3435 EXIST::FUNCTION: -STORE_list_public_key_start 3436 EXIST::FUNCTION: +STORE_new_engine 3435 NOEXIST::FUNCTION: +STORE_list_public_key_start 3436 NOEXIST::FUNCTION: X509_VERIFY_PARAM_new 3437 EXIST::FUNCTION: ECDH_get_ex_data 3438 EXIST::FUNCTION:ECDH EVP_PKEY_get_attr 3439 EXIST::FUNCTION: @@ -3014,11 +3014,11 @@ ECDH_OpenSSL 3442 EXIST::FUNCTION:ECDH EC_KEY_set_conv_form 3443 EXIST::FUNCTION:EC EC_POINT_dup 3444 EXIST::FUNCTION:EC GENERAL_SUBTREE_new 3445 EXIST::FUNCTION: -STORE_list_crl_endp 3446 EXIST::FUNCTION: +STORE_list_crl_endp 3446 NOEXIST::FUNCTION: EC_get_builtin_curves 3447 EXIST::FUNCTION:EC X509_policy_node_get0_qualifiers 3448 EXIST:!VMS:FUNCTION: X509_pcy_node_get0_qualifiers 3448 EXIST:VMS:FUNCTION: -STORE_list_crl_end 3449 EXIST::FUNCTION: +STORE_list_crl_end 3449 NOEXIST::FUNCTION: EVP_PKEY_set1_EC_KEY 3450 EXIST::FUNCTION:EC BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION: i2d_ECPrivateKey_bio 3452 EXIST::FUNCTION:BIO,EC @@ -3026,60 +3026,60 @@ ECPKParameters_print_fp 3453 EXIST::FUNCTION:EC,FP_API pqueue_find 3454 EXIST::FUNCTION: ECDSA_SIG_free 3455 EXIST::FUNCTION:ECDSA PEM_write_bio_ECPKParameters 3456 EXIST::FUNCTION:EC -STORE_method_set_ctrl_function 3457 EXIST::FUNCTION: -STORE_list_public_key_end 3458 EXIST::FUNCTION: +STORE_method_set_ctrl_function 3457 NOEXIST::FUNCTION: +STORE_list_public_key_end 3458 NOEXIST::FUNCTION: EC_KEY_set_private_key 3459 EXIST::FUNCTION:EC pqueue_peek 3460 EXIST::FUNCTION: -STORE_get_arbitrary 3461 EXIST::FUNCTION: -STORE_store_crl 3462 EXIST::FUNCTION: +STORE_get_arbitrary 3461 NOEXIST::FUNCTION: +STORE_store_crl 3462 NOEXIST::FUNCTION: X509_policy_node_get0_policy 3463 EXIST::FUNCTION: PKCS12_add_safes 3464 EXIST::FUNCTION: BN_BLINDING_convert_ex 3465 EXIST::FUNCTION: X509_policy_tree_free 3466 EXIST::FUNCTION: OPENSSL_ia32cap_loc 3467 EXIST::FUNCTION: BN_GF2m_poly2arr 3468 EXIST::FUNCTION: -STORE_ctrl 3469 EXIST::FUNCTION: -STORE_ATTR_INFO_compare 3470 EXIST::FUNCTION: +STORE_ctrl 3469 NOEXIST::FUNCTION: +STORE_ATTR_INFO_compare 3470 NOEXIST::FUNCTION: BN_get0_nist_prime_224 3471 EXIST::FUNCTION: i2d_ECParameters 3472 EXIST::FUNCTION:EC i2d_ECPKParameters 3473 EXIST::FUNCTION:EC BN_GENCB_call 3474 EXIST::FUNCTION: d2i_ECPKParameters 3475 EXIST::FUNCTION:EC -STORE_method_set_generate_function 3476 EXIST:!VMS:FUNCTION: -STORE_meth_set_generate_fn 3476 EXIST:VMS:FUNCTION: +STORE_meth_set_generate_fn 3476 NOEXIST::FUNCTION: +STORE_method_set_generate_function 3476 NOEXIST::FUNCTION: ENGINE_set_ECDH 3477 EXIST::FUNCTION:ENGINE NAME_CONSTRAINTS_new 3478 EXIST::FUNCTION: SHA256_Init 3479 EXIST::FUNCTION:SHA,SHA256 EC_KEY_get0_public_key 3480 EXIST::FUNCTION:EC PEM_write_bio_EC_PUBKEY 3481 EXIST::FUNCTION:EC -STORE_ATTR_INFO_set_cstr 3482 EXIST::FUNCTION: -STORE_list_crl_next 3483 EXIST::FUNCTION: -STORE_ATTR_INFO_in_range 3484 EXIST::FUNCTION: +STORE_ATTR_INFO_set_cstr 3482 NOEXIST::FUNCTION: +STORE_list_crl_next 3483 NOEXIST::FUNCTION: +STORE_ATTR_INFO_in_range 3484 NOEXIST::FUNCTION: ECParameters_print 3485 EXIST::FUNCTION:BIO,EC -STORE_method_set_delete_function 3486 EXIST:!VMS:FUNCTION: -STORE_meth_set_delete_fn 3486 EXIST:VMS:FUNCTION: -STORE_list_certificate_next 3487 EXIST::FUNCTION: +STORE_meth_set_delete_fn 3486 NOEXIST::FUNCTION: +STORE_method_set_delete_function 3486 NOEXIST::FUNCTION: +STORE_list_certificate_next 3487 NOEXIST::FUNCTION: ASN1_generate_nconf 3488 EXIST::FUNCTION: BUF_memdup 3489 EXIST::FUNCTION: BN_GF2m_mod_mul 3490 EXIST::FUNCTION: -STORE_method_get_list_next_function 3491 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_next_fn 3491 EXIST:VMS:FUNCTION: -STORE_ATTR_INFO_get0_dn 3492 EXIST::FUNCTION: -STORE_list_private_key_next 3493 EXIST::FUNCTION: +STORE_meth_get_list_next_fn 3491 NOEXIST::FUNCTION: +STORE_method_get_list_next_function 3491 NOEXIST::FUNCTION: +STORE_ATTR_INFO_get0_dn 3492 NOEXIST::FUNCTION: +STORE_list_private_key_next 3493 NOEXIST::FUNCTION: EC_GROUP_set_seed 3494 EXIST::FUNCTION:EC X509_VERIFY_PARAM_set_trust 3495 EXIST::FUNCTION: -STORE_ATTR_INFO_free 3496 EXIST::FUNCTION: -STORE_get_private_key 3497 EXIST::FUNCTION: +STORE_ATTR_INFO_free 3496 NOEXIST::FUNCTION: +STORE_get_private_key 3497 NOEXIST::FUNCTION: EVP_PKEY_get_attr_count 3498 EXIST::FUNCTION: -STORE_ATTR_INFO_new 3499 EXIST::FUNCTION: +STORE_ATTR_INFO_new 3499 NOEXIST::FUNCTION: EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC -STORE_method_set_revoke_function 3501 EXIST:!VMS:FUNCTION: -STORE_meth_set_revoke_fn 3501 EXIST:VMS:FUNCTION: -STORE_store_number 3502 EXIST::FUNCTION: +STORE_meth_set_revoke_fn 3501 NOEXIST::FUNCTION: +STORE_method_set_revoke_function 3501 NOEXIST::FUNCTION: +STORE_store_number 3502 NOEXIST::FUNCTION: BN_is_prime_ex 3503 EXIST::FUNCTION: -STORE_revoke_public_key 3504 EXIST::FUNCTION: +STORE_revoke_public_key 3504 NOEXIST::FUNCTION: X509_STORE_CTX_get0_param 3505 EXIST::FUNCTION: -STORE_delete_arbitrary 3506 EXIST::FUNCTION: +STORE_delete_arbitrary 3506 NOEXIST::FUNCTION: PEM_read_X509_CERT_PAIR 3507 EXIST:!WIN16:FUNCTION: X509_STORE_set_depth 3508 EXIST::FUNCTION: ECDSA_get_ex_data 3509 EXIST::FUNCTION:ECDSA @@ -3087,40 +3087,40 @@ SHA224 3510 EXIST::FUNCTION:SHA,SHA256 BIO_dump_indent_fp 3511 EXIST::FUNCTION:FP_API EC_KEY_set_group 3512 EXIST::FUNCTION:EC BUF_strndup 3513 EXIST::FUNCTION: -STORE_list_certificate_start 3514 EXIST::FUNCTION: +STORE_list_certificate_start 3514 NOEXIST::FUNCTION: BN_GF2m_mod 3515 EXIST::FUNCTION: X509_REQ_check_private_key 3516 EXIST::FUNCTION: EC_GROUP_get_seed_len 3517 EXIST::FUNCTION:EC -ERR_load_STORE_strings 3518 EXIST::FUNCTION: +ERR_load_STORE_strings 3518 NOEXIST::FUNCTION: PEM_read_bio_EC_PUBKEY 3519 EXIST::FUNCTION:EC -STORE_list_private_key_end 3520 EXIST::FUNCTION: +STORE_list_private_key_end 3520 NOEXIST::FUNCTION: i2d_EC_PUBKEY 3521 EXIST::FUNCTION:EC ECDSA_get_default_method 3522 EXIST::FUNCTION:ECDSA ASN1_put_eoc 3523 EXIST::FUNCTION: X509_STORE_CTX_get_explicit_policy 3524 EXIST:!VMS:FUNCTION: X509_STORE_CTX_get_expl_policy 3524 EXIST:VMS:FUNCTION: X509_VERIFY_PARAM_table_cleanup 3525 EXIST::FUNCTION: -STORE_modify_private_key 3526 EXIST::FUNCTION: +STORE_modify_private_key 3526 NOEXIST::FUNCTION: X509_VERIFY_PARAM_free 3527 EXIST::FUNCTION: EC_METHOD_get_field_type 3528 EXIST::FUNCTION:EC EC_GFp_nist_method 3529 EXIST::FUNCTION:EC -STORE_method_set_modify_function 3530 EXIST:!VMS:FUNCTION: -STORE_meth_set_modify_fn 3530 EXIST:VMS:FUNCTION: -STORE_parse_attrs_next 3531 EXIST::FUNCTION: -ENGINE_load_padlock 3532 EXIST::FUNCTION:ENGINE +STORE_meth_set_modify_fn 3530 NOEXIST::FUNCTION: +STORE_method_set_modify_function 3530 NOEXIST::FUNCTION: +STORE_parse_attrs_next 3531 NOEXIST::FUNCTION: +ENGINE_load_padlock 3532 EXIST::FUNCTION:ENGINE,STATIC_ENGINE EC_GROUP_set_curve_name 3533 EXIST::FUNCTION:EC X509_CERT_PAIR_it 3534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: X509_CERT_PAIR_it 3534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_method_get_revoke_function 3535 EXIST:!VMS:FUNCTION: -STORE_meth_get_revoke_fn 3535 EXIST:VMS:FUNCTION: -STORE_method_set_get_function 3536 EXIST::FUNCTION: -STORE_modify_number 3537 EXIST::FUNCTION: -STORE_method_get_store_function 3538 EXIST::FUNCTION: -STORE_store_private_key 3539 EXIST::FUNCTION: +STORE_meth_get_revoke_fn 3535 NOEXIST::FUNCTION: +STORE_method_get_revoke_function 3535 NOEXIST::FUNCTION: +STORE_method_set_get_function 3536 NOEXIST::FUNCTION: +STORE_modify_number 3537 NOEXIST::FUNCTION: +STORE_method_get_store_function 3538 NOEXIST::FUNCTION: +STORE_store_private_key 3539 NOEXIST::FUNCTION: BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION: RSA_setup_blinding 3541 EXIST::FUNCTION:RSA BIO_s_datagram 3542 EXIST::FUNCTION:DGRAM -STORE_Memory 3543 EXIST::FUNCTION: +STORE_Memory 3543 NOEXIST::FUNCTION: sk_find_ex 3544 EXIST::FUNCTION: EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC ENGINE_set_default_ECDSA 3546 EXIST::FUNCTION:ENGINE @@ -3128,69 +3128,69 @@ POLICY_CONSTRAINTS_new 3547 EXIST::FUNCTION: BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION: ECDH_set_default_method 3549 EXIST::FUNCTION:ECDH EC_KEY_generate_key 3550 EXIST::FUNCTION:EC -SHA384_Update 3551 EXIST::FUNCTION:SHA,SHA512 +SHA384_Update 3551 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 BN_GF2m_arr2poly 3552 EXIST::FUNCTION: -STORE_method_get_get_function 3553 EXIST::FUNCTION: -STORE_method_set_cleanup_function 3554 EXIST:!VMS:FUNCTION: -STORE_meth_set_cleanup_fn 3554 EXIST:VMS:FUNCTION: +STORE_method_get_get_function 3553 NOEXIST::FUNCTION: +STORE_meth_set_cleanup_fn 3554 NOEXIST::FUNCTION: +STORE_method_set_cleanup_function 3554 NOEXIST::FUNCTION: EC_GROUP_check 3555 EXIST::FUNCTION:EC d2i_ECPrivateKey_bio 3556 EXIST::FUNCTION:BIO,EC EC_KEY_insert_key_method_data 3557 EXIST::FUNCTION:EC -STORE_method_get_lock_store_function 3558 EXIST:!VMS:FUNCTION: -STORE_meth_get_lock_store_fn 3558 EXIST:VMS:FUNCTION: +STORE_meth_get_lock_store_fn 3558 NOEXIST::FUNCTION: +STORE_method_get_lock_store_function 3558 NOEXIST::FUNCTION: X509_VERIFY_PARAM_get_depth 3559 EXIST::FUNCTION: SHA224_Final 3560 EXIST::FUNCTION:SHA,SHA256 -STORE_method_set_update_store_function 3561 EXIST:!VMS:FUNCTION: -STORE_meth_set_update_store_fn 3561 EXIST:VMS:FUNCTION: +STORE_meth_set_update_store_fn 3561 NOEXIST::FUNCTION: +STORE_method_set_update_store_function 3561 NOEXIST::FUNCTION: SHA224_Update 3562 EXIST::FUNCTION:SHA,SHA256 d2i_ECPrivateKey 3563 EXIST::FUNCTION:EC ASN1_item_ndef_i2d 3564 EXIST::FUNCTION: -STORE_delete_private_key 3565 EXIST::FUNCTION: +STORE_delete_private_key 3565 NOEXIST::FUNCTION: ERR_pop_to_mark 3566 EXIST::FUNCTION: ENGINE_register_all_STORE 3567 EXIST::FUNCTION:ENGINE X509_policy_level_get0_node 3568 EXIST::FUNCTION: i2d_PKCS7_NDEF 3569 EXIST::FUNCTION: EC_GROUP_get_degree 3570 EXIST::FUNCTION:EC ASN1_generate_v3 3571 EXIST::FUNCTION: -STORE_ATTR_INFO_modify_cstr 3572 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_cstr 3572 NOEXIST::FUNCTION: X509_policy_tree_level_count 3573 EXIST::FUNCTION: BN_GF2m_add 3574 EXIST::FUNCTION: EC_KEY_get0_group 3575 EXIST::FUNCTION:EC -STORE_generate_crl 3576 EXIST::FUNCTION: -STORE_store_public_key 3577 EXIST::FUNCTION: +STORE_generate_crl 3576 NOEXIST::FUNCTION: +STORE_store_public_key 3577 NOEXIST::FUNCTION: X509_CERT_PAIR_free 3578 EXIST::FUNCTION: -STORE_revoke_private_key 3579 EXIST::FUNCTION: +STORE_revoke_private_key 3579 NOEXIST::FUNCTION: BN_nist_mod_224 3580 EXIST::FUNCTION: -SHA512_Final 3581 EXIST::FUNCTION:SHA,SHA512 -STORE_ATTR_INFO_modify_dn 3582 EXIST::FUNCTION: -STORE_method_get_initialise_function 3583 EXIST:!VMS:FUNCTION: -STORE_meth_get_initialise_fn 3583 EXIST:VMS:FUNCTION: -STORE_delete_number 3584 EXIST::FUNCTION: +SHA512_Final 3581 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 +STORE_ATTR_INFO_modify_dn 3582 NOEXIST::FUNCTION: +STORE_meth_get_initialise_fn 3583 NOEXIST::FUNCTION: +STORE_method_get_initialise_function 3583 NOEXIST::FUNCTION: +STORE_delete_number 3584 NOEXIST::FUNCTION: i2d_EC_PUBKEY_bio 3585 EXIST::FUNCTION:BIO,EC BIO_dgram_non_fatal_error 3586 EXIST::FUNCTION: EC_GROUP_get_asn1_flag 3587 EXIST::FUNCTION:EC -STORE_ATTR_INFO_in_ex 3588 EXIST::FUNCTION: -STORE_list_crl_start 3589 EXIST::FUNCTION: +STORE_ATTR_INFO_in_ex 3588 NOEXIST::FUNCTION: +STORE_list_crl_start 3589 NOEXIST::FUNCTION: ECDH_get_ex_new_index 3590 EXIST::FUNCTION:ECDH -STORE_method_get_modify_function 3591 EXIST:!VMS:FUNCTION: -STORE_meth_get_modify_fn 3591 EXIST:VMS:FUNCTION: +STORE_meth_get_modify_fn 3591 NOEXIST::FUNCTION: +STORE_method_get_modify_function 3591 NOEXIST::FUNCTION: v2i_ASN1_BIT_STRING 3592 EXIST::FUNCTION: -STORE_store_certificate 3593 EXIST::FUNCTION: -OBJ_bsearch_ex 3594 EXIST::FUNCTION: +STORE_store_certificate 3593 NOEXIST::FUNCTION: +OBJ_bsearch_ex 3594 NOEXIST::FUNCTION: X509_STORE_CTX_set_default 3595 EXIST::FUNCTION: -STORE_ATTR_INFO_set_sha1str 3596 EXIST::FUNCTION: +STORE_ATTR_INFO_set_sha1str 3596 NOEXIST::FUNCTION: BN_GF2m_mod_inv 3597 EXIST::FUNCTION: BN_GF2m_mod_exp 3598 EXIST::FUNCTION: -STORE_modify_public_key 3599 EXIST::FUNCTION: -STORE_method_get_list_start_function 3600 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_start_fn 3600 EXIST:VMS:FUNCTION: +STORE_modify_public_key 3599 NOEXIST::FUNCTION: +STORE_meth_get_list_start_fn 3600 NOEXIST::FUNCTION: +STORE_method_get_list_start_function 3600 NOEXIST::FUNCTION: EC_GROUP_get0_seed 3601 EXIST::FUNCTION:EC -STORE_store_arbitrary 3602 EXIST::FUNCTION: -STORE_method_set_unlock_store_function 3603 EXIST:!VMS:FUNCTION: -STORE_meth_set_unlock_store_fn 3603 EXIST:VMS:FUNCTION: +STORE_store_arbitrary 3602 NOEXIST::FUNCTION: +STORE_meth_set_unlock_store_fn 3603 NOEXIST::FUNCTION: +STORE_method_set_unlock_store_function 3603 NOEXIST::FUNCTION: BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION: ENGINE_set_ECDSA 3605 EXIST::FUNCTION:ENGINE -STORE_create_method 3606 EXIST::FUNCTION: +STORE_create_method 3606 NOEXIST::FUNCTION: ECPKParameters_print 3607 EXIST::FUNCTION:BIO,EC EC_KEY_get0_private_key 3608 EXIST::FUNCTION:EC PEM_write_EC_PUBKEY 3609 EXIST:!WIN16:FUNCTION:EC @@ -3198,7 +3198,7 @@ X509_VERIFY_PARAM_set1 3610 EXIST::FUNCTION: ECDH_set_method 3611 EXIST::FUNCTION:ECDH v2i_GENERAL_NAME_ex 3612 EXIST::FUNCTION: ECDH_set_ex_data 3613 EXIST::FUNCTION:ECDH -STORE_generate_key 3614 EXIST::FUNCTION: +STORE_generate_key 3614 NOEXIST::FUNCTION: BN_nist_mod_521 3615 EXIST::FUNCTION: X509_policy_tree_get0_level 3616 EXIST::FUNCTION: EC_GROUP_set_point_conversion_form 3617 EXIST:!VMS:FUNCTION:EC @@ -3206,7 +3206,7 @@ EC_GROUP_set_point_conv_form 3617 EXIST:VMS:FUNCTION:EC PEM_read_EC_PUBKEY 3618 EXIST:!WIN16:FUNCTION:EC i2d_ECDSA_SIG 3619 EXIST::FUNCTION:ECDSA ECDSA_OpenSSL 3620 EXIST::FUNCTION:ECDSA -STORE_delete_crl 3621 EXIST::FUNCTION: +STORE_delete_crl 3621 NOEXIST::FUNCTION: EC_KEY_get_enc_flags 3622 EXIST::FUNCTION:EC ASN1_const_check_infinite_end 3623 EXIST::FUNCTION: EVP_PKEY_delete_attr 3624 EXIST::FUNCTION: @@ -3214,31 +3214,31 @@ ECDSA_set_default_method 3625 EXIST::FUNCTION:ECDSA EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC EC_GROUP_cmp 3627 EXIST::FUNCTION:EC -STORE_revoke_certificate 3628 EXIST::FUNCTION: +STORE_revoke_certificate 3628 NOEXIST::FUNCTION: BN_get0_nist_prime_256 3629 EXIST::FUNCTION: -STORE_method_get_delete_function 3630 EXIST:!VMS:FUNCTION: -STORE_meth_get_delete_fn 3630 EXIST:VMS:FUNCTION: +STORE_meth_get_delete_fn 3630 NOEXIST::FUNCTION: +STORE_method_get_delete_function 3630 NOEXIST::FUNCTION: SHA224_Init 3631 EXIST::FUNCTION:SHA,SHA256 PEM_read_ECPrivateKey 3632 EXIST:!WIN16:FUNCTION:EC -SHA512_Init 3633 EXIST::FUNCTION:SHA,SHA512 -STORE_parse_attrs_endp 3634 EXIST::FUNCTION: +SHA512_Init 3633 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 +STORE_parse_attrs_endp 3634 NOEXIST::FUNCTION: BN_set_negative 3635 EXIST::FUNCTION: ERR_load_ECDSA_strings 3636 EXIST::FUNCTION:ECDSA EC_GROUP_get_basis_type 3637 EXIST::FUNCTION:EC -STORE_list_public_key_next 3638 EXIST::FUNCTION: +STORE_list_public_key_next 3638 NOEXIST::FUNCTION: i2v_ASN1_BIT_STRING 3639 EXIST::FUNCTION: -STORE_OBJECT_free 3640 EXIST::FUNCTION: +STORE_OBJECT_free 3640 NOEXIST::FUNCTION: BN_nist_mod_384 3641 EXIST::FUNCTION: i2d_X509_CERT_PAIR 3642 EXIST::FUNCTION: PEM_write_ECPKParameters 3643 EXIST:!WIN16:FUNCTION:EC ECDH_compute_key 3644 EXIST::FUNCTION:ECDH -STORE_ATTR_INFO_get0_sha1str 3645 EXIST::FUNCTION: +STORE_ATTR_INFO_get0_sha1str 3645 NOEXIST::FUNCTION: ENGINE_register_all_ECDH 3646 EXIST::FUNCTION:ENGINE pqueue_pop 3647 EXIST::FUNCTION: -STORE_ATTR_INFO_get0_cstr 3648 EXIST::FUNCTION: +STORE_ATTR_INFO_get0_cstr 3648 NOEXIST::FUNCTION: POLICY_CONSTRAINTS_it 3649 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: POLICY_CONSTRAINTS_it 3649 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_get_ex_new_index 3650 EXIST::FUNCTION: +STORE_get_ex_new_index 3650 NOEXIST::FUNCTION: EVP_PKEY_get_attr_by_OBJ 3651 EXIST::FUNCTION: X509_VERIFY_PARAM_add0_policy 3652 EXIST::FUNCTION: BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION: @@ -3259,20 +3259,20 @@ EC_KEY_set_enc_flags 3665 EXIST::FUNCTION:EC ECDSA_verify 3666 EXIST::FUNCTION:ECDSA EC_POINT_point2hex 3667 EXIST::FUNCTION:EC ENGINE_get_STORE 3668 EXIST::FUNCTION:ENGINE -SHA512 3669 EXIST::FUNCTION:SHA,SHA512 -STORE_get_certificate 3670 EXIST::FUNCTION: +SHA512 3669 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 +STORE_get_certificate 3670 NOEXIST::FUNCTION: ECDSA_do_sign_ex 3671 EXIST::FUNCTION:ECDSA ECDSA_do_verify 3672 EXIST::FUNCTION:ECDSA d2i_ECPrivateKey_fp 3673 EXIST::FUNCTION:EC,FP_API -STORE_delete_certificate 3674 EXIST::FUNCTION: -SHA512_Transform 3675 EXIST::FUNCTION:SHA,SHA512 +STORE_delete_certificate 3674 NOEXIST::FUNCTION: +SHA512_Transform 3675 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 X509_STORE_set1_param 3676 EXIST::FUNCTION: -STORE_method_get_ctrl_function 3677 EXIST::FUNCTION: -STORE_free 3678 EXIST::FUNCTION: +STORE_method_get_ctrl_function 3677 NOEXIST::FUNCTION: +STORE_free 3678 NOEXIST::FUNCTION: PEM_write_ECPrivateKey 3679 EXIST:!WIN16:FUNCTION:EC -STORE_method_get_unlock_store_function 3680 EXIST:!VMS:FUNCTION: -STORE_meth_get_unlock_store_fn 3680 EXIST:VMS:FUNCTION: -STORE_get_ex_data 3681 EXIST::FUNCTION: +STORE_meth_get_unlock_store_fn 3680 NOEXIST::FUNCTION: +STORE_method_get_unlock_store_function 3680 NOEXIST::FUNCTION: +STORE_get_ex_data 3681 NOEXIST::FUNCTION: EC_KEY_set_public_key 3682 EXIST::FUNCTION:EC PEM_read_ECPKParameters 3683 EXIST:!WIN16:FUNCTION:EC X509_CERT_PAIR_new 3684 EXIST::FUNCTION: @@ -3282,8 +3282,8 @@ DSA_generate_parameters_ex 3687 EXIST::FUNCTION:DSA ECParameters_print_fp 3688 EXIST::FUNCTION:EC,FP_API X509V3_NAME_from_section 3689 EXIST::FUNCTION: EVP_PKEY_add1_attr 3690 EXIST::FUNCTION: -STORE_modify_crl 3691 EXIST::FUNCTION: -STORE_list_private_key_start 3692 EXIST::FUNCTION: +STORE_modify_crl 3691 NOEXIST::FUNCTION: +STORE_list_private_key_start 3692 NOEXIST::FUNCTION: POLICY_MAPPINGS_it 3693 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: POLICY_MAPPINGS_it 3693 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: GENERAL_SUBTREE_it 3694 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: @@ -3292,7 +3292,7 @@ EC_GROUP_get_curve_name 3695 EXIST::FUNCTION:EC PEM_write_X509_CERT_PAIR 3696 EXIST:!WIN16:FUNCTION: BIO_dump_indent_cb 3697 EXIST::FUNCTION: d2i_X509_CERT_PAIR 3698 EXIST::FUNCTION: -STORE_list_private_key_endp 3699 EXIST::FUNCTION: +STORE_list_private_key_endp 3699 NOEXIST::FUNCTION: asn1_const_Finish 3700 EXIST::FUNCTION: i2d_EC_PUBKEY_fp 3701 EXIST::FUNCTION:EC,FP_API BN_nist_mod_256 3702 EXIST::FUNCTION: @@ -3302,47 +3302,47 @@ BN_BLINDING_create_param 3705 EXIST::FUNCTION: ECDSA_size 3706 EXIST::FUNCTION:ECDSA d2i_EC_PUBKEY_bio 3707 EXIST::FUNCTION:BIO,EC BN_get0_nist_prime_521 3708 EXIST::FUNCTION: -STORE_ATTR_INFO_modify_sha1str 3709 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_sha1str 3709 NOEXIST::FUNCTION: BN_generate_prime_ex 3710 EXIST::FUNCTION: EC_GROUP_new_by_curve_name 3711 EXIST::FUNCTION:EC SHA256_Final 3712 EXIST::FUNCTION:SHA,SHA256 DH_generate_parameters_ex 3713 EXIST::FUNCTION:DH PEM_read_bio_ECPrivateKey 3714 EXIST::FUNCTION:EC -STORE_method_get_cleanup_function 3715 EXIST:!VMS:FUNCTION: -STORE_meth_get_cleanup_fn 3715 EXIST:VMS:FUNCTION: +STORE_meth_get_cleanup_fn 3715 NOEXIST::FUNCTION: +STORE_method_get_cleanup_function 3715 NOEXIST::FUNCTION: ENGINE_get_ECDH 3716 EXIST::FUNCTION:ENGINE d2i_ECDSA_SIG 3717 EXIST::FUNCTION:ECDSA BN_is_prime_fasttest_ex 3718 EXIST::FUNCTION: ECDSA_sign 3719 EXIST::FUNCTION:ECDSA X509_policy_check 3720 EXIST::FUNCTION: EVP_PKEY_get_attr_by_NID 3721 EXIST::FUNCTION: -STORE_set_ex_data 3722 EXIST::FUNCTION: +STORE_set_ex_data 3722 NOEXIST::FUNCTION: ENGINE_get_ECDSA 3723 EXIST::FUNCTION:ENGINE EVP_ecdsa 3724 EXIST::FUNCTION:SHA BN_BLINDING_get_flags 3725 EXIST::FUNCTION: PKCS12_add_cert 3726 EXIST::FUNCTION: -STORE_OBJECT_new 3727 EXIST::FUNCTION: +STORE_OBJECT_new 3727 NOEXIST::FUNCTION: ERR_load_ECDH_strings 3728 EXIST::FUNCTION:ECDH EC_KEY_dup 3729 EXIST::FUNCTION:EC EVP_CIPHER_CTX_rand_key 3730 EXIST::FUNCTION: ECDSA_set_method 3731 EXIST::FUNCTION:ECDSA a2i_IPADDRESS_NC 3732 EXIST::FUNCTION: d2i_ECParameters 3733 EXIST::FUNCTION:EC -STORE_list_certificate_end 3734 EXIST::FUNCTION: -STORE_get_crl 3735 EXIST::FUNCTION: +STORE_list_certificate_end 3734 NOEXIST::FUNCTION: +STORE_get_crl 3735 NOEXIST::FUNCTION: X509_POLICY_NODE_print 3736 EXIST::FUNCTION: -SHA384_Init 3737 EXIST::FUNCTION:SHA,SHA512 +SHA384_Init 3737 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC ECDSA_set_ex_data 3739 EXIST::FUNCTION:ECDSA -SHA384_Final 3740 EXIST::FUNCTION:SHA,SHA512 +SHA384_Final 3740 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 PKCS7_set_digest 3741 EXIST::FUNCTION: EC_KEY_print 3742 EXIST::FUNCTION:BIO,EC -STORE_method_set_lock_store_function 3743 EXIST:!VMS:FUNCTION: -STORE_meth_set_lock_store_fn 3743 EXIST:VMS:FUNCTION: +STORE_meth_set_lock_store_fn 3743 NOEXIST::FUNCTION: +STORE_method_set_lock_store_function 3743 NOEXIST::FUNCTION: ECDSA_get_ex_new_index 3744 EXIST::FUNCTION:ECDSA -SHA384 3745 EXIST::FUNCTION:SHA,SHA512 +SHA384 3745 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 POLICY_MAPPING_new 3746 EXIST::FUNCTION: -STORE_list_certificate_endp 3747 EXIST::FUNCTION: +STORE_list_certificate_endp 3747 NOEXIST::FUNCTION: X509_STORE_CTX_get0_policy_tree 3748 EXIST::FUNCTION: EC_GROUP_set_asn1_flag 3749 EXIST::FUNCTION:EC EC_KEY_check_key 3750 EXIST::FUNCTION:EC @@ -3350,13 +3350,13 @@ d2i_EC_PUBKEY_fp 3751 EXIST::FUNCTION:EC,FP_API PKCS7_set0_type_other 3752 EXIST::FUNCTION: PEM_read_bio_X509_CERT_PAIR 3753 EXIST::FUNCTION: pqueue_next 3754 EXIST::FUNCTION: -STORE_method_get_list_end_function 3755 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_end_fn 3755 EXIST:VMS:FUNCTION: +STORE_meth_get_list_end_fn 3755 NOEXIST::FUNCTION: +STORE_method_get_list_end_function 3755 NOEXIST::FUNCTION: EVP_PKEY_add1_attr_by_OBJ 3756 EXIST::FUNCTION: X509_VERIFY_PARAM_set_time 3757 EXIST::FUNCTION: pqueue_new 3758 EXIST::FUNCTION: ENGINE_set_default_ECDH 3759 EXIST::FUNCTION:ENGINE -STORE_new_method 3760 EXIST::FUNCTION: +STORE_new_method 3760 NOEXIST::FUNCTION: PKCS12_add_key 3761 EXIST::FUNCTION: DSO_merge 3762 EXIST::FUNCTION: EC_POINT_hex2point 3763 EXIST::FUNCTION:EC @@ -3366,7 +3366,7 @@ pqueue_insert 3766 EXIST::FUNCTION: pitem_free 3767 EXIST::FUNCTION: BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION: ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE -BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION: +BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION:DEPRECATED get_rfc3526_prime_8192 3771 EXIST::FUNCTION: X509_VERIFY_PARAM_clear_flags 3772 EXIST::FUNCTION: get_rfc2409_prime_1024 3773 EXIST::FUNCTION: @@ -3385,7 +3385,7 @@ Camellia_cfb128_encrypt 3785 EXIST::FUNCTION:CAMELLIA Camellia_cfb1_encrypt 3786 EXIST::FUNCTION:CAMELLIA Camellia_cfb8_encrypt 3787 EXIST::FUNCTION:CAMELLIA Camellia_ctr128_encrypt 3788 EXIST::FUNCTION:CAMELLIA -Camellia_cfbr_encrypt_block 3789 EXIST::FUNCTION:CAMELLIA +Camellia_cfbr_encrypt_block 3789 NOEXIST::FUNCTION: Camellia_decrypt 3790 EXIST::FUNCTION:CAMELLIA Camellia_ecb_encrypt 3791 EXIST::FUNCTION:CAMELLIA Camellia_encrypt 3792 EXIST::FUNCTION:CAMELLIA @@ -3585,7 +3585,7 @@ CMS_data_create 3975 EXIST::FUNCTION:CMS i2d_CMS_bio 3976 EXIST::FUNCTION:CMS CMS_EncryptedData_set1_key 3977 EXIST::FUNCTION:CMS CMS_decrypt 3978 EXIST::FUNCTION:CMS -int_smime_write_ASN1 3979 EXIST::FUNCTION: +int_smime_write_ASN1 3979 NOEXIST::FUNCTION: CMS_unsigned_delete_attr 3980 EXIST::FUNCTION:CMS CMS_unsigned_get_attr_count 3981 EXIST::FUNCTION:CMS CMS_add_smimecap 3982 EXIST::FUNCTION:CMS @@ -3657,53 +3657,52 @@ ENGINE_set_ld_ssl_clnt_cert_fn 4044 EXIST:VMS:FUNCTION:ENGINE ENGINE_get_ssl_client_cert_function 4045 EXIST:!VMS:FUNCTION:ENGINE ENGINE_get_ssl_client_cert_fn 4045 EXIST:VMS:FUNCTION:ENGINE ENGINE_load_ssl_client_cert 4046 EXIST::FUNCTION:ENGINE -ENGINE_load_capi 4047 EXIST::FUNCTION:CAPIENG,ENGINE +ENGINE_load_capi 4047 EXIST::FUNCTION:ENGINE,STATIC_ENGINE OPENSSL_isservice 4048 EXIST::FUNCTION: -FIPS_dsa_sig_decode 4049 EXIST:OPENSSL_FIPS:FUNCTION:DSA +FIPS_dsa_sig_decode 4049 NOEXIST::FUNCTION: EVP_CIPHER_CTX_clear_flags 4050 EXIST::FUNCTION: -FIPS_rand_status 4051 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_rand_set_key 4052 EXIST:OPENSSL_FIPS:FUNCTION: -CRYPTO_set_mem_info_functions 4053 EXIST::FUNCTION: -RSA_X931_generate_key_ex 4054 EXIST::FUNCTION:RSA -int_ERR_set_state_func 4055 EXIST:OPENSSL_FIPS:FUNCTION: -int_EVP_MD_set_engine_callbacks 4056 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE -int_CRYPTO_set_do_dynlock_callback 4057 EXIST:!VMS:FUNCTION: -int_CRYPTO_set_do_dynlock_cb 4057 EXIST:VMS:FUNCTION: -FIPS_rng_stick 4058 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_rand_status 4051 NOEXIST::FUNCTION: +FIPS_rand_set_key 4052 NOEXIST::FUNCTION: +CRYPTO_set_mem_info_functions 4053 NOEXIST::FUNCTION: +RSA_X931_generate_key_ex 4054 NOEXIST::FUNCTION: +int_ERR_set_state_func 4055 NOEXIST::FUNCTION: +int_EVP_MD_set_engine_callbacks 4056 NOEXIST::FUNCTION: +int_CRYPTO_set_do_dynlock_callback 4057 NOEXIST::FUNCTION: +FIPS_rng_stick 4058 NOEXIST::FUNCTION: EVP_CIPHER_CTX_set_flags 4059 EXIST::FUNCTION: -BN_X931_generate_prime_ex 4060 EXIST::FUNCTION: -FIPS_selftest_check 4061 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_rand_set_dt 4062 EXIST:OPENSSL_FIPS:FUNCTION: -CRYPTO_dbg_pop_info 4063 EXIST::FUNCTION: -FIPS_dsa_free 4064 EXIST:OPENSSL_FIPS:FUNCTION:DSA -RSA_X931_derive_ex 4065 EXIST::FUNCTION:RSA -FIPS_rsa_new 4066 EXIST:OPENSSL_FIPS:FUNCTION:RSA -FIPS_rand_bytes 4067 EXIST:OPENSSL_FIPS:FUNCTION: -fips_cipher_test 4068 EXIST:OPENSSL_FIPS:FUNCTION: +BN_X931_generate_prime_ex 4060 NOEXIST::FUNCTION: +FIPS_selftest_check 4061 NOEXIST::FUNCTION: +FIPS_rand_set_dt 4062 NOEXIST::FUNCTION: +CRYPTO_dbg_pop_info 4063 NOEXIST::FUNCTION: +FIPS_dsa_free 4064 NOEXIST::FUNCTION: +RSA_X931_derive_ex 4065 NOEXIST::FUNCTION: +FIPS_rsa_new 4066 NOEXIST::FUNCTION: +FIPS_rand_bytes 4067 NOEXIST::FUNCTION: +fips_cipher_test 4068 NOEXIST::FUNCTION: EVP_CIPHER_CTX_test_flags 4069 EXIST::FUNCTION: -CRYPTO_malloc_debug_init 4070 EXIST::FUNCTION: -CRYPTO_dbg_push_info 4071 EXIST::FUNCTION: -FIPS_corrupt_rsa_keygen 4072 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_dh_new 4073 EXIST:OPENSSL_FIPS:FUNCTION:DH -FIPS_corrupt_dsa_keygen 4074 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_dh_free 4075 EXIST:OPENSSL_FIPS:FUNCTION:DH -fips_pkey_signature_test 4076 EXIST:OPENSSL_FIPS:FUNCTION: -EVP_add_alg_module 4077 EXIST::FUNCTION: -int_RAND_init_engine_callbacks 4078 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE -int_EVP_CIPHER_set_engine_callbacks 4079 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE -int_EVP_MD_init_engine_callbacks 4080 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE -FIPS_rand_test_mode 4081 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_rand_reset 4082 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_dsa_new 4083 EXIST:OPENSSL_FIPS:FUNCTION:DSA -int_RAND_set_callbacks 4084 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE -BN_X931_derive_prime_ex 4085 EXIST::FUNCTION: -int_ERR_lib_init 4086 EXIST:OPENSSL_FIPS:FUNCTION: -int_EVP_CIPHER_init_engine_callbacks 4087 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE -FIPS_rsa_free 4088 EXIST:OPENSSL_FIPS:FUNCTION:RSA -FIPS_dsa_sig_encode 4089 EXIST:OPENSSL_FIPS:FUNCTION:DSA -CRYPTO_dbg_remove_all_info 4090 EXIST::FUNCTION: -OPENSSL_init 4091 EXIST::FUNCTION: -private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA +CRYPTO_malloc_debug_init 4070 NOEXIST::FUNCTION: +CRYPTO_dbg_push_info 4071 NOEXIST::FUNCTION: +FIPS_corrupt_rsa_keygen 4072 NOEXIST::FUNCTION: +FIPS_dh_new 4073 NOEXIST::FUNCTION: +FIPS_corrupt_dsa_keygen 4074 NOEXIST::FUNCTION: +FIPS_dh_free 4075 NOEXIST::FUNCTION: +fips_pkey_signature_test 4076 NOEXIST::FUNCTION: +EVP_add_alg_module 4077 NOEXIST::FUNCTION: +int_RAND_init_engine_callbacks 4078 NOEXIST::FUNCTION: +int_EVP_CIPHER_set_engine_callbacks 4079 NOEXIST::FUNCTION: +int_EVP_MD_init_engine_callbacks 4080 NOEXIST::FUNCTION: +FIPS_rand_test_mode 4081 NOEXIST::FUNCTION: +FIPS_rand_reset 4082 NOEXIST::FUNCTION: +FIPS_dsa_new 4083 NOEXIST::FUNCTION: +int_RAND_set_callbacks 4084 NOEXIST::FUNCTION: +BN_X931_derive_prime_ex 4085 NOEXIST::FUNCTION: +int_ERR_lib_init 4086 NOEXIST::FUNCTION: +int_EVP_CIPHER_init_engine_callbacks 4087 NOEXIST::FUNCTION: +FIPS_rsa_free 4088 NOEXIST::FUNCTION: +FIPS_dsa_sig_encode 4089 NOEXIST::FUNCTION: +CRYPTO_dbg_remove_all_info 4090 NOEXIST::FUNCTION: +OPENSSL_init 4091 NOEXIST::FUNCTION: +private_Camellia_set_key 4092 NOEXIST::FUNCTION: CRYPTO_strdup 4093 EXIST::FUNCTION: JPAKE_STEP3A_process 4094 EXIST::FUNCTION:JPAKE JPAKE_STEP1_release 4095 EXIST::FUNCTION:JPAKE @@ -3725,4 +3724,458 @@ JPAKE_STEP2_release 4110 EXIST::FUNCTION:JPAKE JPAKE_STEP3A_init 4111 EXIST::FUNCTION:JPAKE ERR_load_JPAKE_strings 4112 EXIST::FUNCTION:JPAKE JPAKE_STEP2_init 4113 EXIST::FUNCTION:JPAKE -ENGINE_load_aesni 4114 EXIST::FUNCTION:ENGINE +pqueue_size 4114 EXIST::FUNCTION: +i2d_TS_ACCURACY 4115 EXIST::FUNCTION: +i2d_TS_MSG_IMPRINT_fp 4116 EXIST::FUNCTION: +i2d_TS_MSG_IMPRINT 4117 EXIST::FUNCTION: +EVP_PKEY_print_public 4118 EXIST::FUNCTION: +EVP_PKEY_CTX_new 4119 EXIST::FUNCTION: +i2d_TS_TST_INFO 4120 EXIST::FUNCTION: +EVP_PKEY_asn1_find 4121 EXIST::FUNCTION: +DSO_METHOD_beos 4122 EXIST::FUNCTION: +TS_CONF_load_cert 4123 EXIST::FUNCTION: +TS_REQ_get_ext 4124 EXIST::FUNCTION: +EVP_PKEY_sign_init 4125 EXIST::FUNCTION: +ASN1_item_print 4126 EXIST::FUNCTION: +TS_TST_INFO_set_nonce 4127 EXIST::FUNCTION: +TS_RESP_dup 4128 EXIST::FUNCTION: +ENGINE_register_pkey_meths 4129 EXIST::FUNCTION:ENGINE +EVP_PKEY_asn1_add0 4130 EXIST::FUNCTION: +PKCS7_add0_attrib_signing_time 4131 EXIST::FUNCTION: +i2d_TS_TST_INFO_fp 4132 EXIST::FUNCTION: +BIO_asn1_get_prefix 4133 EXIST::FUNCTION: +TS_TST_INFO_set_time 4134 EXIST::FUNCTION: +EVP_PKEY_meth_set_decrypt 4135 EXIST::FUNCTION: +EVP_PKEY_set_type_str 4136 EXIST::FUNCTION: +EVP_PKEY_CTX_get_keygen_info 4137 EXIST::FUNCTION: +TS_REQ_set_policy_id 4138 EXIST::FUNCTION: +d2i_TS_RESP_fp 4139 EXIST::FUNCTION: +ENGINE_get_pkey_asn1_meth_engine 4140 EXIST:!VMS:FUNCTION:ENGINE +ENGINE_get_pkey_asn1_meth_eng 4140 EXIST:VMS:FUNCTION:ENGINE +WHIRLPOOL_Init 4141 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL +TS_RESP_set_status_info 4142 EXIST::FUNCTION: +EVP_PKEY_keygen 4143 EXIST::FUNCTION: +EVP_DigestSignInit 4144 EXIST::FUNCTION: +TS_ACCURACY_set_millis 4145 EXIST::FUNCTION: +TS_REQ_dup 4146 EXIST::FUNCTION: +GENERAL_NAME_dup 4147 EXIST::FUNCTION: +ASN1_SEQUENCE_ANY_it 4148 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_SEQUENCE_ANY_it 4148 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +WHIRLPOOL 4149 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL +X509_STORE_get1_crls 4150 EXIST::FUNCTION: +ENGINE_get_pkey_asn1_meth 4151 EXIST::FUNCTION:ENGINE +EVP_PKEY_asn1_new 4152 EXIST::FUNCTION: +BIO_new_NDEF 4153 EXIST::FUNCTION: +ENGINE_get_pkey_meth 4154 EXIST::FUNCTION:ENGINE +TS_MSG_IMPRINT_set_algo 4155 EXIST::FUNCTION: +i2d_TS_TST_INFO_bio 4156 EXIST::FUNCTION: +TS_TST_INFO_set_ordering 4157 EXIST::FUNCTION: +TS_TST_INFO_get_ext_by_OBJ 4158 EXIST::FUNCTION: +CRYPTO_THREADID_set_pointer 4159 EXIST::FUNCTION: +TS_CONF_get_tsa_section 4160 EXIST::FUNCTION: +SMIME_write_ASN1 4161 EXIST::FUNCTION: +TS_RESP_CTX_set_signer_key 4162 EXIST::FUNCTION: +EVP_PKEY_encrypt_old 4163 EXIST::FUNCTION: +EVP_PKEY_encrypt_init 4164 EXIST::FUNCTION: +CRYPTO_THREADID_cpy 4165 EXIST::FUNCTION: +ASN1_PCTX_get_cert_flags 4166 EXIST::FUNCTION: +i2d_ESS_SIGNING_CERT 4167 EXIST::FUNCTION: +TS_CONF_load_key 4168 EXIST::FUNCTION: +i2d_ASN1_SEQUENCE_ANY 4169 EXIST::FUNCTION: +d2i_TS_MSG_IMPRINT_bio 4170 EXIST::FUNCTION: +EVP_PKEY_asn1_set_public 4171 EXIST::FUNCTION: +b2i_PublicKey_bio 4172 EXIST::FUNCTION: +BIO_asn1_set_prefix 4173 EXIST::FUNCTION: +EVP_PKEY_new_mac_key 4174 EXIST::FUNCTION: +BIO_new_CMS 4175 EXIST::FUNCTION:CMS +CRYPTO_THREADID_cmp 4176 EXIST::FUNCTION: +TS_REQ_ext_free 4177 EXIST::FUNCTION: +EVP_PKEY_asn1_set_free 4178 EXIST::FUNCTION: +EVP_PKEY_get0_asn1 4179 EXIST::FUNCTION: +d2i_NETSCAPE_X509 4180 EXIST::FUNCTION: +EVP_PKEY_verify_recover_init 4181 EXIST::FUNCTION: +EVP_PKEY_CTX_set_data 4182 EXIST::FUNCTION: +EVP_PKEY_keygen_init 4183 EXIST::FUNCTION: +TS_RESP_CTX_set_status_info 4184 EXIST::FUNCTION: +TS_MSG_IMPRINT_get_algo 4185 EXIST::FUNCTION: +TS_REQ_print_bio 4186 EXIST::FUNCTION: +EVP_PKEY_CTX_ctrl_str 4187 EXIST::FUNCTION: +EVP_PKEY_get_default_digest_nid 4188 EXIST::FUNCTION: +PEM_write_bio_PKCS7_stream 4189 EXIST::FUNCTION: +TS_MSG_IMPRINT_print_bio 4190 EXIST::FUNCTION: +BN_asc2bn 4191 EXIST::FUNCTION: +TS_REQ_get_policy_id 4192 EXIST::FUNCTION: +ENGINE_set_default_pkey_asn1_meths 4193 EXIST:!VMS:FUNCTION:ENGINE +ENGINE_set_def_pkey_asn1_meths 4193 EXIST:VMS:FUNCTION:ENGINE +d2i_TS_ACCURACY 4194 EXIST::FUNCTION: +DSO_global_lookup 4195 EXIST::FUNCTION: +TS_CONF_set_tsa_name 4196 EXIST::FUNCTION: +i2d_ASN1_SET_ANY 4197 EXIST::FUNCTION: +ENGINE_load_gost 4198 EXIST::FUNCTION:ENGINE,GOST,STATIC_ENGINE +WHIRLPOOL_BitUpdate 4199 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL +ASN1_PCTX_get_flags 4200 EXIST::FUNCTION: +TS_TST_INFO_get_ext_by_NID 4201 EXIST::FUNCTION: +TS_RESP_new 4202 EXIST::FUNCTION: +ESS_CERT_ID_dup 4203 EXIST::FUNCTION: +TS_STATUS_INFO_dup 4204 EXIST::FUNCTION: +TS_REQ_delete_ext 4205 EXIST::FUNCTION: +EVP_DigestVerifyFinal 4206 EXIST::FUNCTION: +EVP_PKEY_print_params 4207 EXIST::FUNCTION: +i2d_CMS_bio_stream 4208 EXIST::FUNCTION:CMS +TS_REQ_get_msg_imprint 4209 EXIST::FUNCTION: +OBJ_find_sigid_by_algs 4210 EXIST::FUNCTION: +TS_TST_INFO_get_serial 4211 EXIST::FUNCTION: +TS_REQ_get_nonce 4212 EXIST::FUNCTION: +X509_PUBKEY_set0_param 4213 EXIST::FUNCTION: +EVP_PKEY_CTX_set0_keygen_info 4214 EXIST::FUNCTION: +DIST_POINT_set_dpname 4215 EXIST::FUNCTION: +i2d_ISSUING_DIST_POINT 4216 EXIST::FUNCTION: +ASN1_SET_ANY_it 4217 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_SET_ANY_it 4217 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_PKEY_CTX_get_data 4218 EXIST::FUNCTION: +TS_STATUS_INFO_print_bio 4219 EXIST::FUNCTION: +EVP_PKEY_derive_init 4220 EXIST::FUNCTION: +d2i_TS_TST_INFO 4221 EXIST::FUNCTION: +EVP_PKEY_asn1_add_alias 4222 EXIST::FUNCTION: +d2i_TS_RESP_bio 4223 EXIST::FUNCTION: +OTHERNAME_cmp 4224 EXIST::FUNCTION: +GENERAL_NAME_set0_value 4225 EXIST::FUNCTION: +PKCS7_RECIP_INFO_get0_alg 4226 EXIST::FUNCTION: +TS_RESP_CTX_new 4227 EXIST::FUNCTION: +TS_RESP_set_tst_info 4228 EXIST::FUNCTION: +PKCS7_final 4229 EXIST::FUNCTION: +EVP_PKEY_base_id 4230 EXIST::FUNCTION: +TS_RESP_CTX_set_signer_cert 4231 EXIST::FUNCTION: +TS_REQ_set_msg_imprint 4232 EXIST::FUNCTION: +EVP_PKEY_CTX_ctrl 4233 EXIST::FUNCTION: +TS_CONF_set_digests 4234 EXIST::FUNCTION: +d2i_TS_MSG_IMPRINT 4235 EXIST::FUNCTION: +EVP_PKEY_meth_set_ctrl 4236 EXIST::FUNCTION: +TS_REQ_get_ext_by_NID 4237 EXIST::FUNCTION: +PKCS5_pbe_set0_algor 4238 EXIST::FUNCTION: +BN_BLINDING_thread_id 4239 EXIST::FUNCTION: +TS_ACCURACY_new 4240 EXIST::FUNCTION: +X509_CRL_METHOD_free 4241 EXIST::FUNCTION: +ASN1_PCTX_get_nm_flags 4242 EXIST::FUNCTION: +EVP_PKEY_meth_set_sign 4243 EXIST::FUNCTION: +CRYPTO_THREADID_current 4244 EXIST::FUNCTION: +EVP_PKEY_decrypt_init 4245 EXIST::FUNCTION: +NETSCAPE_X509_free 4246 EXIST::FUNCTION: +i2b_PVK_bio 4247 EXIST::FUNCTION:RC4 +EVP_PKEY_print_private 4248 EXIST::FUNCTION: +GENERAL_NAME_get0_value 4249 EXIST::FUNCTION: +b2i_PVK_bio 4250 EXIST::FUNCTION:RC4 +ASN1_UTCTIME_adj 4251 EXIST::FUNCTION: +TS_TST_INFO_new 4252 EXIST::FUNCTION: +EVP_MD_do_all_sorted 4253 EXIST::FUNCTION: +TS_CONF_set_default_engine 4254 EXIST::FUNCTION: +TS_ACCURACY_set_seconds 4255 EXIST::FUNCTION: +TS_TST_INFO_get_time 4256 EXIST::FUNCTION: +PKCS8_pkey_get0 4257 EXIST::FUNCTION: +EVP_PKEY_asn1_get0 4258 EXIST::FUNCTION: +OBJ_add_sigid 4259 EXIST::FUNCTION: +PKCS7_SIGNER_INFO_sign 4260 EXIST::FUNCTION: +EVP_PKEY_paramgen_init 4261 EXIST::FUNCTION: +EVP_PKEY_sign 4262 EXIST::FUNCTION: +OBJ_sigid_free 4263 EXIST::FUNCTION: +EVP_PKEY_meth_set_init 4264 EXIST::FUNCTION: +d2i_ESS_ISSUER_SERIAL 4265 EXIST::FUNCTION: +ISSUING_DIST_POINT_new 4266 EXIST::FUNCTION: +ASN1_TIME_adj 4267 EXIST::FUNCTION: +TS_OBJ_print_bio 4268 EXIST::FUNCTION: +EVP_PKEY_meth_set_verify_recover 4269 EXIST:!VMS:FUNCTION: +EVP_PKEY_meth_set_vrfy_recover 4269 EXIST:VMS:FUNCTION: +TS_RESP_get_status_info 4270 EXIST::FUNCTION: +CMS_stream 4271 EXIST::FUNCTION:CMS +EVP_PKEY_CTX_set_cb 4272 EXIST::FUNCTION: +PKCS7_to_TS_TST_INFO 4273 EXIST::FUNCTION: +ASN1_PCTX_get_oid_flags 4274 EXIST::FUNCTION: +TS_TST_INFO_add_ext 4275 EXIST::FUNCTION: +EVP_PKEY_meth_set_derive 4276 EXIST::FUNCTION: +i2d_TS_RESP_fp 4277 EXIST::FUNCTION: +i2d_TS_MSG_IMPRINT_bio 4278 EXIST::FUNCTION: +TS_RESP_CTX_set_accuracy 4279 EXIST::FUNCTION: +TS_REQ_set_nonce 4280 EXIST::FUNCTION: +ESS_CERT_ID_new 4281 EXIST::FUNCTION: +ENGINE_pkey_asn1_find_str 4282 EXIST::FUNCTION:ENGINE +TS_REQ_get_ext_count 4283 EXIST::FUNCTION: +BUF_reverse 4284 EXIST::FUNCTION: +TS_TST_INFO_print_bio 4285 EXIST::FUNCTION: +d2i_ISSUING_DIST_POINT 4286 EXIST::FUNCTION: +ENGINE_get_pkey_meths 4287 EXIST::FUNCTION:ENGINE +i2b_PrivateKey_bio 4288 EXIST::FUNCTION: +i2d_TS_RESP 4289 EXIST::FUNCTION: +b2i_PublicKey 4290 EXIST::FUNCTION: +TS_VERIFY_CTX_cleanup 4291 EXIST::FUNCTION: +TS_STATUS_INFO_free 4292 EXIST::FUNCTION: +TS_RESP_verify_token 4293 EXIST::FUNCTION: +OBJ_bsearch_ex_ 4294 EXIST::FUNCTION: +ASN1_bn_print 4295 EXIST::FUNCTION:BIO +EVP_PKEY_asn1_get_count 4296 EXIST::FUNCTION: +ENGINE_register_pkey_asn1_meths 4297 EXIST::FUNCTION:ENGINE +ASN1_PCTX_set_nm_flags 4298 EXIST::FUNCTION: +EVP_DigestVerifyInit 4299 EXIST::FUNCTION: +ENGINE_set_default_pkey_meths 4300 EXIST::FUNCTION:ENGINE +TS_TST_INFO_get_policy_id 4301 EXIST::FUNCTION: +TS_REQ_get_cert_req 4302 EXIST::FUNCTION: +X509_CRL_set_meth_data 4303 EXIST::FUNCTION: +PKCS8_pkey_set0 4304 EXIST::FUNCTION: +ASN1_STRING_copy 4305 EXIST::FUNCTION: +d2i_TS_TST_INFO_fp 4306 EXIST::FUNCTION: +X509_CRL_match 4307 EXIST::FUNCTION: +EVP_PKEY_asn1_set_private 4308 EXIST::FUNCTION: +TS_TST_INFO_get_ext_d2i 4309 EXIST::FUNCTION: +TS_RESP_CTX_add_policy 4310 EXIST::FUNCTION: +d2i_TS_RESP 4311 EXIST::FUNCTION: +TS_CONF_load_certs 4312 EXIST::FUNCTION: +TS_TST_INFO_get_msg_imprint 4313 EXIST::FUNCTION: +ERR_load_TS_strings 4314 EXIST::FUNCTION: +TS_TST_INFO_get_version 4315 EXIST::FUNCTION: +EVP_PKEY_CTX_dup 4316 EXIST::FUNCTION: +EVP_PKEY_meth_set_verify 4317 EXIST::FUNCTION: +i2b_PublicKey_bio 4318 EXIST::FUNCTION: +TS_CONF_set_certs 4319 EXIST::FUNCTION: +EVP_PKEY_asn1_get0_info 4320 EXIST::FUNCTION: +TS_VERIFY_CTX_free 4321 EXIST::FUNCTION: +TS_REQ_get_ext_by_critical 4322 EXIST::FUNCTION: +TS_RESP_CTX_set_serial_cb 4323 EXIST::FUNCTION: +X509_CRL_get_meth_data 4324 EXIST::FUNCTION: +TS_RESP_CTX_set_time_cb 4325 EXIST::FUNCTION: +TS_MSG_IMPRINT_get_msg 4326 EXIST::FUNCTION: +TS_TST_INFO_ext_free 4327 EXIST::FUNCTION: +TS_REQ_get_version 4328 EXIST::FUNCTION: +TS_REQ_add_ext 4329 EXIST::FUNCTION: +EVP_PKEY_CTX_set_app_data 4330 EXIST::FUNCTION: +OBJ_bsearch_ 4331 EXIST::FUNCTION: +EVP_PKEY_meth_set_verifyctx 4332 EXIST::FUNCTION: +i2d_PKCS7_bio_stream 4333 EXIST::FUNCTION: +CRYPTO_THREADID_set_numeric 4334 EXIST::FUNCTION: +PKCS7_sign_add_signer 4335 EXIST::FUNCTION: +d2i_TS_TST_INFO_bio 4336 EXIST::FUNCTION: +TS_TST_INFO_get_ordering 4337 EXIST::FUNCTION: +TS_RESP_print_bio 4338 EXIST::FUNCTION: +TS_TST_INFO_get_exts 4339 EXIST::FUNCTION: +HMAC_CTX_copy 4340 EXIST::FUNCTION:HMAC +PKCS5_pbe2_set_iv 4341 EXIST::FUNCTION: +ENGINE_get_pkey_asn1_meths 4342 EXIST::FUNCTION:ENGINE +b2i_PrivateKey 4343 EXIST::FUNCTION: +EVP_PKEY_CTX_get_app_data 4344 EXIST::FUNCTION: +TS_REQ_set_cert_req 4345 EXIST::FUNCTION: +CRYPTO_THREADID_set_callback 4346 EXIST::FUNCTION: +TS_CONF_set_serial 4347 EXIST::FUNCTION: +TS_TST_INFO_free 4348 EXIST::FUNCTION: +d2i_TS_REQ_fp 4349 EXIST::FUNCTION: +TS_RESP_verify_response 4350 EXIST::FUNCTION: +i2d_ESS_ISSUER_SERIAL 4351 EXIST::FUNCTION: +TS_ACCURACY_get_seconds 4352 EXIST::FUNCTION: +EVP_CIPHER_do_all 4353 EXIST::FUNCTION: +b2i_PrivateKey_bio 4354 EXIST::FUNCTION: +OCSP_CERTID_dup 4355 EXIST::FUNCTION: +X509_PUBKEY_get0_param 4356 EXIST::FUNCTION: +TS_MSG_IMPRINT_dup 4357 EXIST::FUNCTION: +PKCS7_print_ctx 4358 EXIST::FUNCTION: +i2d_TS_REQ_bio 4359 EXIST::FUNCTION: +EVP_whirlpool 4360 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL +EVP_PKEY_asn1_set_param 4361 EXIST::FUNCTION: +EVP_PKEY_meth_set_encrypt 4362 EXIST::FUNCTION: +ASN1_PCTX_set_flags 4363 EXIST::FUNCTION: +i2d_ESS_CERT_ID 4364 EXIST::FUNCTION: +TS_VERIFY_CTX_new 4365 EXIST::FUNCTION: +TS_RESP_CTX_set_extension_cb 4366 EXIST::FUNCTION: +ENGINE_register_all_pkey_meths 4367 EXIST::FUNCTION:ENGINE +TS_RESP_CTX_set_status_info_cond 4368 EXIST:!VMS:FUNCTION: +TS_RESP_CTX_set_stat_info_cond 4368 EXIST:VMS:FUNCTION: +EVP_PKEY_verify 4369 EXIST::FUNCTION: +WHIRLPOOL_Final 4370 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL +X509_CRL_METHOD_new 4371 EXIST::FUNCTION: +EVP_DigestSignFinal 4372 EXIST::FUNCTION: +TS_RESP_CTX_set_def_policy 4373 EXIST::FUNCTION: +NETSCAPE_X509_it 4374 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NETSCAPE_X509_it 4374 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +TS_RESP_create_response 4375 EXIST::FUNCTION: +PKCS7_SIGNER_INFO_get0_algs 4376 EXIST::FUNCTION: +TS_TST_INFO_get_nonce 4377 EXIST::FUNCTION: +EVP_PKEY_decrypt_old 4378 EXIST::FUNCTION: +TS_TST_INFO_set_policy_id 4379 EXIST::FUNCTION: +TS_CONF_set_ess_cert_id_chain 4380 EXIST::FUNCTION: +EVP_PKEY_CTX_get0_pkey 4381 EXIST::FUNCTION: +d2i_TS_REQ 4382 EXIST::FUNCTION: +EVP_PKEY_asn1_find_str 4383 EXIST::FUNCTION: +BIO_f_asn1 4384 EXIST::FUNCTION: +ESS_SIGNING_CERT_new 4385 EXIST::FUNCTION: +EVP_PBE_find 4386 EXIST::FUNCTION: +X509_CRL_get0_by_cert 4387 EXIST::FUNCTION: +EVP_PKEY_derive 4388 EXIST::FUNCTION: +i2d_TS_REQ 4389 EXIST::FUNCTION: +TS_TST_INFO_delete_ext 4390 EXIST::FUNCTION: +ESS_ISSUER_SERIAL_free 4391 EXIST::FUNCTION: +ASN1_PCTX_set_str_flags 4392 EXIST::FUNCTION: +ENGINE_get_pkey_asn1_meth_str 4393 EXIST::FUNCTION:ENGINE +TS_CONF_set_signer_key 4394 EXIST::FUNCTION: +TS_ACCURACY_get_millis 4395 EXIST::FUNCTION: +TS_RESP_get_token 4396 EXIST::FUNCTION: +TS_ACCURACY_dup 4397 EXIST::FUNCTION: +ENGINE_register_all_pkey_asn1_meths 4398 EXIST:!VMS:FUNCTION:ENGINE +ENGINE_reg_all_pkey_asn1_meths 4398 EXIST:VMS:FUNCTION:ENGINE +X509_CRL_set_default_method 4399 EXIST::FUNCTION: +CRYPTO_THREADID_hash 4400 EXIST::FUNCTION: +CMS_ContentInfo_print_ctx 4401 EXIST::FUNCTION:CMS +TS_RESP_free 4402 EXIST::FUNCTION: +ISSUING_DIST_POINT_free 4403 EXIST::FUNCTION: +ESS_ISSUER_SERIAL_new 4404 EXIST::FUNCTION: +CMS_add1_crl 4405 EXIST::FUNCTION:CMS +PKCS7_add1_attrib_digest 4406 EXIST::FUNCTION: +TS_RESP_CTX_add_md 4407 EXIST::FUNCTION: +TS_TST_INFO_dup 4408 EXIST::FUNCTION: +ENGINE_set_pkey_asn1_meths 4409 EXIST::FUNCTION:ENGINE +PEM_write_bio_Parameters 4410 EXIST::FUNCTION: +TS_TST_INFO_get_accuracy 4411 EXIST::FUNCTION: +X509_CRL_get0_by_serial 4412 EXIST::FUNCTION: +TS_TST_INFO_set_version 4413 EXIST::FUNCTION: +TS_RESP_CTX_get_tst_info 4414 EXIST::FUNCTION: +TS_RESP_verify_signature 4415 EXIST::FUNCTION: +CRYPTO_THREADID_get_callback 4416 EXIST::FUNCTION: +TS_TST_INFO_get_tsa 4417 EXIST::FUNCTION: +TS_STATUS_INFO_new 4418 EXIST::FUNCTION: +EVP_PKEY_CTX_get_cb 4419 EXIST::FUNCTION: +TS_REQ_get_ext_d2i 4420 EXIST::FUNCTION: +GENERAL_NAME_set0_othername 4421 EXIST::FUNCTION: +TS_TST_INFO_get_ext_count 4422 EXIST::FUNCTION: +TS_RESP_CTX_get_request 4423 EXIST::FUNCTION: +i2d_NETSCAPE_X509 4424 EXIST::FUNCTION: +ENGINE_get_pkey_meth_engine 4425 EXIST::FUNCTION:ENGINE +EVP_PKEY_meth_set_signctx 4426 EXIST::FUNCTION: +EVP_PKEY_asn1_copy 4427 EXIST::FUNCTION: +ASN1_TYPE_cmp 4428 EXIST::FUNCTION: +EVP_CIPHER_do_all_sorted 4429 EXIST::FUNCTION: +EVP_PKEY_CTX_free 4430 EXIST::FUNCTION: +ISSUING_DIST_POINT_it 4431 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ISSUING_DIST_POINT_it 4431 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_TS_MSG_IMPRINT_fp 4432 EXIST::FUNCTION: +X509_STORE_get1_certs 4433 EXIST::FUNCTION: +EVP_PKEY_CTX_get_operation 4434 EXIST::FUNCTION: +d2i_ESS_SIGNING_CERT 4435 EXIST::FUNCTION: +TS_CONF_set_ordering 4436 EXIST::FUNCTION: +EVP_PBE_alg_add_type 4437 EXIST::FUNCTION: +TS_REQ_set_version 4438 EXIST::FUNCTION: +EVP_PKEY_get0 4439 EXIST::FUNCTION: +BIO_asn1_set_suffix 4440 EXIST::FUNCTION: +i2d_TS_STATUS_INFO 4441 EXIST::FUNCTION: +EVP_MD_do_all 4442 EXIST::FUNCTION: +TS_TST_INFO_set_accuracy 4443 EXIST::FUNCTION: +PKCS7_add_attrib_content_type 4444 EXIST::FUNCTION: +ERR_remove_thread_state 4445 EXIST::FUNCTION: +EVP_PKEY_meth_add0 4446 EXIST::FUNCTION: +TS_TST_INFO_set_tsa 4447 EXIST::FUNCTION: +EVP_PKEY_meth_new 4448 EXIST::FUNCTION: +WHIRLPOOL_Update 4449 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL +TS_CONF_set_accuracy 4450 EXIST::FUNCTION: +ASN1_PCTX_set_oid_flags 4451 EXIST::FUNCTION: +ESS_SIGNING_CERT_dup 4452 EXIST::FUNCTION: +d2i_TS_REQ_bio 4453 EXIST::FUNCTION: +X509_time_adj_ex 4454 EXIST::FUNCTION: +TS_RESP_CTX_add_flags 4455 EXIST::FUNCTION: +d2i_TS_STATUS_INFO 4456 EXIST::FUNCTION: +TS_MSG_IMPRINT_set_msg 4457 EXIST::FUNCTION: +BIO_asn1_get_suffix 4458 EXIST::FUNCTION: +TS_REQ_free 4459 EXIST::FUNCTION: +EVP_PKEY_meth_free 4460 EXIST::FUNCTION: +TS_REQ_get_exts 4461 EXIST::FUNCTION: +TS_RESP_CTX_set_clock_precision_digits 4462 EXIST:!VMS:FUNCTION: +TS_RESP_CTX_set_clk_prec_digits 4462 EXIST:VMS:FUNCTION: +TS_RESP_CTX_add_failure_info 4463 EXIST::FUNCTION: +i2d_TS_RESP_bio 4464 EXIST::FUNCTION: +EVP_PKEY_CTX_get0_peerkey 4465 EXIST::FUNCTION: +PEM_write_bio_CMS_stream 4466 EXIST::FUNCTION:CMS +TS_REQ_new 4467 EXIST::FUNCTION: +TS_MSG_IMPRINT_new 4468 EXIST::FUNCTION: +EVP_PKEY_meth_find 4469 EXIST::FUNCTION: +EVP_PKEY_id 4470 EXIST::FUNCTION: +TS_TST_INFO_set_serial 4471 EXIST::FUNCTION: +a2i_GENERAL_NAME 4472 EXIST::FUNCTION: +TS_CONF_set_crypto_device 4473 EXIST::FUNCTION: +EVP_PKEY_verify_init 4474 EXIST::FUNCTION: +TS_CONF_set_policies 4475 EXIST::FUNCTION: +ASN1_PCTX_new 4476 EXIST::FUNCTION: +ESS_CERT_ID_free 4477 EXIST::FUNCTION: +ENGINE_unregister_pkey_meths 4478 EXIST::FUNCTION:ENGINE +TS_MSG_IMPRINT_free 4479 EXIST::FUNCTION: +TS_VERIFY_CTX_init 4480 EXIST::FUNCTION: +PKCS7_stream 4481 EXIST::FUNCTION: +TS_RESP_CTX_set_certs 4482 EXIST::FUNCTION: +TS_CONF_set_def_policy 4483 EXIST::FUNCTION: +ASN1_GENERALIZEDTIME_adj 4484 EXIST::FUNCTION: +NETSCAPE_X509_new 4485 EXIST::FUNCTION: +TS_ACCURACY_free 4486 EXIST::FUNCTION: +TS_RESP_get_tst_info 4487 EXIST::FUNCTION: +EVP_PKEY_derive_set_peer 4488 EXIST::FUNCTION: +PEM_read_bio_Parameters 4489 EXIST::FUNCTION: +TS_CONF_set_clock_precision_digits 4490 EXIST:!VMS:FUNCTION: +TS_CONF_set_clk_prec_digits 4490 EXIST:VMS:FUNCTION: +ESS_ISSUER_SERIAL_dup 4491 EXIST::FUNCTION: +TS_ACCURACY_get_micros 4492 EXIST::FUNCTION: +ASN1_PCTX_get_str_flags 4493 EXIST::FUNCTION: +NAME_CONSTRAINTS_check 4494 EXIST::FUNCTION: +ASN1_BIT_STRING_check 4495 EXIST::FUNCTION: +X509_check_akid 4496 EXIST::FUNCTION: +ENGINE_unregister_pkey_asn1_meths 4497 EXIST:!VMS:FUNCTION:ENGINE +ENGINE_unreg_pkey_asn1_meths 4497 EXIST:VMS:FUNCTION:ENGINE +ASN1_PCTX_free 4498 EXIST::FUNCTION: +PEM_write_bio_ASN1_stream 4499 EXIST::FUNCTION: +i2d_ASN1_bio_stream 4500 EXIST::FUNCTION: +TS_X509_ALGOR_print_bio 4501 EXIST::FUNCTION: +EVP_PKEY_meth_set_cleanup 4502 EXIST::FUNCTION: +EVP_PKEY_asn1_free 4503 EXIST::FUNCTION: +ESS_SIGNING_CERT_free 4504 EXIST::FUNCTION: +TS_TST_INFO_set_msg_imprint 4505 EXIST::FUNCTION: +GENERAL_NAME_cmp 4506 EXIST::FUNCTION: +d2i_ASN1_SET_ANY 4507 EXIST::FUNCTION: +ENGINE_set_pkey_meths 4508 EXIST::FUNCTION:ENGINE +i2d_TS_REQ_fp 4509 EXIST::FUNCTION: +d2i_ASN1_SEQUENCE_ANY 4510 EXIST::FUNCTION: +GENERAL_NAME_get0_otherName 4511 EXIST::FUNCTION: +d2i_ESS_CERT_ID 4512 EXIST::FUNCTION: +OBJ_find_sigid_algs 4513 EXIST::FUNCTION: +EVP_PKEY_meth_set_keygen 4514 EXIST::FUNCTION: +PKCS5_PBKDF2_HMAC 4515 EXIST::FUNCTION: +EVP_PKEY_paramgen 4516 EXIST::FUNCTION: +EVP_PKEY_meth_set_paramgen 4517 EXIST::FUNCTION: +BIO_new_PKCS7 4518 EXIST::FUNCTION: +EVP_PKEY_verify_recover 4519 EXIST::FUNCTION: +TS_ext_print_bio 4520 EXIST::FUNCTION: +TS_ASN1_INTEGER_print_bio 4521 EXIST::FUNCTION: +check_defer 4522 EXIST::FUNCTION: +DSO_pathbyaddr 4523 EXIST::FUNCTION: +EVP_PKEY_set_type 4524 EXIST::FUNCTION: +TS_ACCURACY_set_micros 4525 EXIST::FUNCTION: +TS_REQ_to_TS_VERIFY_CTX 4526 EXIST::FUNCTION: +EVP_PKEY_meth_set_copy 4527 EXIST::FUNCTION: +ASN1_PCTX_set_cert_flags 4528 EXIST::FUNCTION: +TS_TST_INFO_get_ext 4529 EXIST::FUNCTION: +EVP_PKEY_asn1_set_ctrl 4530 EXIST::FUNCTION: +TS_TST_INFO_get_ext_by_critical 4531 EXIST::FUNCTION: +EVP_PKEY_CTX_new_id 4532 EXIST::FUNCTION: +TS_REQ_get_ext_by_OBJ 4533 EXIST::FUNCTION: +TS_CONF_set_signer_cert 4534 EXIST::FUNCTION: +X509_NAME_hash_old 4535 EXIST::FUNCTION: +ASN1_TIME_set_string 4536 EXIST::FUNCTION: +EVP_MD_flags 4537 EXIST::FUNCTION: +TS_RESP_CTX_free 4538 EXIST::FUNCTION: +DSAparams_dup 4539 EXIST::FUNCTION:DSA +DHparams_dup 4540 EXIST::FUNCTION:DH +OCSP_REQ_CTX_add1_header 4541 EXIST::FUNCTION: +OCSP_REQ_CTX_set1_req 4542 EXIST::FUNCTION: +X509_STORE_set_verify_cb 4543 EXIST::FUNCTION: +X509_STORE_CTX_get0_current_crl 4544 EXIST::FUNCTION: +X509_STORE_CTX_get0_parent_ctx 4545 EXIST::FUNCTION: +X509_STORE_CTX_get0_current_issuer 4546 EXIST:!VMS:FUNCTION: +X509_STORE_CTX_get0_cur_issuer 4546 EXIST:VMS:FUNCTION: +X509_issuer_name_hash_old 4547 EXIST::FUNCTION:MD5 +X509_subject_name_hash_old 4548 EXIST::FUNCTION:MD5 +EVP_CIPHER_CTX_copy 4549 EXIST::FUNCTION: +UI_method_get_prompt_constructor 4550 EXIST:!VMS:FUNCTION: +UI_method_get_prompt_constructr 4550 EXIST:VMS:FUNCTION: +UI_method_set_prompt_constructor 4551 EXIST:!VMS:FUNCTION: +UI_method_set_prompt_constructr 4551 EXIST:VMS:FUNCTION: +EVP_read_pw_string_min 4552 EXIST::FUNCTION: +ENGINE_load_aesni 4553 EXIST::FUNCTION:ENGINE diff --git a/src/lib/libcrypto/util/mk1mf.pl b/src/lib/libcrypto/util/mk1mf.pl index 4c16f1dc9e..780029a03f 100644 --- a/src/lib/libcrypto/util/mk1mf.pl +++ b/src/lib/libcrypto/util/mk1mf.pl @@ -6,36 +6,56 @@ # $INSTALLTOP="/usr/local/ssl"; +$OPENSSLDIR="/usr/local/ssl"; $OPTIONS=""; $ssl_version=""; $banner="\t\@echo Building OpenSSL"; -my $no_static_engine = 0; +my $no_static_engine = 1; my $engines = ""; local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic local $zlib_lib = ""; +local $perl_asm = 0; # 1 to autobuild asm files from perl scripts + +# Options to import from top level Makefile + +my %mf_import = ( + VERSION => \$ssl_version, + OPTIONS => \$OPTIONS, + INSTALLTOP => \$INSTALLTOP, + OPENSSLDIR => \$OPENSSLDIR, + PLATFORM => \$mf_platform, + CFLAG => \$mf_cflag, + DEPFLAG => \$mf_depflag, + CPUID_OBJ => \$mf_cpuid_asm, + BN_ASM => \$mf_bn_asm, + DES_ENC => \$mf_des_asm, + AES_ENC => \$mf_aes_asm, + BF_ENC => \$mf_bf_asm, + CAST_ENC => \$mf_cast_asm, + RC4_ENC => \$mf_rc4_asm, + RC5_ENC => \$mf_rc5_asm, + MD5_ASM_OBJ => \$mf_md5_asm, + SHA1_ASM_OBJ => \$mf_sha_asm, + RMD160_ASM_OBJ => \$mf_rmd_asm, + WP_ASM_OBJ => \$mf_wp_asm, + CMLL_ENC => \$mf_cm_asm +); -local $fips_canister_path = ""; -my $fips_premain_dso_exe_path = ""; -my $fips_premain_c_path = ""; -my $fips_sha1_exe_path = ""; - -local $fipscanisterbuild = 0; -local $fipsdso = 0; - -my $fipslibdir = ""; -my $baseaddr = ""; - -my $ex_l_libs = ""; open(IN,") { - $ssl_version=$1 if (/^VERSION=(.*)$/); - $OPTIONS=$1 if (/^OPTIONS=(.*)$/); - $INSTALLTOP=$1 if (/^INSTALLTOP=(.*$)/); + my ($mf_opt, $mf_ref); + while (($mf_opt, $mf_ref) = each %mf_import) { + if (/^$mf_opt\s*=\s*(.*)$/) { + $$mf_ref = $1; + } + } } close(IN); +$debug = 1 if $mf_platform =~ /^debug-/; + die "Makefile is not the toplevel Makefile!\n" if $ssl_version eq ""; $infile="MINFO"; @@ -58,6 +78,7 @@ $infile="MINFO"; "netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets", "netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets", "default","cc under unix", + "auto", "auto detect from top level Makefile" ); $platform=""; @@ -144,6 +165,12 @@ $bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:''; $NT=0; push(@INC,"util/pl","pl"); + +if ($platform eq "auto") { + $platform = $mf_platform; + print STDERR "Imported platform $mf_platform\n"; +} + if (($platform =~ /VC-(.+)/)) { $FLAVOR=$1; @@ -228,13 +255,12 @@ $cflags.=" -DOPENSSL_NO_DES" if $no_des; $cflags.=" -DOPENSSL_NO_RSA" if $no_rsa; $cflags.=" -DOPENSSL_NO_DSA" if $no_dsa; $cflags.=" -DOPENSSL_NO_DH" if $no_dh; +$cflags.=" -DOPENSSL_NO_WHIRLPOOL" if $no_whirlpool; $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock; $cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2; $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; $cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext; $cflags.=" -DOPENSSL_NO_CMS" if $no_cms; -$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake; -$cflags.=" -DOPENSSL_NO_CAPIENG" if $no_capieng; $cflags.=" -DOPENSSL_NO_ERR" if $no_err; $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; $cflags.=" -DOPENSSL_NO_EC" if $no_ec; @@ -242,7 +268,7 @@ $cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa; $cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh; $cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; $cflags.=" -DOPENSSL_NO_HW" if $no_hw; -$cflags.=" -DOPENSSL_FIPS" if $fips; +$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake; $cflags.= " -DZLIB" if $zlib_opt; $cflags.= " -DZLIB_SHARED" if $zlib_opt == 2; @@ -264,9 +290,9 @@ else $ex_libs="$l_flags$ex_libs" if ($l_flags ne ""); + %shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL", - "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO", - "FIPS" => " -DOPENSSL_BUILD_SHLIBCRYPTO"); + "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO"); if ($msdos) { @@ -280,6 +306,7 @@ if ($msdos) $link="$bin_dir$link" if ($link !~ /^\$/); $INSTALLTOP =~ s|/|$o|g; +$OPENSSLDIR =~ s|/|$o|g; ############################################# # We parse in input file and 'store' info for later printing. @@ -294,21 +321,11 @@ for (;;) { if ($lib ne "") { - if ($fips && $dir =~ /^fips/) - { - $uc = "FIPS"; - } - else - { - $uc=$lib; - $uc =~ s/^lib(.*)\.a/$1/; - $uc =~ tr/a-z/A-Z/; - } - if (($uc ne "FIPS") || $fipscanisterbuild) - { - $lib_nam{$uc}=$uc; - $lib_obj{$uc}.=$libobj." "; - } + $uc=$lib; + $uc =~ s/^lib(.*)\.a/$1/; + $uc =~ tr/a-z/A-Z/; + $lib_nam{$uc}=$uc; + $lib_obj{$uc}.=$libobj." "; } last if ($val eq "FINISHED"); $lib=""; @@ -351,130 +368,11 @@ for (;;) if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine) { $engines.=$val } - if ($key eq "FIPS_EX_OBJ") - { - $fips_ex_obj=&var_add("crypto",$val,0); - } - - if ($key eq "FIPSLIBDIR") - { - $fipslibdir=$val; - $fipslibdir =~ s/\/$//; - $fipslibdir =~ s/\//$o/g; - } - - if ($key eq "BASEADDR") - { $baseaddr=$val;} - if (!($_=)) { $_="RELATIVE_DIRECTORY=FINISHED\n"; } } close(IN); -if ($fips) - { - - foreach (split " ", $fips_ex_obj) - { - $fips_exclude_obj{$1} = 1 if (/\/([^\/]*)$/); - } - - $fips_exclude_obj{"cpu_win32"} = 1; - $fips_exclude_obj{"bn_asm"} = 1; - $fips_exclude_obj{"des_enc"} = 1; - $fips_exclude_obj{"fcrypt_b"} = 1; - $fips_exclude_obj{"aes_core"} = 1; - $fips_exclude_obj{"aes_cbc"} = 1; - - my @ltmp = split " ", $lib_obj{"CRYPTO"}; - - - $lib_obj{"CRYPTO"} = ""; - - foreach(@ltmp) - { - if (/\/([^\/]*)$/ && exists $fips_exclude_obj{$1}) - { - if ($fipscanisterbuild) - { - $lib_obj{"FIPS"} .= "$_ "; - } - } - else - { - $lib_obj{"CRYPTO"} .= "$_ "; - } - } - - } - -if ($fipscanisterbuild) - { - $fips_canister_path = "\$(LIB_D)${o}fipscanister.lib" if $fips_canister_path eq ""; - $fips_premain_c_path = "\$(LIB_D)${o}fips_premain.c"; - } -else - { - if ($fips_canister_path eq "") - { - $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.lib"; - } - - if ($fips_premain_c_path eq "") - { - $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c"; - } - } - -if ($fips) - { - if ($fips_sha1_exe_path eq "") - { - $fips_sha1_exe_path = - "\$(BIN_D)${o}fips_standalone_sha1$exep"; - } - } - else - { - $fips_sha1_exe_path = ""; - } - -if ($fips_premain_dso_exe_path eq "") - { - $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep"; - } - -# $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips); - -#$ex_l_libs .= " \$(L_FIPS)" if $fipsdso; - -if ($fips) - { - if (!$shlib) - { - $ex_build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)"; - $ex_l_libs .= " \$(O_FIPSCANISTER)"; - $ex_libs_dep .= " \$(O_FIPSCANISTER)" if $fipscanisterbuild; - } - if ($fipscanisterbuild) - { - $fipslibdir = "\$(LIB_D)"; - } - else - { - if ($fipslibdir eq "") - { - open (IN, "util/fipslib_path.txt") || fipslib_error(); - $fipslibdir = ; - chomp $fipslibdir; - close IN; - } - fips_check_files($fipslibdir, - "fipscanister.lib", "fipscanister.lib.sha1", - "fips_premain.c", "fips_premain.c.sha1"); - } - } - if ($shlib) { $extra_install= <<"EOF"; @@ -520,6 +418,7 @@ $defs .= $preamble if defined $preamble; $defs.= <<"EOF"; INSTALLTOP=$INSTALLTOP +OPENSSLDIR=$OPENSSLDIR # Set your compiler options PLATFORM=$platform @@ -540,32 +439,6 @@ SRC_D=$src_dir LINK=$link LFLAGS=$lflags RSC=$rsc -FIPSLINK=\$(PERL) util${o}fipslink.pl - -AES_ASM_OBJ=$aes_asm_obj -AES_ASM_SRC=$aes_asm_src -BN_ASM_OBJ=$bn_asm_obj -BN_ASM_SRC=$bn_asm_src -BNCO_ASM_OBJ=$bnco_asm_obj -BNCO_ASM_SRC=$bnco_asm_src -DES_ENC_OBJ=$des_enc_obj -DES_ENC_SRC=$des_enc_src -BF_ENC_OBJ=$bf_enc_obj -BF_ENC_SRC=$bf_enc_src -CAST_ENC_OBJ=$cast_enc_obj -CAST_ENC_SRC=$cast_enc_src -RC4_ENC_OBJ=$rc4_enc_obj -RC4_ENC_SRC=$rc4_enc_src -RC5_ENC_OBJ=$rc5_enc_obj -RC5_ENC_SRC=$rc5_enc_src -MD5_ASM_OBJ=$md5_asm_obj -MD5_ASM_SRC=$md5_asm_src -SHA1_ASM_OBJ=$sha1_asm_obj -SHA1_ASM_SRC=$sha1_asm_src -RMD160_ASM_OBJ=$rmd160_asm_obj -RMD160_ASM_SRC=$rmd160_asm_src -CPUID_ASM_OBJ=$cpuid_asm_obj -CPUID_ASM_SRC=$cpuid_asm_src # The output directory for everything intersting OUT_D=$out_dir @@ -584,17 +457,6 @@ MKLIB=$bin_dir$mklib MLFLAGS=$mlflags ASM=$bin_dir$asm -# FIPS validated module and support file locations - -E_PREMAIN_DSO=fips_premain_dso - -FIPSLIB_D=$fipslibdir -BASEADDR=$baseaddr -FIPS_PREMAIN_SRC=$fips_premain_c_path -O_FIPSCANISTER=$fips_canister_path -FIPS_SHA1_EXE=$fips_sha1_exe_path -PREMAIN_DSO_EXE=$fips_premain_dso_exe_path - ###################################################### # You should not need to touch anything below this point ###################################################### @@ -602,7 +464,6 @@ PREMAIN_DSO_EXE=$fips_premain_dso_exe_path E_EXE=openssl SSL=$ssl CRYPTO=$crypto -LIBFIPS=libosslfips # BIN_D - Binary output directory # TEST_D - Binary test file output directory @@ -623,14 +484,12 @@ INCL_D=\$(TMP_D) O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp -O_FIPS= \$(LIB_D)$o$plib\$(LIBFIPS)$shlibp SO_SSL= $plib\$(SSL)$so_shlibp SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp -L_FIPS= \$(LIB_D)$o$plib\$(LIBFIPS)$libp -L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs +L_LIBS= \$(L_SSL) \$(L_CRYPTO) ###################################################### # Don't touch anything below this point @@ -640,13 +499,13 @@ INC=-I\$(INC_D) -I\$(INCL_D) APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) -LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) $ex_libs_dep +LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) ############################################# EOF $rules=<<"EOF"; -all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) lib exe $ex_build_targets +all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe banner: $banner @@ -683,8 +542,9 @@ install: all \$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\" \$(MKDIR) \"\$(INSTALLTOP)${o}lib\" \$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\" - \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep\" \"\$(INSTALLTOP)${o}bin\" - \$(CP) \"apps${o}openssl.cnf\" \"\$(INSTALLTOP)\" + \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\" + \$(MKDIR) \"\$(OPENSSLDIR)\" + \$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\" $extra_install @@ -761,26 +621,6 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); $defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); $rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); -# Special case rules for fips_start and fips_end fips_premain_dso - -if ($fips) - { - if ($fipscanisterbuild) - { - $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj", - "fips${o}fips_canister.c", - "-DFIPS_START \$(SHLIB_CFLAGS)"); - $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj", - "fips${o}fips_canister.c", "\$(SHLIB_CFLAGS)"); - } - $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj", - "fips${o}sha${o}fips_standalone_sha1.c", - "\$(SHLIB_CFLAGS)"); - $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj", - "fips${o}fips_premain.c", - "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)"); - } - foreach (values %lib_nam) { $lib_obj=$lib_obj{$_}; @@ -792,78 +632,14 @@ foreach (values %lib_nam) next; } - if ((!$fips && ($_ eq "CRYPTO")) || ($fips && ($_ eq "FIPS"))) - { - if ($cpuid_asm_obj ne "") - { - $lib_obj =~ s/(\S*\/cryptlib\S*)/$1 \$(CPUID_ASM_OBJ)/; - $rules.=&do_asm_rule($cpuid_asm_obj,$cpuid_asm_src); - } - if ($aes_asm_obj ne "") - { - $lib_obj =~ s/\s(\S*\/aes_core\S*)/ \$(AES_ASM_OBJ)/; - $lib_obj =~ s/\s\S*\/aes_cbc\S*//; - $rules.=&do_asm_rule($aes_asm_obj,$aes_asm_src); - } - if ($sha1_asm_obj ne "") - { - $lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/; - $rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src); - } - if ($bn_asm_obj ne "") - { - $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/; - $rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src); - } - if ($bnco_asm_obj ne "") - { - $lib_obj .= "\$(BNCO_ASM_OBJ)"; - $rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src); - } - if ($des_enc_obj ne "") - { - $lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/; - $lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /; - $rules.=&do_asm_rule($des_enc_obj,$des_enc_src); - } - } - if (($bf_enc_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s\S*\/bf_enc\S*/ \$(BF_ENC_OBJ)/; - $rules.=&do_asm_rule($bf_enc_obj,$bf_enc_src); - } - if (($cast_enc_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/(\s\S*\/c_enc\S*)/ \$(CAST_ENC_OBJ)/; - $rules.=&do_asm_rule($cast_enc_obj,$cast_enc_src); - } - if (($rc4_enc_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s\S*\/rc4_enc\S*/ \$(RC4_ENC_OBJ)/; - $rules.=&do_asm_rule($rc4_enc_obj,$rc4_enc_src); - } - if (($rc5_enc_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s\S*\/rc5_enc\S*/ \$(RC5_ENC_OBJ)/; - $rules.=&do_asm_rule($rc5_enc_obj,$rc5_enc_src); - } - if (($md5_asm_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/; - $rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src); - } - if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/; - $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src); - } $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj); $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)"; $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib); } # hack to add version info on MSVC -if (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) { +if (($platform eq "VC-WIN32") || ($platform eq "VC-WIN64A") + || ($platform eq "VC-WIN64I") || ($platform eq "VC-NT")) { $rules.= <<"EOF"; \$(OBJ_D)\\\$(CRYPTO).res: ms\\version32.rc \$(RSC) /fo"\$(OBJ_D)\\\$(CRYPTO).res" /d CRYPTO ms\\version32.rc @@ -871,43 +647,15 @@ if (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) { \$(OBJ_D)\\\$(SSL).res: ms\\version32.rc \$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc -\$(OBJ_D)\\\$(LIBFIPS).res: ms\\version32.rc - \$(RSC) /fo"\$(OBJ_D)\\\$(LIBFIPS).res" /d FIPS ms\\version32.rc - EOF } $defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep); foreach (split(/\s+/,$test)) { - my $t_libs; $t=&bname($_); - my $ltype; - # Check to see if test program is FIPS - if ($fips && /fips/) - { - # If fipsdso link to libosslfips.dll - # otherwise perform static link to - # $(O_FIPSCANISTER) - if ($fipsdso) - { - $t_libs = "\$(L_FIPS)"; - $ltype = 0; - } - else - { - $t_libs = "\$(O_FIPSCANISTER)"; - $ltype = 2; - } - } - else - { - $t_libs = "\$(L_LIBS)"; - $ltype = 0; - } - $tt="\$(OBJ_D)${o}$t${obj}"; - $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","$t_libs \$(EX_LIBS)", $ltype); + $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); } $defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp); @@ -921,69 +669,9 @@ foreach (split(/\s+/,$engines)) $rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); +$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)"); -if ($fips) - { - if ($shlib) - { - if ($fipsdso) - { - $rules.= &do_lib_rule("\$(CRYPTOOBJ)", - "\$(O_CRYPTO)", "$crypto", - $shlib, "", ""); - $rules.= &do_lib_rule( - "\$(O_FIPSCANISTER)", - "\$(O_FIPS)", "\$(LIBFIPS)", - $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)"); - $rules.= &do_sdef_rule(); - } - else - { - $rules.= &do_lib_rule( - "\$(CRYPTOOBJ) \$(O_FIPSCANISTER)", - "\$(O_CRYPTO)", "$crypto", - $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)"); - } - } - else - { - $rules.= &do_lib_rule("\$(CRYPTOOBJ)", - "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", ""); - $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(FIPSOBJ)", - "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", ""); - } - } - else - { - $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib, - "\$(SO_CRYPTO)"); - } - -if ($fips) - { - if ($fipscanisterbuild) - { - $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)", - "\$(OBJ_D)${o}fips_start$obj", - "\$(FIPSOBJ)", - "\$(OBJ_D)${o}fips_end$obj", - "\$(FIPS_SHA1_EXE)", ""); - $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)", - "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}sha1dgst$obj \$(SHA1_ASM_OBJ)", - "","\$(EX_LIBS)", 1); - } - else - { - $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)", - "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(O_FIPSCANISTER)", - "","", 1); - - } - $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1); - - } - -$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0); +$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); print $defs; @@ -1022,7 +710,6 @@ sub var_add return("") if $no_ec && $dir =~ /\/ec/; return("") if $no_cms && $dir =~ /\/cms/; return("") if $no_jpake && $dir =~ /\/jpake/; - return("") if !$fips && $dir =~ /^fips/; if ($no_des && $dir =~ /\/des/) { if ($val =~ /read_pwd/) @@ -1034,6 +721,7 @@ sub var_add return("") if $no_sock && $dir =~ /\/proxy/; return("") if $no_bf && $dir =~ /\/bf/; return("") if $no_cast && $dir =~ /\/cast/; + return("") if $no_whirlpool && $dir =~ /\/whrlpool/; $val =~ s/^\s*(.*)\s*$/$1/; @a=split(/\s+/,$val); @@ -1051,8 +739,8 @@ sub var_add @a=grep(!/^e_camellia$/,@a) if $no_camellia; @a=grep(!/^e_seed$/,@a) if $no_seed; - @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2; - @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3; + #@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2; + #@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3; @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock; @@ -1126,6 +814,7 @@ sub do_defs else { $pf=$postfix; } if ($_ =~ /BN_ASM/) { $t="$_ "; } elsif ($_ =~ /BNCO_ASM/){ $t="$_ "; } + elsif ($_ =~ /AES_ASM/){ $t="$_ "; } elsif ($_ =~ /DES_ENC/) { $t="$_ "; } elsif ($_ =~ /BF_ENC/) { $t="$_ "; } elsif ($_ =~ /CAST_ENC/){ $t="$_ "; } @@ -1133,8 +822,8 @@ sub do_defs elsif ($_ =~ /RC5_ENC/) { $t="$_ "; } elsif ($_ =~ /MD5_ASM/) { $t="$_ "; } elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; } - elsif ($_ =~ /AES_ASM/){ $t="$_ "; } elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; } + elsif ($_ =~ /WHIRLPOOL_ASM/){ $t="$_ "; } elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; } else { $t="$location${o}$_$pf "; } @@ -1142,7 +831,7 @@ sub do_defs $ret.=$t; } # hack to add version info on MSVC - if ($shlib && (($platform eq "VC-WIN32") || ($platform eq "VC-NT"))) + if ($shlib && (($platform eq "VC-WIN32") || ($platfrom eq "VC-WIN64I") || ($platform eq "VC-WIN64A") || ($platform eq "VC-NT"))) { if ($var eq "CRYPTOOBJ") { $ret.="\$(OBJ_D)\\\$(CRYPTO).res "; } @@ -1162,6 +851,13 @@ sub bname return($ret); } +# return the leading path +sub dname + { + my $ret=shift; + $ret =~ s/(^.*)[\\\/][^\\\/]+$/$1/; + return($ret); + } ############################################################## # do a rule for each file that says 'compile' to new direcory @@ -1169,19 +865,61 @@ sub bname sub do_compile_rule { local($to,$files,$ex)=@_; - local($ret,$_,$n); - + local($ret,$_,$n,$d,$s); + $files =~ s/\//$o/g if $o ne '/'; foreach (split(/\s+/,$files)) { $n=&bname($_); - $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex) + $d=&dname($_); + if (-f "${_}.c") + { + $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex) + } + elsif (-f ($s="${d}${o}asm${o}${n}.pl") or + ($s=~s/sha256/sha512/ and -f $s) or + -f ($s="${d}${o}${n}.pl")) + { + $ret.=&perlasm_compile_target("$to${o}$n$obj",$s,$n); + } + elsif (-f ($s="${d}${o}asm${o}${n}.S") or + -f ($s="${d}${o}${n}.S")) + { + $ret.=&Sasm_compile_target("$to${o}$n$obj",$s,$n); + } + else { die "no rule for $_"; } } return($ret); } ############################################################## # do a rule for each file that says 'compile' to new direcory +sub perlasm_compile_target + { + my($target,$source,$bname)=@_; + my($ret); + + $bname =~ s/(.*)\.[^\.]$/$1/; + $ret ="\$(TMP_D)$o$bname.asm: $source\n"; + $ret.="\t\$(PERL) $source $asmtype \$(CFLAG) >\$\@\n\n"; + $ret.="$target: \$(TMP_D)$o$bname.asm\n"; + $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n"; + return($ret); + } + +sub Sasm_compile_target + { + my($target,$source,$bname)=@_; + my($ret); + + $bname =~ s/(.*)\.[^\.]$/$1/; + $ret ="\$(TMP_D)$o$bname.asm: $source\n"; + $ret.="\t\$(CC) -E \$(CFLAG) $source >\$\@\n\n"; + $ret.="$target: \$(TMP_D)$o$bname.asm\n"; + $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n"; + return($ret); + } + sub cc_compile_target { local($target,$source,$ex_flags)=@_; @@ -1204,13 +942,25 @@ sub do_asm_rule $target =~ s/\//$o/g if $o ne "/"; $src =~ s/\//$o/g if $o ne "/"; - @s=split(/\s+/,$src); @t=split(/\s+/,$target); + @s=split(/\s+/,$src); + for ($i=0; $i<=$#s; $i++) { - $ret.="$t[$i]: $s[$i]\n"; - $ret.="\t\$(ASM) $afile$t[$i] \$(SRC_D)$o$s[$i]\n\n"; + my $objfile = $t[$i]; + my $srcfile = $s[$i]; + + if ($perl_asm == 1) + { + my $plasm = $objfile; + $plasm =~ s/${obj}/.pl/; + $ret.="$srcfile: $plasm\n"; + $ret.="\t\$(PERL) $plasm $asmtype \$(CFLAG) >$srcfile\n\n"; + } + + $ret.="$objfile: $srcfile\n"; + $ret.="\t\$(ASM) $afile$objfile \$(SRC_D)$o$srcfile\n\n"; } return($ret); } @@ -1274,6 +1024,7 @@ sub read_options "no-sha1" => \$no_sha1, "no-ripemd" => \$no_ripemd, "no-mdc2" => \$no_mdc2, + "no-whirlpool" => \$no_whirlpool, "no-patents" => [\$no_rc2, \$no_rc4, \$no_rc5, \$no_idea, \$no_rsa], "no-rsa" => \$no_rsa, @@ -1282,7 +1033,6 @@ sub read_options "no-hmac" => \$no_hmac, "no-asm" => \$no_asm, "nasm" => \$nasm, - "ml64" => \$ml64, "nw-nasm" => \$nw_nasm, "nw-mwasm" => \$nw_mwasm, "gaswin" => \$gaswin, @@ -1291,7 +1041,6 @@ sub read_options "no-tlsext" => \$no_tlsext, "no-cms" => \$no_cms, "no-jpake" => \$no_jpake, - "no-capieng" => \$no_capieng, "no-err" => \$no_err, "no-sock" => \$no_sock, "no-krb5" => \$no_krb5, @@ -1316,11 +1065,9 @@ sub read_options "no-rfc3779" => 0, "no-montasm" => 0, "no-shared" => 0, + "no-store" => 0, "no-zlib" => 0, "no-zlib-dynamic" => 0, - "fips" => \$fips, - "fipscanisterbuild" => [\$fips, \$fipscanisterbuild], - "fipsdso" => [\$fips, \$fipscanisterbuild, \$fipsdso], ); if (exists $valid_options{$_}) @@ -1397,31 +1144,3 @@ sub read_options else { return(0); } return(1); } - -sub fipslib_error - { - print STDERR "***FIPS module directory sanity check failed***\n"; - print STDERR "FIPS module build failed, or was deleted\n"; - print STDERR "Please rebuild FIPS module.\n"; - exit 1; - } - -sub fips_check_files - { - my $dir = shift @_; - my $ret = 1; - if (!-d $dir) - { - print STDERR "FIPS module directory $dir does not exist\n"; - fipslib_error(); - } - foreach (@_) - { - if (!-f "$dir${o}$_") - { - print STDERR "FIPS module file $_ does not exist!\n"; - $ret = 0; - } - } - fipslib_error() if ($ret == 0); - } diff --git a/src/lib/libcrypto/util/mkdef.pl b/src/lib/libcrypto/util/mkdef.pl index 5ae9ebb619..a4a17e3ae9 100644 --- a/src/lib/libcrypto/util/mkdef.pl +++ b/src/lib/libcrypto/util/mkdef.pl @@ -69,7 +69,7 @@ my $do_ctestall = 0; my $do_checkexist = 0; my $VMSVAX=0; -my $VMSAlpha=0; +my $VMSNonVAX=0; my $VMS=0; my $W32=0; my $W16=0; @@ -79,12 +79,13 @@ my $OS2=0; my $safe_stack_def = 0; my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", - "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS"); + "EXPORT_VAR_AS_FUNCTION", "ZLIB" ); my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", "SHA256", "SHA512", "RIPEMD", - "MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES", "CAMELLIA", "SEED", + "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", + "HMAC", "AES", "CAMELLIA", "SEED", "GOST", # Envelope "algorithms" "EVP", "X509", "ASN1_TYPEDEFS", # Helper "algorithms" @@ -94,14 +95,16 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "FP_API", "STDIO", "SOCK", "KRB5", "DGRAM", # Engines "STATIC_ENGINE", "ENGINE", "HW", "GMP", - # RFC3779 support + # RFC3779 "RFC3779", - # TLS extension support - "TLSEXT", + # TLS + "TLSEXT", "PSK", # CMS "CMS", # CryptoAPI Engine "CAPIENG", + # SSL v2 + "SSL2", # JPAKE "JPAKE", # Deprecated functions @@ -118,14 +121,15 @@ close(IN); # defined with ifndef(NO_XXX) are not included in the .def file, and everything # in directory xxx is ignored. my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf; -my $no_cast; +my $no_cast; my $no_whirlpool; my $no_camellia; my $no_seed; my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; -my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_camellia; -my $no_seed; -my $no_fp_api; my $no_static_engine; my $no_gmp; my $no_deprecated; -my $no_rfc3779; my $no_tlsext; my $no_cms; my $no_capieng; my $no_jpake; -my $fips; +my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; +my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated; +my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng; +my $no_jpake; my $no_ssl2; + +my $zlib; foreach (@ARGV, split(/ /, $options)) @@ -141,17 +145,15 @@ foreach (@ARGV, split(/ /, $options)) $VMS=1; $VMSVAX=1; } - if ($_ eq "VMS-Alpha") { + if ($_ eq "VMS-NonVAX") { $VMS=1; - $VMSAlpha=1; + $VMSNonVAX=1; } $VMS=1 if $_ eq "VMS"; $OS2=1 if $_ eq "OS2"; - $fips=1 if /^fips/; - - if ($_ eq "zlib" || $_ eq "zlib-dynamic" - || $_ eq "enable-zlib-dynamic") { - $zlib = 1; + if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic" + || $_ eq "enable-zlib-dynamic") { + $zlib = 1; } $do_ssl=1 if $_ eq "ssleay"; @@ -180,6 +182,7 @@ foreach (@ARGV, split(/ /, $options)) elsif (/^no-des$/) { $no_des=1; $no_mdc2=1; } elsif (/^no-bf$/) { $no_bf=1; } elsif (/^no-cast$/) { $no_cast=1; } + elsif (/^no-whirlpool$/) { $no_whirlpool=1; } elsif (/^no-md2$/) { $no_md2=1; } elsif (/^no-md4$/) { $no_md4=1; } elsif (/^no-md5$/) { $no_md5=1; } @@ -212,6 +215,7 @@ foreach (@ARGV, split(/ /, $options)) elsif (/^no-rfc3779$/) { $no_rfc3779=1; } elsif (/^no-tlsext$/) { $no_tlsext=1; } elsif (/^no-cms$/) { $no_cms=1; } + elsif (/^no-ssl2$/) { $no_ssl2=1; } elsif (/^no-capieng$/) { $no_capieng=1; } elsif (/^no-jpake$/) { $no_jpake=1; } } @@ -260,6 +264,7 @@ $crypto.=" crypto/rc5/rc5.h" ; # unless $no_rc5; $crypto.=" crypto/rc2/rc2.h" ; # unless $no_rc2; $crypto.=" crypto/bf/blowfish.h" ; # unless $no_bf; $crypto.=" crypto/cast/cast.h" ; # unless $no_cast; +$crypto.=" crypto/whrlpool/whrlpool.h" ; $crypto.=" crypto/md2/md2.h" ; # unless $no_md2; $crypto.=" crypto/md4/md4.h" ; # unless $no_md4; $crypto.=" crypto/md5/md5.h" ; # unless $no_md5; @@ -301,17 +306,16 @@ $crypto.=" crypto/pkcs12/pkcs12.h"; $crypto.=" crypto/x509/x509.h"; $crypto.=" crypto/x509/x509_vfy.h"; $crypto.=" crypto/x509v3/x509v3.h"; +$crypto.=" crypto/ts/ts.h"; $crypto.=" crypto/rand/rand.h"; $crypto.=" crypto/comp/comp.h" ; # unless $no_comp; $crypto.=" crypto/ocsp/ocsp.h"; $crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h"; $crypto.=" crypto/krb5/krb5_asn.h"; -$crypto.=" crypto/tmdiff.h"; -$crypto.=" crypto/store/store.h"; +#$crypto.=" crypto/store/store.h"; $crypto.=" crypto/pqueue/pqueue.h"; $crypto.=" crypto/cms/cms.h"; $crypto.=" crypto/jpake/jpake.h"; -$crypto.=" fips/fips.h fips/rand/fips_rand.h"; my $symhacks="crypto/symhacks.h"; @@ -885,6 +889,7 @@ sub do_defs s/\{\}/\(\)/gs; s/STACK_OF\(\)/void/gs; + s/LHASH_OF\(\)/void/gs; print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug; if (/^\#INFO:([^:]*):(.*)$/) { @@ -961,6 +966,25 @@ sub do_defs $platform{"PEM_write_NS_CERT_SEQ"} = "VMS"; $platform{"PEM_read_P8_PRIV_KEY_INFO"} = "VMS"; $platform{"PEM_write_P8_PRIV_KEY_INFO"} = "VMS"; + $platform{"EVP_sha384"} = "!VMSVAX"; + $platform{"EVP_sha512"} = "!VMSVAX"; + $platform{"SHA384_Init"} = "!VMSVAX"; + $platform{"SHA384_Transform"} = "!VMSVAX"; + $platform{"SHA384_Update"} = "!VMSVAX"; + $platform{"SHA384_Final"} = "!VMSVAX"; + $platform{"SHA384"} = "!VMSVAX"; + $platform{"SHA512_Init"} = "!VMSVAX"; + $platform{"SHA512_Transform"} = "!VMSVAX"; + $platform{"SHA512_Update"} = "!VMSVAX"; + $platform{"SHA512_Final"} = "!VMSVAX"; + $platform{"SHA512"} = "!VMSVAX"; + $platform{"WHIRLPOOL_Init"} = "!VMSVAX"; + $platform{"WHIRLPOOL"} = "!VMSVAX"; + $platform{"WHIRLPOOL_BitUpdate"} = "!VMSVAX"; + $platform{"EVP_whirlpool"} = "!VMSVAX"; + $platform{"WHIRLPOOL_Final"} = "!VMSVAX"; + $platform{"WHIRLPOOL_Update"} = "!VMSVAX"; + # Info we know about @@ -1085,6 +1109,8 @@ sub is_valid if ($platforms) { # platforms + if ($keyword eq "VMSVAX" && $VMSVAX) { return 1; } + if ($keyword eq "VMSNonVAX" && $VMSNonVAX) { return 1; } if ($keyword eq "VMS" && $VMS) { return 1; } if ($keyword eq "WIN32" && $W32) { return 1; } if ($keyword eq "WIN16" && $W16) { return 1; } @@ -1097,9 +1123,6 @@ sub is_valid if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) { return 1; } - if ($keyword eq "OPENSSL_FIPS" && $fips) { - return 1; - } if ($keyword eq "ZLIB" && $zlib) { return 1; } return 0; } else { @@ -1117,6 +1140,7 @@ sub is_valid if ($keyword eq "SHA" && $no_sha) { return 0; } if ($keyword eq "RIPEMD" && $no_ripemd) { return 0; } if ($keyword eq "MDC2" && $no_mdc2) { return 0; } + if ($keyword eq "WHIRLPOOL" && $no_whirlpool) { return 0; } if ($keyword eq "RSA" && $no_rsa) { return 0; } if ($keyword eq "DSA" && $no_dsa) { return 0; } if ($keyword eq "DH" && $no_dh) { return 0; } @@ -1143,7 +1167,9 @@ sub is_valid if ($keyword eq "GMP" && $no_gmp) { return 0; } if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; } if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; } + if ($keyword eq "PSK" && $no_psk) { return 0; } if ($keyword eq "CMS" && $no_cms) { return 0; } + if ($keyword eq "SSL2" && $no_ssl2) { return 0; } if ($keyword eq "CAPIENG" && $no_capieng) { return 0; } if ($keyword eq "JPAKE" && $no_jpake) { return 0; } if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; } diff --git a/src/lib/libcrypto/util/mkerr.pl b/src/lib/libcrypto/util/mkerr.pl index 554bebb159..15b774f277 100644 --- a/src/lib/libcrypto/util/mkerr.pl +++ b/src/lib/libcrypto/util/mkerr.pl @@ -1,6 +1,7 @@ #!/usr/local/bin/perl -w my $config = "crypto/err/openssl.ec"; +my $hprefix = "openssl/"; my $debug = 0; my $rebuild = 0; my $static = 1; @@ -12,11 +13,16 @@ my $staticloader = ""; my $pack_errcode; my $load_errcode; +my $errcount; + while (@ARGV) { my $arg = $ARGV[0]; if($arg eq "-conf") { shift @ARGV; $config = shift @ARGV; + } elsif($arg eq "-hprefix") { + shift @ARGV; + $hprefix = shift @ARGV; } elsif($arg eq "-debug") { $debug = 1; shift @ARGV; @@ -38,14 +44,78 @@ while (@ARGV) { } elsif($arg eq "-write") { $dowrite = 1; shift @ARGV; + } elsif($arg eq "-help" || $arg eq "-h" || $arg eq "-?" || $arg eq "--help") { + print STDERR <<"EOF"; +mkerr.pl [options] ... + +Options: + + -conf F Use the config file F instead of the default one: + crypto/err/openssl.ec + + -hprefix P Prepend the filenames in generated #include
+ statements with prefix P. Default: 'openssl/' (without + the quotes, naturally) + + -debug Turn on debugging verbose output on stderr. + + -rebuild Rebuild all header and C source files, irrespective of the + fact if any error or function codes have been added/removed. + Default: only update files for libraries which saw change + (of course, this requires '-write' as well, or no + files will be touched!) + + -recurse scan a preconfigured set of directories / files for error and + function codes: + (, , , ) + When this option is NOT specified, the filelist is taken from + the commandline instead. Here, wildcards may be embedded. (Be + sure to escape those to prevent the shell from expanding them + for you when you wish mkerr.pl to do so instead.) + Default: take file list to scan from the command line. + + -reindex Discard the numeric values previously assigned to the error + and function codes as extracted from the scanned header files; + instead renumber all of them starting from 100. (Note that + the numbers assigned through 'R' records in the config file + remain intact.) + Default: keep previously assigned numbers. (You are warned + when collisions are detected.) + + -nostatic Generates a different source code, where these additional + functions are generated for each library specified in the + config file: + void ERR_load__strings(void); + void ERR_unload__strings(void); + void ERR__error(int f, int r, char *fn, int ln); + #define err(f,r) ERR__error(f,r,__FILE__,__LINE__) + while the code facilitates the use of these in an environment + where the error support routines are dynamically loaded at + runtime. + Default: 'static' code generation. + + -staticloader Prefix generated functions with the 'static' scope modifier. + Default: don't write any scope modifier prefix. + + -write Actually (over)write the generated code to the header and C + source files as assigned to each library through the config + file. + Default: don't write. + + -help / -h / -? / --help Show this help text. + + ... Additional arguments are added to the file list to scan, + assuming '-recurse' was NOT specified on the command line. + +EOF + exit 1; } else { last; } } if($recurse) { - @source = ( , , , - , ); + @source = (, , ); } else { @source = @ARGV; } @@ -64,8 +134,8 @@ while() $cskip{$3} = $1; if($3 ne "NONE") { $csrc{$1} = $3; - $fmax{$1} = 99; - $rmax{$1} = 99; + $fmax{$1} = 100; + $rmax{$1} = 100; $fassigned{$1} = ":"; $rassigned{$1} = ":"; $fnew{$1} = 0; @@ -191,7 +261,8 @@ while (($hdr, $lib) = each %libinc) if($1 eq "R") { $rcodes{$name} = $code; if ($rassigned{$lib} =~ /:$code:/) { - print STDERR "!! ERROR: $lib reason code $code assigned twice\n"; + print STDERR "!! ERROR: $lib reason code $code assigned twice (collision at $name)\n"; + ++$errcount; } $rassigned{$lib} .= "$code:"; if(!(exists $rextra{$name}) && @@ -200,7 +271,8 @@ while (($hdr, $lib) = each %libinc) } } else { if ($fassigned{$lib} =~ /:$code:/) { - print STDERR "!! ERROR: $lib function code $code assigned twice\n"; + print STDERR "!! ERROR: $lib function code $code assigned twice (collision at $name)\n"; + ++$errcount; } $fassigned{$lib} .= "$code:"; if($code > $fmax{$lib}) { @@ -231,6 +303,7 @@ while (($hdr, $lib) = each %libinc) if ($rmax{$lib} >= 1000) { print STDERR "!! ERROR: SSL error codes 1000+ are reserved for alerts.\n"; print STDERR "!! Any new alerts must be added to $config.\n"; + ++$errcount; print STDERR "\n"; } } @@ -255,6 +328,9 @@ foreach $file (@source) { print STDERR "File loaded: ".$file."\r" if $debug; open(IN, "<$file") || die "Can't open source file $file\n"; while() { + # skip obsoleted source files entirely! + last if(/^#error\s+obsolete/); + if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) { next unless exists $csrc{$2}; next if($1 eq "BIO_F_BUFFER_CTX"); @@ -264,6 +340,7 @@ foreach $file (@source) { $fnew{$2}++; } $notrans{$1} = 1 unless exists $ftrans{$3}; + print STDERR "Function: $1\t= $fcodes{$1} (lib: $2, name: $3)\n" if $debug; } if(/(([A-Z0-9]+)_R_[A-Z0-9_]+)/) { next unless exists $csrc{$2}; @@ -272,6 +349,7 @@ foreach $file (@source) { $rcodes{$1} = "X"; $rnew{$2}++; } + print STDERR "Reason: $1\t= $rcodes{$1} (lib: $2)\n" if $debug; } } close IN; @@ -313,7 +391,7 @@ foreach $lib (keys %csrc) } else { push @out, "/* ====================================================================\n", -" * Copyright (c) 2001-2008 The OpenSSL Project. All rights reserved.\n", +" * Copyright (c) 2001-2010 The OpenSSL Project. All rights reserved.\n", " *\n", " * Redistribution and use in source and binary forms, with or without\n", " * modification, are permitted provided that the following conditions\n", @@ -369,6 +447,10 @@ foreach $lib (keys %csrc) "#ifndef HEADER_${lib}_ERR_H\n", "#define HEADER_${lib}_ERR_H\n", "\n", +"#ifdef __cplusplus\n", +"extern \"C\" {\n", +"#endif\n", +"\n", "/* BEGIN ERROR CODES */\n"; } open (OUT, ">$hfile") || die "Can't Open File $hfile for writing\n"; @@ -455,14 +537,21 @@ EOF if (/\b(${lib}_R_\w*)\b.*\"(.*)\"/) { $err_reason_strings{$1} = $2; } + if (/\b${lib}_F_(\w*)\b.*\"(.*)\"/) { + if (!exists $ftrans{$1} && ($1 ne $2)) { + print STDERR "WARNING: Mismatched function string $2\n"; + $ftrans{$1} = $2; + } + } } close(IN); } + my $hincf; if($static) { $hfile =~ /([^\/]+)$/; - $hincf = ""; + $hincf = "<${hprefix}$1>"; } else { $hincf = "\"$hfile\""; } @@ -487,7 +576,7 @@ EOF print OUT <<"EOF"; /* $cfile */ /* ==================================================================== - * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -713,3 +802,9 @@ if($debug && defined(@runref) ) { print STDERR "$_\n"; } } + +if($errcount) { + print STDERR "There were errors, failing...\n\n"; + exit $errcount; +} + diff --git a/src/lib/libcrypto/util/mkfiles.pl b/src/lib/libcrypto/util/mkfiles.pl index 67fb8694c8..6d15831450 100644 --- a/src/lib/libcrypto/util/mkfiles.pl +++ b/src/lib/libcrypto/util/mkfiles.pl @@ -26,6 +26,7 @@ my @dirs = ( "crypto/aes", "crypto/camellia", "crypto/seed", +"crypto/modes", "crypto/bn", "crypto/rsa", "crypto/dsa", @@ -46,6 +47,7 @@ my @dirs = ( "crypto/pem", "crypto/x509", "crypto/x509v3", +"crypto/cms", "crypto/conf", "crypto/jpake", "crypto/txt_db", @@ -56,25 +58,20 @@ my @dirs = ( "crypto/ocsp", "crypto/ui", "crypto/krb5", -"crypto/store", +#"crypto/store", "crypto/pqueue", -"crypto/cms", -"fips", -"fips/aes", -"fips/des", -"fips/dsa", -"fips/dh", -"fips/hmac", -"fips/rand", -"fips/rsa", -"fips/sha", +"crypto/whrlpool", +"crypto/ts", "ssl", "apps", "engines", +"engines/ccgost", "test", "tools" ); +%top; + foreach (@dirs) { &files_dir ($_, "Makefile"); } @@ -118,8 +115,8 @@ while () $o =~ s/\s+$//; $o =~ s/\s+/ /g; - $o =~ s/\$[({]([^)}]+)[)}]/$sym{$1}/g; - $sym{$s}=$o; + $o =~ s/\$[({]([^)}]+)[)}]/$top{$1} or $sym{$1}/ge; + $sym{$s}=($top{$s} or $o); } } @@ -129,6 +126,15 @@ foreach (sort keys %sym) { print "$_=$sym{$_}\n"; } +if ($dir eq "." && defined($sym{"BUILDENV"})) + { + foreach (split(' ',$sym{"BUILDENV"})) + { + /^(.+)=/; + $top{$1}=$sym{$1}; + } + } + print "RELATIVE_DIRECTORY=\n"; close (IN); diff --git a/src/lib/libcrypto/util/mklink.pl b/src/lib/libcrypto/util/mklink.pl index eacc327882..61db12c68f 100644 --- a/src/lib/libcrypto/util/mklink.pl +++ b/src/lib/libcrypto/util/mklink.pl @@ -15,21 +15,13 @@ # Apart from this, this script should be able to handle even the most # pathological cases. -my $pwd; -eval 'use Cwd;'; -if ($@) - { - $pwd = `pwd`; - } -else - { - $pwd = getcwd(); - } +use Cwd; my $from = shift; my @files = @ARGV; my @from_path = split(/[\\\/]/, $from); +my $pwd = getcwd(); chomp($pwd); my @pwd_path = split(/[\\\/]/, $pwd); @@ -59,6 +51,7 @@ my $to = join('/', @to_path); my $file; $symlink_exists=eval {symlink("",""); 1}; +if ($^O eq "msys") { $symlink_exists=0 }; foreach $file (@files) { my $err = ""; if ($symlink_exists) { diff --git a/src/lib/libcrypto/util/mksdef.pl b/src/lib/libcrypto/util/mksdef.pl deleted file mode 100644 index 065dc675f1..0000000000 --- a/src/lib/libcrypto/util/mksdef.pl +++ /dev/null @@ -1,87 +0,0 @@ - -# Perl script to split libeay32.def into two distinct DEF files for use in -# fipdso mode. It works out symbols in each case by running "link" command and -# parsing the output to find the list of missing symbols then splitting -# libeay32.def based on the result. - - -# Get list of unknown symbols - -my @deferr = `link @ARGV`; - -my $preamble = ""; -my @fipsdll; -my @fipsrest; -my %nosym; - -# Add symbols to a hash for easy lookup - -foreach (@deferr) - { - if (/^.*symbol (\S+)$/) - { - $nosym{$1} = 1; - } - } - -open (IN, "ms/libeay32.def") || die "Can't Open DEF file for spliting"; - -my $started = 0; - -# Parse libeay32.def into two arrays depending on whether the symbol matches -# the missing list. - - -foreach () - { - if (/^\s*(\S+)\s*(\@\S+)\s*$/) - { - $started = 1; - if (exists $nosym{$1}) - { - push @fipsrest, $_; - } - else - { - my $imptmp = sprintf " %-39s %s\n", - "$1=libosslfips.$1", $2; - push @fipsrest, $imptmp; - push @fipsdll, "\t$1\n"; - } - } - $preamble .= $_ unless $started; - } - -close IN; - -# Hack! Add some additional exports needed for libcryptofips.dll -# - -push @fipsdll, "\tOPENSSL_showfatal\n"; -push @fipsdll, "\tOPENSSL_cpuid_setup\n"; - -# Write out DEF files for each array - -write_def("ms/libosslfips.def", "LIBOSSLFIPS", $preamble, \@fipsdll); -write_def("ms/libeayfips.def", "", $preamble, \@fipsrest); - - -sub write_def - { - my ($fnam, $defname, $preamble, $rdefs) = @_; - open (OUT, ">$fnam") || die "Can't Open DEF file $fnam for Writing\n"; - - if ($defname ne "") - { - $preamble =~ s/LIBEAY32/$defname/g; - $preamble =~ s/LIBEAY/$defname/g; - } - print OUT $preamble; - foreach (@$rdefs) - { - print OUT $_; - } - close OUT; - } - - diff --git a/src/lib/libcrypto/util/mkstack.pl b/src/lib/libcrypto/util/mkstack.pl index 2a968f395f..6a43757c95 100644 --- a/src/lib/libcrypto/util/mkstack.pl +++ b/src/lib/libcrypto/util/mkstack.pl @@ -21,7 +21,7 @@ while (@ARGV) { } -@source = (, , ); +@source = (, , , ); foreach $file (@source) { next if -l $file; @@ -31,11 +31,19 @@ foreach $file (@source) { while() { if (/^DECLARE_STACK_OF\(([^)]+)\)/) { push @stacklst, $1; - } if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) { + } + if (/^DECLARE_SPECIAL_STACK_OF\(([^,\s]+)\s*,\s*([^>\s]+)\)/) { + push @sstacklst, [$1, $2]; + } + if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) { push @asn1setlst, $1; - } if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) { + } + if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) { push @p12stklst, $1; } + if (/^DECLARE_LHASH_OF\(([^)]+)\)/) { + push @lhashlst, $1; + } } close(IN); } @@ -65,7 +73,7 @@ while() { foreach $type_thing (sort @stacklst) { $new_stackfile .= <) { #define sk_${type_thing}_is_sorted(st) SKM_sk_is_sorted($type_thing, (st)) EOF } + + foreach $type_thing (sort @sstacklst) { + my $t1 = $type_thing->[0]; + my $t2 = $type_thing->[1]; + $new_stackfile .= <&1` =~ /14\.00\.4[0-9]{4}\./); + # WIN32 UNICODE build gets linked with unicows.lib for + # backward compatibility with Win9x. + $ex_libs="unicows.lib $ex_libs" if ($FLAVOR =~ /WIN32/ and $cflags =~ /\-DUNICODE/); } -# As native NT API is pure UNICODE, our WIN-NT build defaults to UNICODE, -# but gets linked with unicows.lib to ensure backward compatibility. -if ($FLAVOR =~ /NT/) - { - $cflags.=" -DOPENSSL_SYSNAME_WINNT -DUNICODE -D_UNICODE"; - $ex_libs="unicows.lib $ex_libs"; - } # static library stuff $mklib='lib /nologo'; $ranlib=''; @@ -173,23 +180,30 @@ $lfile='/out:'; $shlib_ex_obj=""; $app_ex_obj="setargv.obj" if ($FLAVOR !~ /CE/); -if ($nasm) { +if ($FLAVOR =~ /WIN64A/) { + if (`nasm -v 2>NUL` =~ /NASM version ([0-9]+\.[0-9]+)/ && $1 >= 2.0) { + $asm='nasm -f win64 -DNEAR -Ox -g'; + $afile='-o '; + } else { + $asm='ml64 /c /Cp /Cx /Zi'; + $afile='/Fo'; + } +} elsif ($FLAVOR =~ /WIN64I/) { + $asm='ias -d debug'; + $afile="-o "; +} elsif ($nasm) { my $ver=`nasm -v 2>NUL`; my $vew=`nasmw -v 2>NUL`; # pick newest version $asm=($ver gt $vew?"nasm":"nasmw")." -f win32"; + $asmtype="win32n"; $afile='-o '; -} elsif ($ml64) { - $asm='ml64 /c /Cp /Cx'; - $asm.=' /Zi' if $debug; - $afile='/Fo'; } else { - $asm='ml /nologo /Cp /coff /c /Cx'; - $asm.=" /Zi" if $debug; + $asm='ml /nologo /Cp /coff /c /Cx /Zi'; $afile='/Fo'; + $asmtype="win32"; } -$aes_asm_obj=''; $bn_asm_obj=''; $bn_asm_src=''; $des_enc_obj=''; @@ -198,56 +212,26 @@ $bf_enc_obj=''; $bf_enc_src=''; if (!$no_asm) - { - if ($FLAVOR =~ "WIN32") - { - $aes_asm_obj='crypto\aes\asm\a_win32.obj'; - $aes_asm_src='crypto\aes\asm\a_win32.asm'; - $bn_asm_obj='crypto\bn\asm\bn_win32.obj crypto\bn\asm\mt_win32.obj'; - $bn_asm_src='crypto\bn\asm\bn_win32.asm crypto\bn\asm\mt_win32.asm'; - $bnco_asm_obj='crypto\bn\asm\co_win32.obj'; - $bnco_asm_src='crypto\bn\asm\co_win32.asm'; - $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj'; - $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm'; - $bf_enc_obj='crypto\bf\asm\b_win32.obj'; - $bf_enc_src='crypto\bf\asm\b_win32.asm'; - $cast_enc_obj='crypto\cast\asm\c_win32.obj'; - $cast_enc_src='crypto\cast\asm\c_win32.asm'; - $rc4_enc_obj='crypto\rc4\asm\r4_win32.obj'; - $rc4_enc_src='crypto\rc4\asm\r4_win32.asm'; - $rc5_enc_obj='crypto\rc5\asm\r5_win32.obj'; - $rc5_enc_src='crypto\rc5\asm\r5_win32.asm'; - $md5_asm_obj='crypto\md5\asm\m5_win32.obj'; - $md5_asm_src='crypto\md5\asm\m5_win32.asm'; - $sha1_asm_obj='crypto\sha\asm\s1_win32.obj crypto\sha\asm\sha512-sse2.obj'; - $sha1_asm_src='crypto\sha\asm\s1_win32.asm crypto\sha\asm\sha512-sse2.asm'; - $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj'; - $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm'; - $cpuid_asm_obj='crypto\cpu_win32.obj'; - $cpuid_asm_src='crypto\cpu_win32.asm'; - $cflags.=" -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DAES_ASM -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; - } - elsif ($FLAVOR =~ "WIN64A") { - $aes_asm_obj='$(OBJ_D)\aes-x86_64.obj'; - $aes_asm_src='crypto\aes\asm\aes-x86_64.asm'; - $bn_asm_obj='$(OBJ_D)\x86_64-mont.obj $(OBJ_D)\bn_asm.obj'; - $bn_asm_src='crypto\bn\asm\x86_64-mont.asm'; - $sha1_asm_obj='$(OBJ_D)\sha1-x86_64.obj $(OBJ_D)\sha256-x86_64.obj $(OBJ_D)\sha512-x86_64.obj'; - $sha1_asm_src='crypto\sha\asm\sha1-x86_64.asm crypto\sha\asm\sha256-x86_64.asm crypto\sha\asm\sha512-x86_64.asm'; - $cpuid_asm_obj='$(OBJ_D)\cpuid-x86_64.obj'; - $cpuid_asm_src='crypto\cpuid-x86_64.asm'; - $cflags.=" -DOPENSSL_CPUID_OBJ -DAES_ASM -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM"; + win32_import_asm($mf_bn_asm, "bn", \$bn_asm_obj, \$bn_asm_src); + win32_import_asm($mf_aes_asm, "aes", \$aes_asm_obj, \$aes_asm_src); + win32_import_asm($mf_des_asm, "des", \$des_enc_obj, \$des_enc_src); + win32_import_asm($mf_bf_asm, "bf", \$bf_enc_obj, \$bf_enc_src); + win32_import_asm($mf_cast_asm, "cast", \$cast_enc_obj, \$cast_enc_src); + win32_import_asm($mf_rc4_asm, "rc4", \$rc4_enc_obj, \$rc4_enc_src); + win32_import_asm($mf_rc5_asm, "rc5", \$rc5_enc_obj, \$rc5_enc_src); + win32_import_asm($mf_md5_asm, "md5", \$md5_asm_obj, \$md5_asm_src); + win32_import_asm($mf_sha_asm, "sha", \$sha1_asm_obj, \$sha1_asm_src); + win32_import_asm($mf_rmd_asm, "ripemd", \$rmd160_asm_obj, \$rmd160_asm_src); + win32_import_asm($mf_wp_asm, "whrlpool", \$whirlpool_asm_obj, \$whirlpool_asm_src); + win32_import_asm($mf_cpuid_asm, "", \$cpuid_asm_obj, \$cpuid_asm_src); + $perl_asm = 1; } - } if ($shlib && $FLAVOR !~ /CE/) { $mlflags.=" $lflags /dll"; -# $cflags =~ s| /MD| /MT|; - $lib_cflag=" -D_WINDLL"; - $out_def="out32dll"; - $tmp_def="tmp32dll"; + $lib_cflag.=" -D_WINDLL"; # # Engage Applink... # @@ -267,8 +251,8 @@ $(INCO_D)\applink.c: ms\applink.c EXHEADER= $(EXHEADER) $(INCO_D)\applink.c LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj +CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ) ___ -$banner .= "CRYPTOOBJ=\$(OBJ_D)\\uplink.obj \$(CRYPTOOBJ)\n"; $banner.=<<'___' if ($FLAVOR =~ /WIN64/); CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ) ___ @@ -276,119 +260,35 @@ ___ elsif ($shlib && $FLAVOR =~ /CE/) { $mlflags.=" $lflags /dll"; - $lib_cflag=" -D_WINDLL -D_DLL"; - $out_def='out32dll_$(TARGETCPU)'; - $tmp_def='tmp32dll_$(TARGETCPU)'; + $lflags.=' /entry:mainCRTstartup' if(defined($ENV{'PORTSDK_LIBPATH'})); + $lib_cflag.=" -D_WINDLL -D_DLL"; } -$cflags.=" /Fd$out_def"; - sub do_lib_rule { - my($objs,$target,$name,$shlib,$ign,$base_addr) = @_; + local($objs,$target,$name,$shlib)=@_; local($ret); $taget =~ s/\//$o/g if $o ne '/'; - my $base_arg; - if ($base_addr ne "") - { - $base_arg= " /base:$base_addr"; - } - else - { - $base_arg = ""; - } - if ($target =~ /O_CRYPTO/ && $fipsdso) - { - $name = "/def:ms/libeayfips.def"; - } - elsif ($name ne "") + if ($name ne "") { $name =~ tr/a-z/A-Z/; $name = "/def:ms/${name}.def"; } + # $target="\$(LIB_D)$o$target"; -# $ret.="$target: $objs\n"; + $ret.="$target: $objs\n"; if (!$shlib) { # $ret.="\t\$(RM) \$(O_$Name)\n"; - $ex =' '; - $ret.="$target: $objs\n"; - $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; + $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n"; } else { - my $ex = ""; - if ($target =~ /O_SSL/) - { - $ex .= " \$(L_CRYPTO)"; - #$ex .= " \$(L_FIPS)" if $fipsdso; - } - my $fipstarget; - if ($fipsdso) - { - $fipstarget = "O_FIPS"; - } - else - { - $fipstarget = "O_CRYPTO"; - } - - - if ($name eq "") - { - $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); - if ($target =~ /capi/) - { - $ex.=' crypt32.lib advapi32.lib'; - } - } - elsif ($FLAVOR =~ /CE/) - { - $ex.=' winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib'; - } - else - { - $ex.=' unicows.lib' if ($FLAVOR =~ /NT/); - $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib'; - $ex.=' crypt32.lib'; - $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); - } + local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)'; $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/; - - if ($fips && $target =~ /$fipstarget/) - { - $ex.= $mwex unless $fipscanisterbuild; - $ret.="$target: $objs \$(PREMAIN_DSO_EXE)"; - if ($fipsdso) - { - $ex.=" \$(OBJ_D)\\\$(LIBFIPS).res"; - $ret.=" \$(OBJ_D)\\\$(LIBFIPS).res"; - $ret.=" ms/\$(LIBFIPS).def"; - } - $ret.="\n\tSET FIPS_LINK=\$(LINK)\n"; - $ret.="\tSET FIPS_CC=\$(CC)\n"; - $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n"; - $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n"; - $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n"; - $ret.="\tSET FIPS_TARGET=$target\n"; - $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n"; - $ret.="\t\$(FIPSLINK) \$(MLFLAGS) /map $base_arg $efile$target "; - $ret.="$name @<<\n \$(SHLIB_EX_OBJ) $objs "; - $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n"; - } - else - { - $ret.="$target: $objs"; - if ($target =~ /O_CRYPTO/ && $fipsdso) - { - $ret .= " \$(O_FIPS)"; - $ex .= " \$(L_FIPS)"; - } - $ret.="\n\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; - } - - $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n"; + $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n"; + $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n"; } $ret.="\n"; return($ret); @@ -396,64 +296,43 @@ sub do_lib_rule sub do_link_rule { - my($target,$files,$dep_libs,$libs,$standalone)=@_; + local($target,$files,$dep_libs,$libs)=@_; local($ret,$_); + $file =~ s/\//$o/g if $o ne '/'; $n=&bname($targer); $ret.="$target: $files $dep_libs\n"; - if ($standalone == 1) - { - $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t"; - $ret.= "\$(EX_LIBS) " if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild); - $ret.="$files $libs\n<<\n"; - } - elsif ($standalone == 2) + $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n"; + $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; + $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n"; + return($ret); + } + +sub win32_import_asm + { + my ($mf_var, $asm_name, $oref, $sref) = @_; + my $asm_dir; + if ($asm_name eq "") { - $ret.="\tSET FIPS_LINK=\$(LINK)\n"; - $ret.="\tSET FIPS_CC=\$(CC)\n"; - $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n"; - $ret.="\tSET PREMAIN_DSO_EXE=\n"; - $ret.="\tSET FIPS_TARGET=$target\n"; - $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n"; - $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n"; - $ret.="\t\$(FIPSLINK) \$(LFLAGS) /map $efile$target @<<\n"; - $ret.="\t\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n"; + $asm_dir = "crypto\\"; } else { - $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n"; - $ret.="\t\$(APP_EX_OBJ) $files $libs\n<<\n"; + $asm_dir = "crypto\\$asm_name\\asm\\"; } - $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n"; - return($ret); - } -sub do_rlink_rule - { - local($target,$rl_start, $rl_mid, $rl_end,$dep_libs,$libs)=@_; - local($ret,$_); - my $files = "$rl_start $rl_mid $rl_end"; + $$oref = ""; + $mf_var =~ s/\.o$/.obj/g; - $file =~ s/\//$o/g if $o ne '/'; - $n=&bname($targer); - $ret.="$target: $files $dep_libs \$(FIPS_SHA1_EXE)\n"; - $ret.="\t\$(PERL) ms\\segrenam.pl \$\$a $rl_start\n"; - $ret.="\t\$(PERL) ms\\segrenam.pl \$\$b $rl_mid\n"; - $ret.="\t\$(PERL) ms\\segrenam.pl \$\$c $rl_end\n"; - $ret.="\t\$(MKLIB) $lfile$target @<<\n\t$files\n<<\n"; - $ret.="\t\$(FIPS_SHA1_EXE) $target > ${target}.sha1\n"; - $ret.="\t\$(PERL) util${o}copy.pl -stripcr fips${o}fips_premain.c \$(LIB_D)${o}fips_premain.c\n"; - $ret.="\t\$(CP) fips${o}fips_premain.c.sha1 \$(LIB_D)${o}fips_premain.c.sha1\n"; - $ret.="\n"; - return($ret); - } + foreach (split(/ /, $mf_var)) + { + $$oref .= $asm_dir . $_ . " "; + } + $$oref =~ s/ $//; + $$sref = $$oref; + $$sref =~ s/\.obj/.asm/g; -sub do_sdef_rule - { - my $ret = "ms/\$(LIBFIPS).def: \$(O_FIPSCANISTER)\n"; - $ret.="\t\$(PERL) util/mksdef.pl \$(MLFLAGS) /out:dummy.dll /def:ms/libeay32.def @<<\n \$(O_FIPSCANISTER)\n<<\n"; - $ret.="\n"; - return $ret; } + 1; diff --git a/src/lib/libcrypto/util/pl/VC-CE.pl b/src/lib/libcrypto/util/pl/VC-CE.pl deleted file mode 100644 index 2fd0c4dd32..0000000000 --- a/src/lib/libcrypto/util/pl/VC-CE.pl +++ /dev/null @@ -1,116 +0,0 @@ -#!/usr/local/bin/perl -# VC-CE.pl - the file for eMbedded Visual C++ 3.0 for windows CE, static libraries -# - -$ssl= "ssleay32"; -$crypto="libeay32"; -$RSAref="RSAref32"; - -$o='\\'; -$cp='copy nul+'; # Timestamps get stuffed otherwise -$rm='del'; - -# C compiler stuff -$cc='$(CC)'; -$cflags=' /W3 /WX /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo $(WCETARGETDEFS) -DUNICODE -D_UNICODE -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -I$(WCECOMPAT)/include'; -$lflags='/nologo /subsystem:windowsce,$(WCELDVERSION) /machine:$(WCELDMACHINE) /opt:ref'; -$mlflags=''; - -$out_def='out32_$(TARGETCPU)'; -$tmp_def='tmp32_$(TARGETCPU)'; -$inc_def="inc32"; - -if ($debug) - { - $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32"; - $lflags.=" /debug"; - $mlflags.=' /debug'; - } - -$obj='.obj'; -$ofile="/Fo"; - -# EXE linking stuff -$link="link"; -$efile="/out:"; -$exep='.exe'; -if ($no_sock) - { $ex_libs=""; } -else { $ex_libs='winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib $(WCELDFLAGS)'; } - -# static library stuff -$mklib='lib'; -$ranlib=''; -$plib=""; -$libp=".lib"; -$shlibp=($shlib)?".dll":".lib"; -$lfile='/out:'; - -$shlib_ex_obj=""; -$app_ex_obj=""; -$app_ex_obj=""; - -$bn_asm_obj=''; -$bn_asm_src=''; -$des_enc_obj=''; -$des_enc_src=''; -$bf_enc_obj=''; -$bf_enc_src=''; - -if ($shlib) - { - $mlflags.=" $lflags /dll"; -# $cflags =~ s| /MD| /MT|; - $lib_cflag=" -D_WINDLL -D_DLL"; - $out_def='out32dll_$(TARGETCPU)'; - $tmp_def='tmp32dll_$(TARGETCPU)'; - } - -$cflags.=" /Fd$out_def"; - -sub do_lib_rule - { - local($objs,$target,$name,$shlib)=@_; - local($ret,$Name); - - $taget =~ s/\//$o/g if $o ne '/'; - ($Name=$name) =~ tr/a-z/A-Z/; - -# $target="\$(LIB_D)$o$target"; - $ret.="$target: $objs\n"; - if (!$shlib) - { -# $ret.="\t\$(RM) \$(O_$Name)\n"; - $ex =' '; - $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; - } - else - { - local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':''; -# $ex.=' winsock.lib coredll.lib $(WCECOMPAT)/lib/wcecompatex.lib'; - $ex.=' winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib'; - $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; - } - $ret.="\n"; - return($ret); - } - -sub do_link_rule - { - local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; - local($ret,$_); - - $file =~ s/\//$o/g if $o ne '/'; - $n=&bname($targer); - $ret.="$target: $files $dep_libs\n"; - $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n"; - $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; - if (defined $sha1file) - { - $ret.=" $openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; - } - $ret.="\n"; - return($ret); - } - -1; diff --git a/src/lib/libcrypto/util/pod2man.pl b/src/lib/libcrypto/util/pod2man.pl index 546d1ec186..025d914f2e 100644 --- a/src/lib/libcrypto/util/pod2man.pl +++ b/src/lib/libcrypto/util/pod2man.pl @@ -425,7 +425,7 @@ if ($name ne 'something') { } next if /^=cut\b/; # DB_File and Net::Ping have =cut before NAME next if /^=pod\b/; # It is OK to have =pod before NAME - next if /^=for\s+comment\b/; # It is OK to have =for comment before NAME + next if /^=(for|begin|end)\s+comment\b/; # It is OK to have =for =begin or =end comment before NAME die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax; } die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax; diff --git a/src/lib/libcrypto/util/point.sh b/src/lib/libcrypto/util/point.sh index 4790e08f8a..da39899cb1 100644 --- a/src/lib/libcrypto/util/point.sh +++ b/src/lib/libcrypto/util/point.sh @@ -1,7 +1,7 @@ #!/bin/sh rm -f "$2" -if test "$OSTYPE" = msdosdjgpp; then +if test "$OSTYPE" = msdosdjgpp || test "x$PLATFORM" = xmingw ; then cp "$1" "$2" else ln -s "$1" "$2" diff --git a/src/lib/libcrypto/util/selftest.pl b/src/lib/libcrypto/util/selftest.pl index 4778c5ab01..7b32e9f4ff 100644 --- a/src/lib/libcrypto/util/selftest.pl +++ b/src/lib/libcrypto/util/selftest.pl @@ -78,7 +78,7 @@ print OUT "\n"; print "Checking compiler...\n"; if (open(TEST,">cctest.c")) { - print TEST "#include \n#include \nmain(){printf(\"Hello world\\n\");}\n"; + print TEST "#include \n#include \n#include \nmain(){printf(\"Hello world\\n\");}\n"; close(TEST); system("$cc -o cctest cctest.c"); if (`./cctest` !~ /Hello world/) { @@ -96,7 +96,7 @@ if (open(TEST,">cctest.c")) { print OUT "Can't create cctest.c\n"; } if (open(TEST,">cctest.c")) { - print TEST "#include \nmain(){printf(OPENSSL_VERSION_TEXT);}\n"; + print TEST "#include \n#include \n#include \nmain(){printf(OPENSSL_VERSION_TEXT);}\n"; close(TEST); system("$cc -o cctest -Iinclude cctest.c"); $cctest = `./cctest`; diff --git a/src/lib/libcrypto/util/ssleay.num b/src/lib/libcrypto/util/ssleay.num index 2055cc1597..15a58e7b13 100644 --- a/src/lib/libcrypto/util/ssleay.num +++ b/src/lib/libcrypto/util/ssleay.num @@ -98,9 +98,9 @@ SSLeay_add_ssl_algorithms 109 NOEXIST::FUNCTION: SSLv23_client_method 110 EXIST::FUNCTION:RSA SSLv23_method 111 EXIST::FUNCTION:RSA SSLv23_server_method 112 EXIST::FUNCTION:RSA -SSLv2_client_method 113 EXIST::FUNCTION:RSA -SSLv2_method 114 EXIST::FUNCTION:RSA -SSLv2_server_method 115 EXIST::FUNCTION:RSA +SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2 +SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2 +SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2 SSLv3_client_method 116 EXIST::FUNCTION: SSLv3_method 117 EXIST::FUNCTION: SSLv3_server_method 118 EXIST::FUNCTION: @@ -117,8 +117,8 @@ SSL_CIPHER_get_bits 128 EXIST::FUNCTION: SSL_CIPHER_get_version 129 EXIST::FUNCTION: SSL_CIPHER_get_name 130 EXIST::FUNCTION: BIO_ssl_shutdown 131 EXIST::FUNCTION:BIO -SSL_SESSION_cmp 132 EXIST::FUNCTION: -SSL_SESSION_hash 133 EXIST::FUNCTION: +SSL_SESSION_cmp 132 NOEXIST::FUNCTION: +SSL_SESSION_hash 133 NOEXIST::FUNCTION: SSL_SESSION_get_time 134 EXIST::FUNCTION: SSL_SESSION_set_time 135 EXIST::FUNCTION: SSL_SESSION_get_timeout 136 EXIST::FUNCTION: @@ -242,3 +242,20 @@ SSL_set_SSL_CTX 290 EXIST::FUNCTION: SSL_get_servername 291 EXIST::FUNCTION:TLSEXT SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT SSL_CTX_set_client_cert_engine 293 EXIST::FUNCTION:ENGINE +SSL_CTX_use_psk_identity_hint 294 EXIST::FUNCTION:PSK +SSL_CTX_set_psk_client_callback 295 EXIST::FUNCTION:PSK +PEM_write_bio_SSL_SESSION 296 EXIST::FUNCTION: +SSL_get_psk_identity_hint 297 EXIST::FUNCTION:PSK +SSL_set_psk_server_callback 298 EXIST::FUNCTION:PSK +SSL_use_psk_identity_hint 299 EXIST::FUNCTION:PSK +SSL_set_psk_client_callback 300 EXIST::FUNCTION:PSK +PEM_read_SSL_SESSION 301 EXIST:!WIN16:FUNCTION: +PEM_read_bio_SSL_SESSION 302 EXIST::FUNCTION: +SSL_CTX_set_psk_server_callback 303 EXIST::FUNCTION:PSK +SSL_get_psk_identity 304 EXIST::FUNCTION:PSK +PEM_write_SSL_SESSION 305 EXIST:!WIN16:FUNCTION: +SSL_set_session_ticket_ext 306 EXIST::FUNCTION: +SSL_set_session_secret_cb 307 EXIST::FUNCTION: +SSL_set_session_ticket_ext_cb 308 EXIST::FUNCTION: +SSL_set1_param 309 EXIST::FUNCTION: +SSL_CTX_set1_param 310 EXIST::FUNCTION: diff --git a/src/lib/libcrypto/x509/Makefile.ssl b/src/lib/libcrypto/x509/Makefile.ssl deleted file mode 100644 index 3a3452536c..0000000000 --- a/src/lib/libcrypto/x509/Makefile.ssl +++ /dev/null @@ -1,594 +0,0 @@ -# -# SSLeay/crypto/x509/Makefile -# - -DIR= x509 -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile README -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \ - x509_obj.c x509_req.c x509spki.c x509_vfy.c \ - x509_set.c x509cset.c x509rset.c x509_err.c \ - x509name.c x509_v3.c x509_ext.c x509_att.c \ - x509type.c x509_lu.c x_all.c x509_txt.c \ - x509_trs.c by_file.c by_dir.c -LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \ - x509_obj.o x509_req.o x509spki.o x509_vfy.o \ - x509_set.o x509cset.o x509rset.o x509_err.o \ - x509name.o x509_v3.o x509_ext.o x509_att.o \ - x509type.o x509_lu.o x_all.o x509_txt.o \ - x509_trs.o by_file.o by_dir.o - -SRC= $(LIBSRC) - -EXHEADER= x509.h x509_vfy.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -by_dir.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -by_dir.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -by_dir.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -by_dir.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -by_dir.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -by_dir.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -by_dir.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -by_dir.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -by_dir.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -by_dir.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -by_dir.o: ../cryptlib.h by_dir.c -by_file.o: ../../e_os.h ../../include/openssl/aes.h -by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -by_file.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -by_file.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -by_file.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h -by_file.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -by_file.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -by_file.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -by_file.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -by_file.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -by_file.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -by_file.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c -x509_att.o: ../../e_os.h ../../include/openssl/aes.h -x509_att.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_att.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_att.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_att.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_att.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_att.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_att.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_att.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_att.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_att.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_att.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_att.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_att.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_att.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_att.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_att.c -x509_cmp.o: ../../e_os.h ../../include/openssl/aes.h -x509_cmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_cmp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_cmp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_cmp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_cmp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_cmp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_cmp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_cmp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_cmp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_cmp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_cmp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_cmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_cmp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_cmp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_cmp.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_cmp.c -x509_d2.o: ../../e_os.h ../../include/openssl/aes.h -x509_d2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_d2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_d2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_d2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_d2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_d2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_d2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_d2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x509_d2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_d2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x509_d2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c -x509_def.o: ../../e_os.h ../../include/openssl/aes.h -x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_def.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_def.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_def.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_def.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_def.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_def.o: ../../include/openssl/opensslconf.h -x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_def.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_def.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_def.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_def.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_def.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_def.o: ../cryptlib.h x509_def.c -x509_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -x509_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x509_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x509_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x509_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_err.o: x509_err.c -x509_ext.o: ../../e_os.h ../../include/openssl/aes.h -x509_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_ext.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_ext.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_ext.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_ext.c -x509_lu.o: ../../e_os.h ../../include/openssl/aes.h -x509_lu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_lu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_lu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_lu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_lu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_lu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_lu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_lu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_lu.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c -x509_obj.o: ../../e_os.h ../../include/openssl/aes.h -x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_obj.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_obj.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_obj.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_obj.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_obj.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_obj.o: ../../include/openssl/opensslconf.h -x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_obj.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_obj.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_obj.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_obj.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_obj.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_obj.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_obj.o: ../cryptlib.h x509_obj.c -x509_r2x.o: ../../e_os.h ../../include/openssl/aes.h -x509_r2x.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_r2x.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_r2x.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_r2x.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_r2x.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_r2x.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_r2x.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_r2x.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_r2x.o: ../../include/openssl/opensslconf.h -x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_r2x.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_r2x.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_r2x.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_r2x.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_r2x.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_r2x.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_r2x.o: ../cryptlib.h x509_r2x.c -x509_req.o: ../../e_os.h ../../include/openssl/aes.h -x509_req.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_req.o: ../../include/openssl/opensslconf.h -x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_req.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_req.o: ../cryptlib.h x509_req.c -x509_set.o: ../../e_os.h ../../include/openssl/aes.h -x509_set.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_set.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_set.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_set.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_set.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_set.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_set.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_set.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_set.o: ../../include/openssl/opensslconf.h -x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_set.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_set.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_set.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_set.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_set.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_set.o: ../cryptlib.h x509_set.c -x509_trs.o: ../../e_os.h ../../include/openssl/aes.h -x509_trs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_trs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_trs.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_trs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_trs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_trs.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_trs.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_trs.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_trs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_trs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_trs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_trs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_trs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_trs.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_trs.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_trs.c -x509_txt.o: ../../e_os.h ../../include/openssl/aes.h -x509_txt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_txt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_txt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_txt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_txt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_txt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_txt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_txt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_txt.o: ../../include/openssl/opensslconf.h -x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_txt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_txt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_txt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_txt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_txt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_txt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_txt.o: ../cryptlib.h x509_txt.c -x509_v3.o: ../../e_os.h ../../include/openssl/aes.h -x509_v3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_v3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_v3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_v3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_v3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_v3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_v3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_v3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_v3.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_v3.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_v3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c -x509_vfy.o: ../../e_os.h ../../include/openssl/aes.h -x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_vfy.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_vfy.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_vfy.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_vfy.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_vfy.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_vfy.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_vfy.c -x509cset.o: ../../e_os.h ../../include/openssl/aes.h -x509cset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509cset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509cset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509cset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509cset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509cset.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509cset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509cset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509cset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509cset.o: ../../include/openssl/opensslconf.h -x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509cset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509cset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509cset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509cset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509cset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509cset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509cset.o: ../cryptlib.h x509cset.c -x509name.o: ../../e_os.h ../../include/openssl/aes.h -x509name.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509name.o: ../../include/openssl/opensslconf.h -x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509name.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509name.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509name.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509name.o: ../cryptlib.h x509name.c -x509rset.o: ../../e_os.h ../../include/openssl/aes.h -x509rset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509rset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509rset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509rset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509rset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509rset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509rset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509rset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509rset.o: ../../include/openssl/opensslconf.h -x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509rset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509rset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509rset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509rset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509rset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509rset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509rset.o: ../cryptlib.h x509rset.c -x509spki.o: ../../e_os.h ../../include/openssl/aes.h -x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509spki.o: ../../include/openssl/opensslconf.h -x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509spki.o: ../cryptlib.h x509spki.c -x509type.o: ../../e_os.h ../../include/openssl/aes.h -x509type.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509type.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509type.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509type.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509type.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509type.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509type.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509type.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509type.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509type.o: ../../include/openssl/opensslconf.h -x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509type.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509type.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509type.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509type.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509type.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509type.o: ../cryptlib.h x509type.c -x_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_all.o: ../cryptlib.h x_all.c diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c index 341e0ba6a4..27ca5150c1 100644 --- a/src/lib/libcrypto/x509/by_dir.c +++ b/src/lib/libcrypto/x509/by_dir.c @@ -65,28 +65,36 @@ #ifndef NO_SYS_TYPES_H # include #endif -#ifdef MAC_OS_pre_X -# include -#else +#ifndef OPENSSL_NO_POSIX_IO # include #endif #include #include -#ifdef _WIN32 -#define stat _stat -#endif + +typedef struct lookup_dir_hashes_st + { + unsigned long hash; + int suffix; + } BY_DIR_HASH; + +typedef struct lookup_dir_entry_st + { + char *dir; + int dir_type; + STACK_OF(BY_DIR_HASH) *hashes; + } BY_DIR_ENTRY; typedef struct lookup_dir_st { BUF_MEM *buffer; - int num_dirs; - char **dirs; - int *dirs_type; - int num_dirs_alloced; + STACK_OF(BY_DIR_ENTRY) *dirs; } BY_DIR; +DECLARE_STACK_OF(BY_DIR_HASH) +DECLARE_STACK_OF(BY_DIR_ENTRY) + static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, char **ret); static int new_dir(X509_LOOKUP *lu); @@ -127,7 +135,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, case X509_L_ADD_DIR: if (argl == X509_FILETYPE_DEFAULT) { - dir=(char *)Getenv(X509_get_default_cert_dir_env()); + dir=(char *)getenv(X509_get_default_cert_dir_env()); if (dir) ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM); else @@ -156,34 +164,51 @@ static int new_dir(X509_LOOKUP *lu) OPENSSL_free(a); return(0); } - a->num_dirs=0; a->dirs=NULL; - a->dirs_type=NULL; - a->num_dirs_alloced=0; lu->method_data=(char *)a; return(1); } +static void by_dir_hash_free(BY_DIR_HASH *hash) + { + OPENSSL_free(hash); + } + +static int by_dir_hash_cmp(const BY_DIR_HASH * const *a, + const BY_DIR_HASH * const *b) + { + if ((*a)->hash > (*b)->hash) + return 1; + if ((*a)->hash < (*b)->hash) + return -1; + return 0; + } + +static void by_dir_entry_free(BY_DIR_ENTRY *ent) + { + if (ent->dir) + OPENSSL_free(ent->dir); + if (ent->hashes) + sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free); + OPENSSL_free(ent); + } + static void free_dir(X509_LOOKUP *lu) { BY_DIR *a; - int i; a=(BY_DIR *)lu->method_data; - for (i=0; inum_dirs; i++) - if (a->dirs[i] != NULL) OPENSSL_free(a->dirs[i]); - if (a->dirs != NULL) OPENSSL_free(a->dirs); - if (a->dirs_type != NULL) OPENSSL_free(a->dirs_type); - if (a->buffer != NULL) BUF_MEM_free(a->buffer); + if (a->dirs != NULL) + sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free); + if (a->buffer != NULL) + BUF_MEM_free(a->buffer); OPENSSL_free(a); } static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) { int j,len; - int *ip; const char *s,*ss,*p; - char **pp; if (dir == NULL || !*dir) { @@ -197,49 +222,52 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) { if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) { + BY_DIR_ENTRY *ent; ss=s; s=p+1; len=(int)(p-ss); if (len == 0) continue; - for (j=0; jnum_dirs; j++) - if (strlen(ctx->dirs[j]) == (size_t)len && - strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0) + for (j=0; j < sk_BY_DIR_ENTRY_num(ctx->dirs); j++) + { + ent = sk_BY_DIR_ENTRY_value(ctx->dirs, j); + if (strlen(ent->dir) == (size_t)len && + strncmp(ent->dir,ss,(unsigned int)len) == 0) break; - if (jnum_dirs) + } + if (j < sk_BY_DIR_ENTRY_num(ctx->dirs)) continue; - if (ctx->num_dirs_alloced < (ctx->num_dirs+1)) + if (ctx->dirs == NULL) { - ctx->num_dirs_alloced+=10; - pp=(char **)OPENSSL_malloc(ctx->num_dirs_alloced* - sizeof(char *)); - ip=(int *)OPENSSL_malloc(ctx->num_dirs_alloced* - sizeof(int)); - if ((pp == NULL) || (ip == NULL)) + ctx->dirs = sk_BY_DIR_ENTRY_new_null(); + if (!ctx->dirs) { X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE); - return(0); + return 0; } - memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)* - sizeof(char *)); - memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)* - sizeof(int)); - if (ctx->dirs != NULL) - OPENSSL_free(ctx->dirs); - if (ctx->dirs_type != NULL) - OPENSSL_free(ctx->dirs_type); - ctx->dirs=pp; - ctx->dirs_type=ip; } - ctx->dirs_type[ctx->num_dirs]=type; - ctx->dirs[ctx->num_dirs]=(char *)OPENSSL_malloc((unsigned int)len+1); - if (ctx->dirs[ctx->num_dirs] == NULL) return(0); - strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len); - ctx->dirs[ctx->num_dirs][len]='\0'; - ctx->num_dirs++; + ent = OPENSSL_malloc(sizeof(BY_DIR_ENTRY)); + if (!ent) + return 0; + ent->dir_type = type; + ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp); + ent->dir = OPENSSL_malloc((unsigned int)len+1); + if (!ent->dir || !ent->hashes) + { + by_dir_entry_free(ent); + return 0; + } + strncpy(ent->dir,ss,(unsigned int)len); + ent->dir[len] = '\0'; + if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) + { + by_dir_entry_free(ent); + return 0; + } } - if (*p == '\0') break; + if (*p == '\0') + break; } - return(1); + return 1; } static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, @@ -260,7 +288,6 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, int i,j,k; unsigned long h; BUF_MEM *b=NULL; - struct stat st; X509_OBJECT stmp,*tmp; const char *postfix=""; @@ -296,20 +323,45 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, ctx=(BY_DIR *)xl->method_data; h=X509_NAME_hash(name); - for (i=0; inum_dirs; i++) + for (i=0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++) { - j=strlen(ctx->dirs[i])+1+8+6+1+1; + BY_DIR_ENTRY *ent; + int idx; + BY_DIR_HASH htmp, *hent; + ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i); + j=strlen(ent->dir)+1+8+6+1+1; if (!BUF_MEM_grow(b,j)) { X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE); goto finish; } - k=0; + if (type == X509_LU_CRL && ent->hashes) + { + htmp.hash = h; + CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE); + idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp); + if (idx >= 0) + { + hent = sk_BY_DIR_HASH_value(ent->hashes, idx); + k = hent->suffix; + } + else + { + hent = NULL; + k=0; + } + CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE); + } + else + { + k = 0; + hent = NULL; + } for (;;) { char c = '/'; #ifdef OPENSSL_SYS_VMS - c = ctx->dirs[i][strlen(ctx->dirs[i])-1]; + c = ent->dir[strlen(ent->dir)-1]; if (c != ':' && c != '>' && c != ']') { /* If no separator is present, we assume the @@ -330,41 +382,86 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, /* This is special. When c == '\0', no directory separator should be added. */ BIO_snprintf(b->data,b->max, - "%s%08lx.%s%d",ctx->dirs[i],h, + "%s%08lx.%s%d",ent->dir,h, postfix,k); } else { BIO_snprintf(b->data,b->max, - "%s%c%08lx.%s%d",ctx->dirs[i],c,h, + "%s%c%08lx.%s%d",ent->dir,c,h, postfix,k); } - k++; +#ifndef OPENSSL_NO_POSIX_IO +#ifdef _WIN32 +#define stat _stat +#endif + { + struct stat st; if (stat(b->data,&st) < 0) break; + } +#endif /* found one. */ if (type == X509_LU_X509) { if ((X509_load_cert_file(xl,b->data, - ctx->dirs_type[i])) == 0) + ent->dir_type)) == 0) break; } else if (type == X509_LU_CRL) { if ((X509_load_crl_file(xl,b->data, - ctx->dirs_type[i])) == 0) + ent->dir_type)) == 0) break; } /* else case will caught higher up */ + k++; } /* we have added it to the cache so now pull * it out again */ - CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); j = sk_X509_OBJECT_find(xl->store_ctx->objs,&stmp); if(j != -1) tmp=sk_X509_OBJECT_value(xl->store_ctx->objs,j); else tmp = NULL; - CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + + + /* If a CRL, update the last file suffix added for this */ + + if (type == X509_LU_CRL) + { + CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + /* Look for entry again in case another thread added + * an entry first. + */ + if (!hent) + { + htmp.hash = h; + idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp); + if (idx >= 0) + hent = + sk_BY_DIR_HASH_value(ent->hashes, idx); + } + if (!hent) + { + hent = OPENSSL_malloc(sizeof(BY_DIR_HASH)); + hent->hash = h; + hent->suffix = k; + if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) + { + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + OPENSSL_free(hent); + ok = 0; + goto finish; + } + } + else if (hent->suffix < k) + hent->suffix = k; + + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + + } if (tmp != NULL) { @@ -383,4 +480,3 @@ finish: if (b != NULL) BUF_MEM_free(b); return(ok); } - diff --git a/src/lib/libcrypto/x509/by_file.c b/src/lib/libcrypto/x509/by_file.c index a5e0d4aefa..57b08ee094 100644 --- a/src/lib/libcrypto/x509/by_file.c +++ b/src/lib/libcrypto/x509/by_file.c @@ -100,7 +100,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, case X509_L_FILE_LOAD: if (argl == X509_FILETYPE_DEFAULT) { - file = (char *)Getenv(X509_get_default_cert_file_env()); + file = (char *)getenv(X509_get_default_cert_file_env()); if (file) ok = (X509_load_cert_crl_file(ctx,file, X509_FILETYPE_PEM) != 0); diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h index e71b5257e5..604f4fb27f 100644 --- a/src/lib/libcrypto/x509/x509.h +++ b/src/lib/libcrypto/x509/x509.h @@ -116,6 +116,7 @@ extern "C" { /* Under Win32 these are defined in wincrypt.h */ #undef X509_NAME #undef X509_CERT_PAIR +#undef X509_EXTENSIONS #endif #define X509_FILETYPE_PEM 1 @@ -156,12 +157,12 @@ typedef struct X509_val_st ASN1_TIME *notAfter; } X509_VAL; -typedef struct X509_pubkey_st +struct X509_pubkey_st { X509_ALGOR *algor; ASN1_BIT_STRING *public_key; EVP_PKEY *pkey; - } X509_PUBKEY; + }; typedef struct X509_sig_st { @@ -190,7 +191,9 @@ struct X509_name_st #else char *bytes; #endif - unsigned long hash; /* Keep the hash around for lookups */ +/* unsigned long hash; Keep the hash around for lookups */ + unsigned char *canon_enc; + int canon_enclen; } /* X509_NAME */; DECLARE_STACK_OF(X509_NAME) @@ -289,8 +292,11 @@ struct x509_st unsigned long ex_xkusage; unsigned long ex_nscert; ASN1_OCTET_STRING *skid; - struct AUTHORITY_KEYID_st *akid; + AUTHORITY_KEYID *akid; X509_POLICY_CACHE *policy_cache; + STACK_OF(DIST_POINT) *crldp; + STACK_OF(GENERAL_NAME) *altname; + NAME_CONSTRAINTS *nc; #ifndef OPENSSL_NO_RFC3779 STACK_OF(IPAddressFamily) *rfc3779_addr; struct ASIdentifiers_st *rfc3779_asid; @@ -333,10 +339,11 @@ typedef struct x509_cert_pair_st { #define X509_TRUST_OBJECT_SIGN 5 #define X509_TRUST_OCSP_SIGN 6 #define X509_TRUST_OCSP_REQUEST 7 +#define X509_TRUST_TSA 8 /* Keep these up to date! */ #define X509_TRUST_MIN 1 -#define X509_TRUST_MAX 7 +#define X509_TRUST_MAX 8 /* trust_flags values */ @@ -423,13 +430,17 @@ typedef struct x509_cert_pair_st { XN_FLAG_FN_LN | \ XN_FLAG_FN_ALIGN) -typedef struct X509_revoked_st +struct x509_revoked_st { ASN1_INTEGER *serialNumber; ASN1_TIME *revocationDate; STACK_OF(X509_EXTENSION) /* optional */ *extensions; + /* Set up if indirect CRL */ + STACK_OF(GENERAL_NAME) *issuer; + /* Revocation reason */ + int reason; int sequence; /* load sequence */ - } X509_REVOKED; + }; DECLARE_STACK_OF(X509_REVOKED) DECLARE_ASN1_SET_OF(X509_REVOKED) @@ -453,6 +464,22 @@ struct X509_crl_st X509_ALGOR *sig_alg; ASN1_BIT_STRING *signature; int references; + int flags; + /* Copies of various extensions */ + AUTHORITY_KEYID *akid; + ISSUING_DIST_POINT *idp; + /* Convenient breakdown of IDP */ + int idp_flags; + int idp_reasons; + /* CRL and base CRL numbers for delta processing */ + ASN1_INTEGER *crl_number; + ASN1_INTEGER *base_crl_number; +#ifndef OPENSSL_NO_SHA + unsigned char sha1_hash[SHA_DIGEST_LENGTH]; +#endif + STACK_OF(GENERAL_NAMES) *issuers; + const X509_CRL_METHOD *meth; + void *meth_data; } /* X509_CRL */; DECLARE_STACK_OF(X509_CRL) @@ -551,18 +578,19 @@ X509_ALGOR *prf; /* PKCS#8 private key info structure */ -typedef struct pkcs8_priv_key_info_st +struct pkcs8_priv_key_info_st { int broken; /* Flag for various broken formats */ #define PKCS8_OK 0 #define PKCS8_NO_OCTET 1 #define PKCS8_EMBEDDED_PARAM 2 #define PKCS8_NS_DB 3 +#define PKCS8_NEG_PRIVKEY 4 ASN1_INTEGER *version; X509_ALGOR *pkeyalg; ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */ STACK_OF(X509_ATTRIBUTE) *attributes; - } PKCS8_PRIV_KEY_INFO; + }; #ifdef __cplusplus } @@ -575,151 +603,6 @@ typedef struct pkcs8_priv_key_info_st extern "C" { #endif -#ifdef SSLEAY_MACROS -#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\ - a->signature,(char *)a->cert_info,r) -#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \ - a->sig_alg,a->signature,(char *)a->req_info,r) -#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \ - a->sig_alg, a->signature,(char *)a->crl,r) - -#define X509_sign(x,pkey,md) \ - ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \ - x->sig_alg, x->signature, (char *)x->cert_info,pkey,md) -#define X509_REQ_sign(x,pkey,md) \ - ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \ - x->signature, (char *)x->req_info,pkey,md) -#define X509_CRL_sign(x,pkey,md) \ - ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \ - x->signature, (char *)x->crl,pkey,md) -#define NETSCAPE_SPKI_sign(x,pkey,md) \ - ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \ - x->signature, (char *)x->spkac,pkey,md) - -#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \ - (char *(*)())d2i_X509,(char *)x509) -#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\ - (int (*)())i2d_X509_ATTRIBUTE, \ - (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa) -#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \ - (int (*)())i2d_X509_EXTENSION, \ - (char *(*)())d2i_X509_EXTENSION,(char *)ex) -#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \ - (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)) -#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509) -#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \ - (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)) -#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509) - -#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \ - (char *(*)())d2i_X509_CRL,(char *)crl) -#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \ - X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\ - (unsigned char **)(crl)) -#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\ - (unsigned char *)crl) -#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \ - X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\ - (unsigned char **)(crl)) -#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\ - (unsigned char *)crl) - -#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \ - (char *(*)())d2i_PKCS7,(char *)p7) -#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \ - PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\ - (unsigned char **)(p7)) -#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\ - (unsigned char *)p7) -#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \ - PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\ - (unsigned char **)(p7)) -#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\ - (unsigned char *)p7) - -#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \ - (char *(*)())d2i_X509_REQ,(char *)req) -#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\ - X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\ - (unsigned char **)(req)) -#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\ - (unsigned char *)req) -#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\ - X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\ - (unsigned char **)(req)) -#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\ - (unsigned char *)req) - -#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \ - (char *(*)())d2i_RSAPublicKey,(char *)rsa) -#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \ - (char *(*)())d2i_RSAPrivateKey,(char *)rsa) - -#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ - RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \ - (unsigned char **)(rsa)) -#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \ - (unsigned char *)rsa) -#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ - RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \ - (unsigned char **)(rsa)) -#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \ - (unsigned char *)rsa) - -#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ - RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \ - (unsigned char **)(rsa)) -#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \ - (unsigned char *)rsa) -#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ - RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \ - (unsigned char **)(rsa)) -#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \ - (unsigned char *)rsa) - -#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\ - DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \ - (unsigned char **)(dsa)) -#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \ - (unsigned char *)dsa) -#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\ - DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \ - (unsigned char **)(dsa)) -#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ - (unsigned char *)dsa) - -#define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\ - EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \ - (unsigned char **)(ecdsa)) -#define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \ - (unsigned char *)ecdsa) -#define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\ - EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \ - (unsigned char **)(ecdsa)) -#define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \ - (unsigned char *)ecdsa) - -#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ - (char *(*)())d2i_X509_ALGOR,(char *)xn) - -#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \ - (char *(*)())d2i_X509_NAME,(char *)xn) -#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \ - (int (*)())i2d_X509_NAME_ENTRY, \ - (char *(*)())d2i_X509_NAME_ENTRY,\ - (char *)ne) - -#define X509_digest(data,type,md,len) \ - ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len) -#define X509_NAME_digest(data,type,md,len) \ - ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len) -#ifndef PKCS7_ISSUER_AND_SERIAL_digest -#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ - ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ - (char *)data,md,len) -#endif -#endif - #define X509_EXT_PACK_UNKNOWN 1 #define X509_EXT_PACK_STRING 2 @@ -740,6 +623,18 @@ extern "C" { #define X509_CRL_get_issuer(x) ((x)->crl->issuer) #define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) +void X509_CRL_set_default_method(const X509_CRL_METHOD *meth); +X509_CRL_METHOD *X509_CRL_METHOD_new( + int (*crl_init)(X509_CRL *crl), + int (*crl_free)(X509_CRL *crl), + int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, + ASN1_INTEGER *ser, X509_NAME *issuer), + int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)); +void X509_CRL_METHOD_free(X509_CRL_METHOD *m); + +void X509_CRL_set_meth_data(X509_CRL *crl, void *dat); +void *X509_CRL_get_meth_data(X509_CRL *crl); + /* This one is only used so that a binary form can output, as in * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ #define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) @@ -747,7 +642,6 @@ extern "C" { const char *X509_verify_cert_error_string(long n); -#ifndef SSLEAY_MACROS #ifndef OPENSSL_NO_EVP int X509_verify(X509 *a, EVP_PKEY *r); @@ -872,11 +766,11 @@ void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, X509_NAME *X509_NAME_dup(X509_NAME *xn); X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); -#endif /* !SSLEAY_MACROS */ - -int X509_cmp_time(ASN1_TIME *s, time_t *t); -int X509_cmp_current_time(ASN1_TIME *s); +int X509_cmp_time(const ASN1_TIME *s, time_t *t); +int X509_cmp_current_time(const ASN1_TIME *s); ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t); +ASN1_TIME * X509_time_adj_ex(ASN1_TIME *s, + int offset_day, long offset_sec, time_t *t); ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj); const char * X509_get_default_cert_area(void ); @@ -964,6 +858,9 @@ DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO) DECLARE_ASN1_FUNCTIONS(X509_CRL) int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); +int X509_CRL_get0_by_serial(X509_CRL *crl, + X509_REVOKED **ret, ASN1_INTEGER *serial); +int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x); X509_PKEY * X509_PKEY_new(void ); void X509_PKEY_free(X509_PKEY *a); @@ -1007,8 +904,8 @@ int X509_set_issuer_name(X509 *x, X509_NAME *name); X509_NAME * X509_get_issuer_name(X509 *a); int X509_set_subject_name(X509 *x, X509_NAME *name); X509_NAME * X509_get_subject_name(X509 *a); -int X509_set_notBefore(X509 *x, ASN1_TIME *tm); -int X509_set_notAfter(X509 *x, ASN1_TIME *tm); +int X509_set_notBefore(X509 *x, const ASN1_TIME *tm); +int X509_set_notAfter(X509 *x, const ASN1_TIME *tm); int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); EVP_PKEY * X509_get_pubkey(X509 *x); ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x); @@ -1045,8 +942,8 @@ int X509_REQ_add1_attr_by_txt(X509_REQ *req, int X509_CRL_set_version(X509_CRL *x, long version); int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); -int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm); -int X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm); +int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); +int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); int X509_CRL_sort(X509_CRL *crl); int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); @@ -1065,11 +962,18 @@ unsigned long X509_issuer_name_hash(X509 *a); int X509_subject_name_cmp(const X509 *a, const X509 *b); unsigned long X509_subject_name_hash(X509 *x); +#ifndef OPENSSL_NO_MD5 +unsigned long X509_issuer_name_hash_old(X509 *a); +unsigned long X509_subject_name_hash_old(X509 *x); +#endif + int X509_cmp(const X509 *a, const X509 *b); int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); unsigned long X509_NAME_hash(X509_NAME *x); +unsigned long X509_NAME_hash_old(X509_NAME *x); int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); +int X509_CRL_match(const X509_CRL *a, const X509_CRL *b); #ifndef OPENSSL_NO_FP_API int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag); int X509_print_fp(FILE *bp,X509 *x); @@ -1245,9 +1149,16 @@ DECLARE_ASN1_FUNCTIONS(PBEPARAM) DECLARE_ASN1_FUNCTIONS(PBE2PARAM) DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM) -X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen); +int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, + const unsigned char *salt, int saltlen); + +X509_ALGOR *PKCS5_pbe_set(int alg, int iter, + const unsigned char *salt, int saltlen); X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, unsigned char *salt, int saltlen); +X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, + unsigned char *salt, int saltlen, + unsigned char *aiv, int prf_nid); /* PKCS#8 utilities */ @@ -1258,6 +1169,22 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken); PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); +int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, + int version, int ptype, void *pval, + unsigned char *penc, int penclen); +int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, + const unsigned char **pk, int *ppklen, + X509_ALGOR **pa, + PKCS8_PRIV_KEY_INFO *p8); + +int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, + int ptype, void *pval, + unsigned char *penc, int penclen); +int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, + const unsigned char **pk, int *ppklen, + X509_ALGOR **pa, + X509_PUBKEY *pub); + int X509_check_trust(X509 *x, int id, int flags); int X509_TRUST_get_count(void); X509_TRUST * X509_TRUST_get0(int idx); @@ -1337,7 +1264,10 @@ void ERR_load_X509_strings(void); #define X509_R_KEY_VALUES_MISMATCH 116 #define X509_R_LOADING_CERT_DIR 103 #define X509_R_LOADING_DEFAULTS 104 +#define X509_R_METHOD_NOT_SUPPORTED 124 #define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 +#define X509_R_PUBLIC_KEY_DECODE_ERROR 125 +#define X509_R_PUBLIC_KEY_ENCODE_ERROR 126 #define X509_R_SHOULD_RETRY 106 #define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 #define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c index 2faf92514a..4bc9da07e0 100644 --- a/src/lib/libcrypto/x509/x509_cmp.c +++ b/src/lib/libcrypto/x509/x509_cmp.c @@ -116,6 +116,13 @@ int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer)); } +#ifndef OPENSSL_NO_SHA +int X509_CRL_match(const X509_CRL *a, const X509_CRL *b) + { + return memcmp(a->sha1_hash, b->sha1_hash, 20); + } +#endif + X509_NAME *X509_get_issuer_name(X509 *a) { return(a->cert_info->issuer); @@ -126,6 +133,13 @@ unsigned long X509_issuer_name_hash(X509 *x) return(X509_NAME_hash(x->cert_info->issuer)); } +#ifndef OPENSSL_NO_MD5 +unsigned long X509_issuer_name_hash_old(X509 *x) + { + return(X509_NAME_hash_old(x->cert_info->issuer)); + } +#endif + X509_NAME *X509_get_subject_name(X509 *a) { return(a->cert_info->subject); @@ -141,6 +155,13 @@ unsigned long X509_subject_name_hash(X509 *x) return(X509_NAME_hash(x->cert_info->subject)); } +#ifndef OPENSSL_NO_MD5 +unsigned long X509_subject_name_hash_old(X509 *x) + { + return(X509_NAME_hash_old(x->cert_info->subject)); + } +#endif + #ifndef OPENSSL_NO_SHA /* Compare two certificates: they must be identical for * this to work. NB: Although "cmp" operations are generally @@ -162,177 +183,63 @@ int X509_cmp(const X509 *a, const X509 *b) #endif -/* Case insensitive string comparision */ -static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b) -{ - int i; - - if (a->length != b->length) - return (a->length - b->length); - - for (i=0; ilength; i++) - { - int ca, cb; - - ca = tolower(a->data[i]); - cb = tolower(b->data[i]); - - if (ca != cb) - return(ca-cb); - } - return 0; -} - -/* Case insensitive string comparision with space normalization - * Space normalization - ignore leading, trailing spaces, - * multiple spaces between characters are replaced by single space - */ -static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b) -{ - unsigned char *pa = NULL, *pb = NULL; - int la, lb; - - la = a->length; - lb = b->length; - pa = a->data; - pb = b->data; - - /* skip leading spaces */ - while (la > 0 && isspace(*pa)) - { - la--; - pa++; - } - while (lb > 0 && isspace(*pb)) - { - lb--; - pb++; - } - - /* skip trailing spaces */ - while (la > 0 && isspace(pa[la-1])) - la--; - while (lb > 0 && isspace(pb[lb-1])) - lb--; - - /* compare strings with space normalization */ - while (la > 0 && lb > 0) +int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) { - int ca, cb; - - /* compare character */ - ca = tolower(*pa); - cb = tolower(*pb); - if (ca != cb) - return (ca - cb); + int ret; - pa++; pb++; - la--; lb--; + /* Ensure canonical encoding is present and up to date */ - if (la <= 0 || lb <= 0) - break; + if (!a->canon_enc || a->modified) + { + ret = i2d_X509_NAME((X509_NAME *)a, NULL); + if (ret < 0) + return -2; + } - /* is white space next character ? */ - if (isspace(*pa) && isspace(*pb)) + if (!b->canon_enc || b->modified) { - /* skip remaining white spaces */ - while (la > 0 && isspace(*pa)) - { - la--; - pa++; - } - while (lb > 0 && isspace(*pb)) - { - lb--; - pb++; - } + ret = i2d_X509_NAME((X509_NAME *)b, NULL); + if (ret < 0) + return -2; } - } - if (la > 0 || lb > 0) - return la - lb; - return 0; -} + ret = a->canon_enclen - b->canon_enclen; -static int asn1_string_memcmp(ASN1_STRING *a, ASN1_STRING *b) - { - int j; - j = a->length - b->length; - if (j) - return j; - return memcmp(a->data, b->data, a->length); - } + if (ret) + return ret; -#define STR_TYPE_CMP (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_UTF8STRING) + return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen); -int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) - { - int i,j; - X509_NAME_ENTRY *na,*nb; + } - unsigned long nabit, nbbit; +unsigned long X509_NAME_hash(X509_NAME *x) + { + unsigned long ret=0; + unsigned char md[SHA_DIGEST_LENGTH]; - j = sk_X509_NAME_ENTRY_num(a->entries) - - sk_X509_NAME_ENTRY_num(b->entries); - if (j) - return j; - for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--) - { - na=sk_X509_NAME_ENTRY_value(a->entries,i); - nb=sk_X509_NAME_ENTRY_value(b->entries,i); - j=na->value->type-nb->value->type; - if (j) - { - nabit = ASN1_tag2bit(na->value->type); - nbbit = ASN1_tag2bit(nb->value->type); - if (!(nabit & STR_TYPE_CMP) || - !(nbbit & STR_TYPE_CMP)) - return j; - if (!asn1_string_memcmp(na->value, nb->value)) - j = 0; - } - else if (na->value->type == V_ASN1_PRINTABLESTRING) - j=nocase_spacenorm_cmp(na->value, nb->value); - else if (na->value->type == V_ASN1_IA5STRING - && OBJ_obj2nid(na->object) == NID_pkcs9_emailAddress) - j=nocase_cmp(na->value, nb->value); - else - j = asn1_string_memcmp(na->value, nb->value); - if (j) return(j); - j=na->set-nb->set; - if (j) return(j); - } + /* Make sure X509_NAME structure contains valid cached encoding */ + i2d_X509_NAME(x,NULL); + EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), NULL); - /* We will check the object types after checking the values - * since the values will more often be different than the object - * types. */ - for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--) - { - na=sk_X509_NAME_ENTRY_value(a->entries,i); - nb=sk_X509_NAME_ENTRY_value(b->entries,i); - j=OBJ_cmp(na->object,nb->object); - if (j) return(j); - } - return(0); + ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| + ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) + )&0xffffffffL; + return(ret); } + #ifndef OPENSSL_NO_MD5 /* I now DER encode the name and hash it. Since I cache the DER encoding, * this is reasonably efficient. */ -unsigned long X509_NAME_hash(X509_NAME *x) + +unsigned long X509_NAME_hash_old(X509_NAME *x) { unsigned long ret=0; unsigned char md[16]; - EVP_MD_CTX md_ctx; /* Make sure X509_NAME structure contains valid cached encoding */ i2d_X509_NAME(x,NULL); - EVP_MD_CTX_init(&md_ctx); - EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); - EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL); - EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length); - EVP_DigestFinal_ex(&md_ctx,md,NULL); - EVP_MD_CTX_cleanup(&md_ctx); + EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL); ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) @@ -393,14 +300,19 @@ ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x) int X509_check_private_key(X509 *x, EVP_PKEY *k) { - EVP_PKEY *xk=NULL; - int ok=0; + EVP_PKEY *xk; + int ret; xk=X509_get_pubkey(x); - switch (EVP_PKEY_cmp(xk, k)) + + if (xk) + ret = EVP_PKEY_cmp(xk, k); + else + ret = -2; + + switch (ret) { case 1: - ok=1; break; case 0: X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); @@ -409,24 +321,11 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); break; case -2: -#ifndef OPENSSL_NO_EC - if (k->type == EVP_PKEY_EC) - { - X509err(X509_F_X509_CHECK_PRIVATE_KEY, ERR_R_EC_LIB); - break; - } -#endif -#ifndef OPENSSL_NO_DH - if (k->type == EVP_PKEY_DH) - { - /* No idea */ - X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); - break; - } -#endif X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); } - - EVP_PKEY_free(xk); - return(ok); + if (xk) + EVP_PKEY_free(xk); + if (ret > 0) + return 1; + return 0; } diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c index fb377292da..a01402f416 100644 --- a/src/lib/libcrypto/x509/x509_err.c +++ b/src/lib/libcrypto/x509/x509_err.c @@ -1,6 +1,6 @@ /* crypto/x509/x509_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -132,7 +132,10 @@ static ERR_STRING_DATA X509_str_reasons[]= {ERR_REASON(X509_R_KEY_VALUES_MISMATCH) ,"key values mismatch"}, {ERR_REASON(X509_R_LOADING_CERT_DIR) ,"loading cert dir"}, {ERR_REASON(X509_R_LOADING_DEFAULTS) ,"loading defaults"}, +{ERR_REASON(X509_R_METHOD_NOT_SUPPORTED) ,"method not supported"}, {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),"no cert set for us to verify"}, +{ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR),"public key decode error"}, +{ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR),"public key encode error"}, {ERR_REASON(X509_R_SHOULD_RETRY) ,"should retry"}, {ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),"unable to find parameters in chain"}, {ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY),"unable to get certs public key"}, diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c index cd2cfb6d85..3a6e04a1de 100644 --- a/src/lib/libcrypto/x509/x509_lu.c +++ b/src/lib/libcrypto/x509/x509_lu.c @@ -196,9 +196,17 @@ X509_STORE *X509_STORE_new(void) ret->get_crl = 0; ret->check_crl = 0; ret->cert_crl = 0; + ret->lookup_certs = 0; + ret->lookup_crls = 0; ret->cleanup = 0; - CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data); + if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data)) + { + sk_X509_OBJECT_free(ret->objs); + OPENSSL_free(ret); + return NULL; + } + ret->references=1; return ret; } @@ -286,9 +294,11 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name, X509_OBJECT stmp,*tmp; int i,j; + CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); tmp=X509_OBJECT_retrieve_by_subject(ctx->objs,type,name); + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - if (tmp == NULL) + if (tmp == NULL || type == X509_LU_CRL) { for (i=vs->current_method; iget_cert_methods); i++) { @@ -340,7 +350,6 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) X509_OBJECT_up_ref_count(obj); - if (X509_OBJECT_retrieve_match(ctx->objs, obj)) { X509_OBJECT_free_contents(obj); @@ -414,14 +423,15 @@ void X509_OBJECT_free_contents(X509_OBJECT *a) } } -int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, - X509_NAME *name) +static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type, + X509_NAME *name, int *pnmatch) { X509_OBJECT stmp; X509 x509_s; X509_CINF cinf_s; X509_CRL crl_s; X509_CRL_INFO crl_info_s; + int idx; stmp.type=type; switch (type) @@ -441,41 +451,169 @@ int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, return -1; } - return sk_X509_OBJECT_find(h,&stmp); + idx = sk_X509_OBJECT_find(h,&stmp); + if (idx >= 0 && pnmatch) + { + int tidx; + const X509_OBJECT *tobj, *pstmp; + *pnmatch = 1; + pstmp = &stmp; + for (tidx = idx + 1; tidx < sk_X509_OBJECT_num(h); tidx++) + { + tobj = sk_X509_OBJECT_value(h, tidx); + if (x509_object_cmp(&tobj, &pstmp)) + break; + (*pnmatch)++; + } + } + return idx; + } + + +int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, + X509_NAME *name) + { + return x509_object_idx_cnt(h, type, name, NULL); } X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type, X509_NAME *name) -{ + { int idx; idx = X509_OBJECT_idx_by_subject(h, type, name); if (idx==-1) return NULL; return sk_X509_OBJECT_value(h, idx); -} + } + +STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm) + { + int i, idx, cnt; + STACK_OF(X509) *sk; + X509 *x; + X509_OBJECT *obj; + sk = sk_X509_new_null(); + CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt); + if (idx < 0) + { + /* Nothing found in cache: do lookup to possibly add new + * objects to cache + */ + X509_OBJECT xobj; + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) + { + sk_X509_free(sk); + return NULL; + } + X509_OBJECT_free_contents(&xobj); + CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + idx = x509_object_idx_cnt(ctx->ctx->objs,X509_LU_X509,nm, &cnt); + if (idx < 0) + { + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + sk_X509_free(sk); + return NULL; + } + } + for (i = 0; i < cnt; i++, idx++) + { + obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx); + x = obj->data.x509; + CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); + if (!sk_X509_push(sk, x)) + { + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + X509_free(x); + sk_X509_pop_free(sk, X509_free); + return NULL; + } + } + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + return sk; + + } + +STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm) + { + int i, idx, cnt; + STACK_OF(X509_CRL) *sk; + X509_CRL *x; + X509_OBJECT *obj, xobj; + sk = sk_X509_CRL_new_null(); + CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + /* Check cache first */ + idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt); + + /* Always do lookup to possibly add new CRLs to cache + */ + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) + { + sk_X509_CRL_free(sk); + return NULL; + } + X509_OBJECT_free_contents(&xobj); + CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + idx = x509_object_idx_cnt(ctx->ctx->objs,X509_LU_CRL, nm, &cnt); + if (idx < 0) + { + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + sk_X509_CRL_free(sk); + return NULL; + } + + for (i = 0; i < cnt; i++, idx++) + { + obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx); + x = obj->data.crl; + CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL); + if (!sk_X509_CRL_push(sk, x)) + { + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + X509_CRL_free(x); + sk_X509_CRL_pop_free(sk, X509_CRL_free); + return NULL; + } + } + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + return sk; + } X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x) -{ + { int idx, i; X509_OBJECT *obj; idx = sk_X509_OBJECT_find(h, x); if (idx == -1) return NULL; - if (x->type != X509_LU_X509) return sk_X509_OBJECT_value(h, idx); + if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL)) + return sk_X509_OBJECT_value(h, idx); for (i = idx; i < sk_X509_OBJECT_num(h); i++) { obj = sk_X509_OBJECT_value(h, i); if (x509_object_cmp((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x)) return NULL; - if ((x->type != X509_LU_X509) || !X509_cmp(obj->data.x509, x->data.x509)) + if (x->type == X509_LU_X509) + { + if (!X509_cmp(obj->data.x509, x->data.x509)) + return obj; + } + else if (x->type == X509_LU_CRL) + { + if (!X509_CRL_match(obj->data.crl, x->data.crl)) + return obj; + } + else return obj; } return NULL; -} + } /* Try to get issuer certificate from store. Due to limitations * of the API this can only retrieve a single certificate matching * a given subject name. However it will fill the cache with all - * matching certificates, so we can examine the cache for all + * matching certificates, so we can examine the cache for all * matches. * * Return values are: @@ -483,13 +621,11 @@ X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x * 0 certificate not found. * -1 some other error. */ - - int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) -{ + { X509_NAME *xn; X509_OBJECT obj, *pobj; - int i, ok, idx; + int i, ok, idx, ret; xn=X509_get_issuer_name(x); ok=X509_STORE_get_by_subject(ctx,X509_LU_X509,xn,&obj); if (ok != X509_LU_X509) @@ -515,27 +651,34 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) return 1; } X509_OBJECT_free_contents(&obj); - /* Else find index of first matching cert */ - idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn); - /* This shouldn't normally happen since we already have one match */ - if (idx == -1) return 0; - /* Look through all matching certificates for a suitable issuer */ - for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) + /* Else find index of first cert accepted by 'check_issued' */ + ret = 0; + CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn); + if (idx != -1) /* should be true as we've had at least one match */ { - pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i); - /* See if we've ran out of matches */ - if (pobj->type != X509_LU_X509) return 0; - if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509))) return 0; - if (ctx->check_issued(ctx, x, pobj->data.x509)) + /* Look through all matching certs for suitable issuer */ + for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) { - *issuer = pobj->data.x509; - X509_OBJECT_up_ref_count(pobj); - return 1; + pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i); + /* See if we've run past the matches */ + if (pobj->type != X509_LU_X509) + break; + if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509))) + break; + if (ctx->check_issued(ctx, x, pobj->data.x509)) + { + *issuer = pobj->data.x509; + X509_OBJECT_up_ref_count(pobj); + ret = 1; + break; + } } } - return 0; -} + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + return ret; + } int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags) { @@ -563,5 +706,11 @@ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param) return X509_VERIFY_PARAM_set1(ctx->param, param); } +void X509_STORE_set_verify_cb(X509_STORE *ctx, + int (*verify_cb)(int, X509_STORE_CTX *)) + { + ctx->verify_cb = verify_cb; + } + IMPLEMENT_STACK_OF(X509_LOOKUP) IMPLEMENT_STACK_OF(X509_OBJECT) diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c index 1e718f76eb..21fed9f838 100644 --- a/src/lib/libcrypto/x509/x509_obj.c +++ b/src/lib/libcrypto/x509/x509_obj.c @@ -72,7 +72,7 @@ int i; char *p; unsigned char *q; BUF_MEM *b=NULL; - static char hex[17]="0123456789ABCDEF"; + static const char hex[17]="0123456789ABCDEF"; int gs_doit[4]; char tmp_buf[80]; #ifdef CHARSET_EBCDIC diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c index 3872e1fb64..48183dc00c 100644 --- a/src/lib/libcrypto/x509/x509_req.c +++ b/src/lib/libcrypto/x509/x509_req.c @@ -61,6 +61,7 @@ #include #include #include +#include #include #include #include @@ -205,10 +206,9 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) if(!ext || (ext->type != V_ASN1_SEQUENCE)) return NULL; p = ext->value.sequence->data; - return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p, - ext->value.sequence->length, - d2i_X509_EXTENSION, X509_EXTENSION_free, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); + return (STACK_OF(X509_EXTENSION) *) + ASN1_item_d2i(NULL, &p, ext->value.sequence->length, + ASN1_ITEM_rptr(X509_EXTENSIONS)); } /* Add a STACK_OF extensions to a certificate request: allow alternative OIDs @@ -218,8 +218,6 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, int nid) { - unsigned char *p = NULL, *q; - long len; ASN1_TYPE *at = NULL; X509_ATTRIBUTE *attr = NULL; if(!(at = ASN1_TYPE_new()) || @@ -227,15 +225,10 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, at->type = V_ASN1_SEQUENCE; /* Generate encoding of extensions */ - len = i2d_ASN1_SET_OF_X509_EXTENSION(exts, NULL, i2d_X509_EXTENSION, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); - if(!(p = OPENSSL_malloc(len))) goto err; - q = p; - i2d_ASN1_SET_OF_X509_EXTENSION(exts, &q, i2d_X509_EXTENSION, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); - at->value.sequence->data = p; - p = NULL; - at->value.sequence->length = len; + at->value.sequence->length = + ASN1_item_i2d((ASN1_VALUE *)exts, + &at->value.sequence->data, + ASN1_ITEM_rptr(X509_EXTENSIONS)); if(!(attr = X509_ATTRIBUTE_new())) goto err; if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; if(!sk_ASN1_TYPE_push(attr->value.set, at)) goto err; @@ -250,7 +243,6 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; return 1; err: - if(p) OPENSSL_free(p); X509_ATTRIBUTE_free(attr); ASN1_TYPE_free(at); return 0; diff --git a/src/lib/libcrypto/x509/x509_set.c b/src/lib/libcrypto/x509/x509_set.c index aaf61ca062..4b94fc5847 100644 --- a/src/lib/libcrypto/x509/x509_set.c +++ b/src/lib/libcrypto/x509/x509_set.c @@ -104,7 +104,7 @@ int X509_set_subject_name(X509 *x, X509_NAME *name) return(X509_NAME_set(&x->cert_info->subject,name)); } -int X509_set_notBefore(X509 *x, ASN1_TIME *tm) +int X509_set_notBefore(X509 *x, const ASN1_TIME *tm) { ASN1_TIME *in; @@ -122,7 +122,7 @@ int X509_set_notBefore(X509 *x, ASN1_TIME *tm) return(in != NULL); } -int X509_set_notAfter(X509 *x, ASN1_TIME *tm) +int X509_set_notAfter(X509 *x, const ASN1_TIME *tm) { ASN1_TIME *in; diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c index ed18700585..a6cb9c8b1b 100644 --- a/src/lib/libcrypto/x509/x509_trs.c +++ b/src/lib/libcrypto/x509/x509_trs.c @@ -84,7 +84,8 @@ static X509_TRUST trstandard[] = { {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL}, {X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign, NULL}, {X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL}, -{X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL} +{X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL}, +{X509_TRUST_TSA, 0, trust_1oidany, "TSA server", NID_time_stamp, NULL} }; #define X509_TRUST_COUNT (sizeof(trstandard)/sizeof(X509_TRUST)) diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c index 73a8ec726f..c44f753c46 100644 --- a/src/lib/libcrypto/x509/x509_txt.c +++ b/src/lib/libcrypto/x509/x509_txt.c @@ -162,8 +162,28 @@ const char *X509_verify_cert_error_string(long n) return("invalid or inconsistent certificate policy extension"); case X509_V_ERR_NO_EXPLICIT_POLICY: return("no explicit policy"); - case X509_V_ERR_UNNESTED_RESOURCE: - return("RFC 3779 resource not subset of parent's resources"); + case X509_V_ERR_DIFFERENT_CRL_SCOPE: + return("Different CRL scope"); + case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: + return("Unsupported extension feature"); + case X509_V_ERR_UNNESTED_RESOURCE: + return("RFC 3779 resource not subset of parent's resources"); + + case X509_V_ERR_PERMITTED_VIOLATION: + return("permitted subtree violation"); + case X509_V_ERR_EXCLUDED_VIOLATION: + return("excluded subtree violation"); + case X509_V_ERR_SUBTREE_MINMAX: + return("name constraints minimum and maximum not supported"); + case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: + return("unsupported name constraint type"); + case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: + return("unsupported or invalid name constraint syntax"); + case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: + return("unsupported or invalid name syntax"); + case X509_V_ERR_CRL_PATH_VALIDATION_ERROR: + return("CRL path validation error"); + default: BIO_snprintf(buf,sizeof buf,"error number %ld",n); return(buf); diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c index 336c40ddd7..87ebf62525 100644 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ b/src/lib/libcrypto/x509/x509_vfy.c @@ -70,14 +70,70 @@ #include #include +/* CRL score values */ + +/* No unhandled critical extensions */ + +#define CRL_SCORE_NOCRITICAL 0x100 + +/* certificate is within CRL scope */ + +#define CRL_SCORE_SCOPE 0x080 + +/* CRL times valid */ + +#define CRL_SCORE_TIME 0x040 + +/* Issuer name matches certificate */ + +#define CRL_SCORE_ISSUER_NAME 0x020 + +/* If this score or above CRL is probably valid */ + +#define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE) + +/* CRL issuer is certificate issuer */ + +#define CRL_SCORE_ISSUER_CERT 0x018 + +/* CRL issuer is on certificate path */ + +#define CRL_SCORE_SAME_PATH 0x008 + +/* CRL issuer matches CRL AKID */ + +#define CRL_SCORE_AKID 0x004 + +/* Have a delta CRL with valid times */ + +#define CRL_SCORE_TIME_DELTA 0x002 + static int null_callback(int ok,X509_STORE_CTX *e); static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x); static int check_chain_extensions(X509_STORE_CTX *ctx); +static int check_name_constraints(X509_STORE_CTX *ctx); static int check_trust(X509_STORE_CTX *ctx); static int check_revocation(X509_STORE_CTX *ctx); static int check_cert(X509_STORE_CTX *ctx); static int check_policy(X509_STORE_CTX *ctx); + +static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, + unsigned int *preasons, + X509_CRL *crl, X509 *x); +static int get_crl_delta(X509_STORE_CTX *ctx, + X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x); +static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pcrl_score, + X509_CRL *base, STACK_OF(X509_CRL) *crls); +static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, + X509 **pissuer, int *pcrl_score); +static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score, + unsigned int *preasons); +static int check_crl_path(X509_STORE_CTX *ctx, X509 *x); +static int check_crl_chain(X509_STORE_CTX *ctx, + STACK_OF(X509) *cert_path, + STACK_OF(X509) *crl_path); + static int internal_verify(X509_STORE_CTX *ctx); const char X509_version[]="X.509" OPENSSL_VERSION_PTEXT; @@ -289,6 +345,12 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if (!ok) goto end; + /* Check name constraints */ + + ok = check_name_constraints(ctx); + + if (!ok) goto end; + /* The chain extensions are OK: check trust */ if (param->trust > 0) ok = check_trust(ctx); @@ -398,8 +460,8 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) X509 *x; int (*cb)(int xok,X509_STORE_CTX *xctx); int proxy_path_length = 0; - int allow_proxy_certs = - !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); + int purpose; + int allow_proxy_certs; cb=ctx->verify_cb; /* must_be_ca can have 1 of 3 values: @@ -412,10 +474,22 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) */ must_be_ca = -1; - /* A hack to keep people who don't want to modify their software - happy */ - if (getenv("OPENSSL_ALLOW_PROXY_CERTS")) - allow_proxy_certs = 1; + /* CRL path validation */ + if (ctx->parent) + { + allow_proxy_certs = 0; + purpose = X509_PURPOSE_CRL_SIGN; + } + else + { + allow_proxy_certs = + !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); + /* A hack to keep people who don't want to modify their + software happy */ + if (getenv("OPENSSL_ALLOW_PROXY_CERTS")) + allow_proxy_certs = 1; + purpose = ctx->param->purpose; + } /* Check all untrusted certificates */ for (i = 0; i < ctx->last_untrusted; i++) @@ -482,8 +556,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) } if (ctx->param->purpose > 0) { - ret = X509_check_purpose(x, ctx->param->purpose, - must_be_ca > 0); + ret = X509_check_purpose(x, purpose, must_be_ca > 0); if ((ret == 0) || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && (ret != 1))) @@ -536,6 +609,42 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) #endif } +static int check_name_constraints(X509_STORE_CTX *ctx) + { + X509 *x; + int i, j, rv; + /* Check name constraints for all certificates */ + for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) + { + x = sk_X509_value(ctx->chain, i); + /* Ignore self issued certs unless last in chain */ + if (i && (x->ex_flags & EXFLAG_SI)) + continue; + /* Check against constraints for all certificates higher in + * chain including trust anchor. Trust anchor not strictly + * speaking needed but if it includes constraints it is to be + * assumed it expects them to be obeyed. + */ + for (j = sk_X509_num(ctx->chain) - 1; j > i; j--) + { + NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc; + if (nc) + { + rv = NAME_CONSTRAINTS_check(x, nc); + if (rv != X509_V_OK) + { + ctx->error = rv; + ctx->error_depth = i; + ctx->current_cert = x; + if (!ctx->verify_cb(0,ctx)) + return 0; + } + } + } + } + return 1; + } + static int check_trust(X509_STORE_CTX *ctx) { #ifdef OPENSSL_NO_CHAIN_VERIFY @@ -570,7 +679,12 @@ static int check_revocation(X509_STORE_CTX *ctx) if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL) last = sk_X509_num(ctx->chain) - 1; else + { + /* If checking CRL paths this isn't the EE certificate */ + if (ctx->parent) + return 1; last = 0; + } for(i = 0; i <= last; i++) { ctx->error_depth = i; @@ -582,30 +696,65 @@ static int check_revocation(X509_STORE_CTX *ctx) static int check_cert(X509_STORE_CTX *ctx) { - X509_CRL *crl = NULL; + X509_CRL *crl = NULL, *dcrl = NULL; X509 *x; int ok, cnum; cnum = ctx->error_depth; x = sk_X509_value(ctx->chain, cnum); ctx->current_cert = x; - /* Try to retrieve relevant CRL */ - ok = ctx->get_crl(ctx, &crl, x); - /* If error looking up CRL, nothing we can do except - * notify callback - */ - if(!ok) + ctx->current_issuer = NULL; + ctx->current_reasons = 0; + while (ctx->current_reasons != CRLDP_ALL_REASONS) { - ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL; - ok = ctx->verify_cb(0, ctx); - goto err; + /* Try to retrieve relevant CRL */ + if (ctx->get_crl) + ok = ctx->get_crl(ctx, &crl, x); + else + ok = get_crl_delta(ctx, &crl, &dcrl, x); + /* If error looking up CRL, nothing we can do except + * notify callback + */ + if(!ok) + { + ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL; + ok = ctx->verify_cb(0, ctx); + goto err; + } + ctx->current_crl = crl; + ok = ctx->check_crl(ctx, crl); + if (!ok) + goto err; + + if (dcrl) + { + ok = ctx->check_crl(ctx, dcrl); + if (!ok) + goto err; + ok = ctx->cert_crl(ctx, dcrl, x); + if (!ok) + goto err; + } + else + ok = 1; + + /* Don't look in full CRL if delta reason is removefromCRL */ + if (ok != 2) + { + ok = ctx->cert_crl(ctx, crl, x); + if (!ok) + goto err; + } + + X509_CRL_free(crl); + X509_CRL_free(dcrl); + crl = NULL; + dcrl = NULL; } - ctx->current_crl = crl; - ok = ctx->check_crl(ctx, crl); - if (!ok) goto err; - ok = ctx->cert_crl(ctx, crl, x); err: - ctx->current_crl = NULL; X509_CRL_free(crl); + X509_CRL_free(dcrl); + + ctx->current_crl = NULL; return ok; } @@ -616,7 +765,8 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) { time_t *ptime; int i; - ctx->current_crl = crl; + if (notify) + ctx->current_crl = crl; if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) ptime = &ctx->param->check_time; else @@ -625,15 +775,19 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); if (i == 0) { + if (!notify) + return 0; ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; - if (!notify || !ctx->verify_cb(0, ctx)) + if (!ctx->verify_cb(0, ctx)) return 0; } if (i > 0) { + if (!notify) + return 0; ctx->error=X509_V_ERR_CRL_NOT_YET_VALID; - if (!notify || !ctx->verify_cb(0, ctx)) + if (!ctx->verify_cb(0, ctx)) return 0; } @@ -643,92 +797,545 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) if (i == 0) { + if (!notify) + return 0; ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; - if (!notify || !ctx->verify_cb(0, ctx)) + if (!ctx->verify_cb(0, ctx)) return 0; } - - if (i < 0) + /* Ignore expiry of base CRL is delta is valid */ + if ((i < 0) && !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA)) { + if (!notify) + return 0; ctx->error=X509_V_ERR_CRL_HAS_EXPIRED; - if (!notify || !ctx->verify_cb(0, ctx)) + if (!ctx->verify_cb(0, ctx)) return 0; } } - ctx->current_crl = NULL; + if (notify) + ctx->current_crl = NULL; return 1; } -/* Lookup CRLs from the supplied list. Look for matching isser name - * and validity. If we can't find a valid CRL return the last one - * with matching name. This gives more meaningful error codes. Otherwise - * we'd get a CRL not found error if a CRL existed with matching name but - * was invalid. - */ - -static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, - X509_NAME *nm, STACK_OF(X509_CRL) *crls) +static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, + X509 **pissuer, int *pscore, unsigned int *preasons, + STACK_OF(X509_CRL) *crls) { - int i; + int i, crl_score, best_score = *pscore; + unsigned int reasons, best_reasons = 0; + X509 *x = ctx->current_cert; X509_CRL *crl, *best_crl = NULL; + X509 *crl_issuer = NULL, *best_crl_issuer = NULL; + for (i = 0; i < sk_X509_CRL_num(crls); i++) { crl = sk_X509_CRL_value(crls, i); - if (X509_NAME_cmp(nm, X509_CRL_get_issuer(crl))) - continue; - if (check_crl_time(ctx, crl, 0)) + reasons = *preasons; + crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x); + + if (crl_score > best_score) { - *pcrl = crl; - CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509); - return 1; + best_crl = crl; + best_crl_issuer = crl_issuer; + best_score = crl_score; + best_reasons = reasons; } - best_crl = crl; } + if (best_crl) { + if (*pcrl) + X509_CRL_free(*pcrl); *pcrl = best_crl; - CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509); + *pissuer = best_crl_issuer; + *pscore = best_score; + *preasons = best_reasons; + CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL); + if (*pdcrl) + { + X509_CRL_free(*pdcrl); + *pdcrl = NULL; + } + get_delta_sk(ctx, pdcrl, pscore, best_crl, crls); } - + + if (best_score >= CRL_SCORE_VALID) + return 1; + return 0; } -/* Retrieve CRL corresponding to certificate: currently just a - * subject lookup: maybe use AKID later... +/* Compare two CRL extensions for delta checking purposes. They should be + * both present or both absent. If both present all fields must be identical. */ -static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x) + +static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid) { - int ok; - X509_CRL *crl = NULL; - X509_OBJECT xobj; - X509_NAME *nm; - nm = X509_get_issuer_name(x); - ok = get_crl_sk(ctx, &crl, nm, ctx->crls); - if (ok) + ASN1_OCTET_STRING *exta, *extb; + int i; + i = X509_CRL_get_ext_by_NID(a, nid, 0); + if (i >= 0) { - *pcrl = crl; + /* Can't have multiple occurrences */ + if (X509_CRL_get_ext_by_NID(a, nid, i) != -1) + return 0; + exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i)); + } + else + exta = NULL; + + i = X509_CRL_get_ext_by_NID(b, nid, 0); + + if (i >= 0) + { + + if (X509_CRL_get_ext_by_NID(b, nid, i) != -1) + return 0; + extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i)); + } + else + extb = NULL; + + if (!exta && !extb) return 1; + + if (!exta || !extb) + return 0; + + + if (ASN1_OCTET_STRING_cmp(exta, extb)) + return 0; + + return 1; + } + +/* See if a base and delta are compatible */ + +static int check_delta_base(X509_CRL *delta, X509_CRL *base) + { + /* Delta CRL must be a delta */ + if (!delta->base_crl_number) + return 0; + /* Base must have a CRL number */ + if (!base->crl_number) + return 0; + /* Issuer names must match */ + if (X509_NAME_cmp(X509_CRL_get_issuer(base), + X509_CRL_get_issuer(delta))) + return 0; + /* AKID and IDP must match */ + if (!crl_extension_match(delta, base, NID_authority_key_identifier)) + return 0; + if (!crl_extension_match(delta, base, NID_issuing_distribution_point)) + return 0; + /* Delta CRL base number must not exceed Full CRL number. */ + if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0) + return 0; + /* Delta CRL number must exceed full CRL number */ + if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0) + return 1; + return 0; + } + +/* For a given base CRL find a delta... maybe extend to delta scoring + * or retrieve a chain of deltas... + */ + +static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore, + X509_CRL *base, STACK_OF(X509_CRL) *crls) + { + X509_CRL *delta; + int i; + if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS)) + return; + if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST)) + return; + for (i = 0; i < sk_X509_CRL_num(crls); i++) + { + delta = sk_X509_CRL_value(crls, i); + if (check_delta_base(delta, base)) + { + if (check_crl_time(ctx, delta, 0)) + *pscore |= CRL_SCORE_TIME_DELTA; + CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL); + *dcrl = delta; + return; + } + } + *dcrl = NULL; + } + +/* For a given CRL return how suitable it is for the supplied certificate 'x'. + * The return value is a mask of several criteria. + * If the issuer is not the certificate issuer this is returned in *pissuer. + * The reasons mask is also used to determine if the CRL is suitable: if + * no new reasons the CRL is rejected, otherwise reasons is updated. + */ + +static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, + unsigned int *preasons, + X509_CRL *crl, X509 *x) + { + + int crl_score = 0; + unsigned int tmp_reasons = *preasons, crl_reasons; + + /* First see if we can reject CRL straight away */ + + /* Invalid IDP cannot be processed */ + if (crl->idp_flags & IDP_INVALID) + return 0; + /* Reason codes or indirect CRLs need extended CRL support */ + if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) + { + if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS)) + return 0; + } + else if (crl->idp_flags & IDP_REASONS) + { + /* If no new reasons reject */ + if (!(crl->idp_reasons & ~tmp_reasons)) + return 0; + } + /* Don't process deltas at this stage */ + else if (crl->base_crl_number) + return 0; + /* If issuer name doesn't match certificate need indirect CRL */ + if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))) + { + if (!(crl->idp_flags & IDP_INDIRECT)) + return 0; + } + else + crl_score |= CRL_SCORE_ISSUER_NAME; + + if (!(crl->flags & EXFLAG_CRITICAL)) + crl_score |= CRL_SCORE_NOCRITICAL; + + /* Check expiry */ + if (check_crl_time(ctx, crl, 0)) + crl_score |= CRL_SCORE_TIME; + + /* Check authority key ID and locate certificate issuer */ + crl_akid_check(ctx, crl, pissuer, &crl_score); + + /* If we can't locate certificate issuer at this point forget it */ + + if (!(crl_score & CRL_SCORE_AKID)) + return 0; + + /* Check cert for matching CRL distribution points */ + + if (crl_crldp_check(x, crl, crl_score, &crl_reasons)) + { + /* If no new reasons reject */ + if (!(crl_reasons & ~tmp_reasons)) + return 0; + tmp_reasons |= crl_reasons; + crl_score |= CRL_SCORE_SCOPE; } - ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj); + *preasons = tmp_reasons; + + return crl_score; + + } + +static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, + X509 **pissuer, int *pcrl_score) + { + X509 *crl_issuer = NULL; + X509_NAME *cnm = X509_CRL_get_issuer(crl); + int cidx = ctx->error_depth; + int i; - if (!ok) + if (cidx != sk_X509_num(ctx->chain) - 1) + cidx++; + + crl_issuer = sk_X509_value(ctx->chain, cidx); + + if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) { - /* If we got a near match from get_crl_sk use that */ - if (crl) + if (*pcrl_score & CRL_SCORE_ISSUER_NAME) { - *pcrl = crl; - return 1; + *pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_ISSUER_CERT; + *pissuer = crl_issuer; + return; + } + } + + for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++) + { + crl_issuer = sk_X509_value(ctx->chain, cidx); + if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm)) + continue; + if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) + { + *pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_SAME_PATH; + *pissuer = crl_issuer; + return; + } + } + + /* Anything else needs extended CRL support */ + + if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) + return; + + /* Otherwise the CRL issuer is not on the path. Look for it in the + * set of untrusted certificates. + */ + for (i = 0; i < sk_X509_num(ctx->untrusted); i++) + { + crl_issuer = sk_X509_value(ctx->untrusted, i); + if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm)) + continue; + if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) + { + *pissuer = crl_issuer; + *pcrl_score |= CRL_SCORE_AKID; + return; } + } + } + +/* Check the path of a CRL issuer certificate. This creates a new + * X509_STORE_CTX and populates it with most of the parameters from the + * parent. This could be optimised somewhat since a lot of path checking + * will be duplicated by the parent, but this will rarely be used in + * practice. + */ + +static int check_crl_path(X509_STORE_CTX *ctx, X509 *x) + { + X509_STORE_CTX crl_ctx; + int ret; + /* Don't allow recursive CRL path validation */ + if (ctx->parent) return 0; + if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted)) + return -1; + + crl_ctx.crls = ctx->crls; + /* Copy verify params across */ + X509_STORE_CTX_set0_param(&crl_ctx, ctx->param); + + crl_ctx.parent = ctx; + crl_ctx.verify_cb = ctx->verify_cb; + + /* Verify CRL issuer */ + ret = X509_verify_cert(&crl_ctx); + + if (ret <= 0) + goto err; + + /* Check chain is acceptable */ + + ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain); + err: + X509_STORE_CTX_cleanup(&crl_ctx); + return ret; + } + +/* RFC3280 says nothing about the relationship between CRL path + * and certificate path, which could lead to situations where a + * certificate could be revoked or validated by a CA not authorised + * to do so. RFC5280 is more strict and states that the two paths must + * end in the same trust anchor, though some discussions remain... + * until this is resolved we use the RFC5280 version + */ + +static int check_crl_chain(X509_STORE_CTX *ctx, + STACK_OF(X509) *cert_path, + STACK_OF(X509) *crl_path) + { + X509 *cert_ta, *crl_ta; + cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1); + crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1); + if (!X509_cmp(cert_ta, crl_ta)) + return 1; + return 0; + } + +/* Check for match between two dist point names: three separate cases. + * 1. Both are relative names and compare X509_NAME types. + * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES. + * 3. Both are full names and compare two GENERAL_NAMES. + * 4. One is NULL: automatic match. + */ + + +static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b) + { + X509_NAME *nm = NULL; + GENERAL_NAMES *gens = NULL; + GENERAL_NAME *gena, *genb; + int i, j; + if (!a || !b) + return 1; + if (a->type == 1) + { + if (!a->dpname) + return 0; + /* Case 1: two X509_NAME */ + if (b->type == 1) + { + if (!b->dpname) + return 0; + if (!X509_NAME_cmp(a->dpname, b->dpname)) + return 1; + else + return 0; + } + /* Case 2: set name and GENERAL_NAMES appropriately */ + nm = a->dpname; + gens = b->name.fullname; + } + else if (b->type == 1) + { + if (!b->dpname) + return 0; + /* Case 2: set name and GENERAL_NAMES appropriately */ + gens = a->name.fullname; + nm = b->dpname; } - *pcrl = xobj.data.crl; + /* Handle case 2 with one GENERAL_NAMES and one X509_NAME */ + if (nm) + { + for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) + { + gena = sk_GENERAL_NAME_value(gens, i); + if (gena->type != GEN_DIRNAME) + continue; + if (!X509_NAME_cmp(nm, gena->d.directoryName)) + return 1; + } + return 0; + } + + /* Else case 3: two GENERAL_NAMES */ + + for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++) + { + gena = sk_GENERAL_NAME_value(a->name.fullname, i); + for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++) + { + genb = sk_GENERAL_NAME_value(b->name.fullname, j); + if (!GENERAL_NAME_cmp(gena, genb)) + return 1; + } + } + + return 0; + + } + +static int crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score) + { + int i; + X509_NAME *nm = X509_CRL_get_issuer(crl); + /* If no CRLissuer return is successful iff don't need a match */ + if (!dp->CRLissuer) + return !!(crl_score & CRL_SCORE_ISSUER_NAME); + for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) + { + GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i); + if (gen->type != GEN_DIRNAME) + continue; + if (!X509_NAME_cmp(gen->d.directoryName, nm)) + return 1; + } + return 0; + } + +/* Check CRLDP and IDP */ + +static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score, + unsigned int *preasons) + { + int i; + if (crl->idp_flags & IDP_ONLYATTR) + return 0; + if (x->ex_flags & EXFLAG_CA) + { + if (crl->idp_flags & IDP_ONLYUSER) + return 0; + } + else + { + if (crl->idp_flags & IDP_ONLYCA) + return 0; + } + *preasons = crl->idp_reasons; + for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) + { + DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i); + if (crldp_check_crlissuer(dp, crl, crl_score)) + { + if (!crl->idp || + idp_check_dp(dp->distpoint, crl->idp->distpoint)) + { + *preasons &= dp->dp_reasons; + return 1; + } + } + } + if ((!crl->idp || !crl->idp->distpoint) && (crl_score & CRL_SCORE_ISSUER_NAME)) + return 1; + return 0; + } + +/* Retrieve CRL corresponding to current certificate. + * If deltas enabled try to find a delta CRL too + */ + +static int get_crl_delta(X509_STORE_CTX *ctx, + X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x) + { + int ok; + X509 *issuer = NULL; + int crl_score = 0; + unsigned int reasons; + X509_CRL *crl = NULL, *dcrl = NULL; + STACK_OF(X509_CRL) *skcrl; + X509_NAME *nm = X509_get_issuer_name(x); + reasons = ctx->current_reasons; + ok = get_crl_sk(ctx, &crl, &dcrl, + &issuer, &crl_score, &reasons, ctx->crls); + + if (ok) + goto done; + + /* Lookup CRLs from store */ + + skcrl = ctx->lookup_crls(ctx, nm); + + /* If no CRLs found and a near match from get_crl_sk use that */ + if (!skcrl && crl) + goto done; + + get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl); + + sk_X509_CRL_pop_free(skcrl, X509_CRL_free); + + done: + + /* If we got any kind of CRL use it and return success */ if (crl) - X509_CRL_free(crl); - return 1; + { + ctx->current_issuer = issuer; + ctx->current_crl_score = crl_score; + ctx->current_reasons = reasons; + *pcrl = crl; + *pdcrl = dcrl; + return 1; + } + + return 0; } /* Check CRL validity */ @@ -739,10 +1346,14 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) int ok = 0, chnum, cnum; cnum = ctx->error_depth; chnum = sk_X509_num(ctx->chain) - 1; - /* Find CRL issuer: if not last certificate then issuer + /* if we have an alternative CRL issuer cert use that */ + if (ctx->current_issuer) + issuer = ctx->current_issuer; + + /* Else find CRL issuer: if not last certificate then issuer * is next certificate in chain. */ - if(cnum < chnum) + else if (cnum < chnum) issuer = sk_X509_value(ctx->chain, cnum + 1); else { @@ -758,13 +1369,52 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) if(issuer) { - /* Check for cRLSign bit if keyUsage present */ - if ((issuer->ex_flags & EXFLAG_KUSAGE) && - !(issuer->ex_kusage & KU_CRL_SIGN)) + /* Skip most tests for deltas because they have already + * been done + */ + if (!crl->base_crl_number) { - ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN; - ok = ctx->verify_cb(0, ctx); - if(!ok) goto err; + /* Check for cRLSign bit if keyUsage present */ + if ((issuer->ex_flags & EXFLAG_KUSAGE) && + !(issuer->ex_kusage & KU_CRL_SIGN)) + { + ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN; + ok = ctx->verify_cb(0, ctx); + if(!ok) goto err; + } + + if (!(ctx->current_crl_score & CRL_SCORE_SCOPE)) + { + ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE; + ok = ctx->verify_cb(0, ctx); + if(!ok) goto err; + } + + if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH)) + { + if (check_crl_path(ctx, ctx->current_issuer) <= 0) + { + ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR; + ok = ctx->verify_cb(0, ctx); + if(!ok) goto err; + } + } + + if (crl->idp_flags & IDP_INVALID) + { + ctx->error = X509_V_ERR_INVALID_EXTENSION; + ok = ctx->verify_cb(0, ctx); + if(!ok) goto err; + } + + + } + + if (!(ctx->current_crl_score & CRL_SCORE_TIME)) + { + ok = check_crl_time(ctx, crl, 1); + if (!ok) + goto err; } /* Attempt to get issuer certificate public key */ @@ -788,10 +1438,6 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) } } - ok = check_crl_time(ctx, crl, 1); - if (!ok) - goto err; - ok = 1; err: @@ -802,62 +1448,43 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) /* Check certificate against CRL */ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) { - int idx, ok; - X509_REVOKED rtmp; - STACK_OF(X509_EXTENSION) *exts; - X509_EXTENSION *ext; - /* Look for serial number of certificate in CRL */ - rtmp.serialNumber = X509_get_serialNumber(x); - /* Sort revoked into serial number order if not already sorted. - * Do this under a lock to avoid race condition. - */ - if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) + int ok; + X509_REVOKED *rev; + /* The rules changed for this... previously if a CRL contained + * unhandled critical extensions it could still be used to indicate + * a certificate was revoked. This has since been changed since + * critical extension can change the meaning of CRL entries. + */ + if (crl->flags & EXFLAG_CRITICAL) { - CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL); - sk_X509_REVOKED_sort(crl->crl->revoked); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL); + if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) + return 1; + ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION; + ok = ctx->verify_cb(0, ctx); + if(!ok) + return 0; } - idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp); - /* If found assume revoked: want something cleverer than - * this to handle entry extensions in V2 CRLs. + /* Look for serial number of certificate in CRL + * If found make sure reason is not removeFromCRL. */ - if(idx >= 0) + if (X509_CRL_get0_by_cert(crl, &rev, x)) { + if (rev->reason == CRL_REASON_REMOVE_FROM_CRL) + return 2; ctx->error = X509_V_ERR_CERT_REVOKED; ok = ctx->verify_cb(0, ctx); - if (!ok) return 0; + if (!ok) + return 0; } - if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) - return 1; - - /* See if we have any critical CRL extensions: since we - * currently don't handle any CRL extensions the CRL must be - * rejected. - * This code accesses the X509_CRL structure directly: applications - * shouldn't do this. - */ - - exts = crl->crl->extensions; - - for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) - { - ext = sk_X509_EXTENSION_value(exts, idx); - if (ext->critical > 0) - { - ctx->error = - X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION; - ok = ctx->verify_cb(0, ctx); - if(!ok) return 0; - break; - } - } return 1; } static int check_policy(X509_STORE_CTX *ctx) { int ret; + if (ctx->parent) + return 1; ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain, ctx->param->policies, ctx->param->flags); if (ret == 0) @@ -880,7 +1507,8 @@ static int check_policy(X509_STORE_CTX *ctx) continue; ctx->current_cert = x; ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION; - ret = ctx->verify_cb(0, ctx); + if(!ctx->verify_cb(0, ctx)) + return 0; } return 1; } @@ -986,7 +1614,12 @@ static int internal_verify(X509_STORE_CTX *ctx) while (n >= 0) { ctx->error_depth=n; - if (!xs->valid) + + /* Skip signature check for self signed certificates unless + * explicitly asked for. It doesn't add any security and + * just wastes time. + */ + if (!xs->valid && (xs != xi || (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE))) { if ((pkey=X509_get_pubkey(xi)) == NULL) { @@ -996,13 +1629,6 @@ static int internal_verify(X509_STORE_CTX *ctx) if (!ok) goto end; } else if (X509_verify(xs,pkey) <= 0) - /* XXX For the final trusted self-signed cert, - * this is a waste of time. That check should - * optional so that e.g. 'openssl x509' can be - * used to detect invalid self-signatures, but - * we don't verify again and again in SSL - * handshakes and the like once the cert has - * been declared trusted. */ { ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; ctx->current_cert=xs; @@ -1041,12 +1667,12 @@ end: return ok; } -int X509_cmp_current_time(ASN1_TIME *ctm) +int X509_cmp_current_time(const ASN1_TIME *ctm) { return X509_cmp_time(ctm, NULL); } -int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) +int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) { char *str; ASN1_TIME atm; @@ -1101,6 +1727,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) offset= -offset; } atm.type=ctm->type; + atm.flags = 0; atm.length=sizeof(buff2); atm.data=(unsigned char *)buff2; @@ -1129,19 +1756,28 @@ ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj) return X509_time_adj(s, adj, NULL); } -ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm) +ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm) + { + return X509_time_adj_ex(s, 0, offset_sec, in_tm); + } + +ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, + int offset_day, long offset_sec, time_t *in_tm) { time_t t; - int type = -1; if (in_tm) t = *in_tm; else time(&t); - t+=adj; - if (s) type = s->type; - if (type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t); - if (type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_set(s, t); - return ASN1_TIME_set(s, t); + if (s && !(s->flags & ASN1_STRING_FLAG_MSTRING)) + { + if (s->type == V_ASN1_UTCTIME) + return ASN1_UTCTIME_adj(s,t, offset_day, offset_sec); + if (s->type == V_ASN1_GENERALIZEDTIME) + return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, + offset_sec); + } + return ASN1_TIME_adj(s, t, offset_day, offset_sec); } int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) @@ -1244,6 +1880,21 @@ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx) return chain; } +X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx) + { + return ctx->current_issuer; + } + +X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx) + { + return ctx->current_crl; + } + +X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx) + { + return ctx->parent; + } + void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) { ctx->cert=x; @@ -1365,6 +2016,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, ctx->current_cert=NULL; ctx->current_issuer=NULL; ctx->tree = NULL; + ctx->parent = NULL; ctx->param = X509_VERIFY_PARAM_new(); @@ -1430,7 +2082,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, if (store && store->get_crl) ctx->get_crl = store->get_crl; else - ctx->get_crl = get_crl; + ctx->get_crl = NULL; if (store && store->check_crl) ctx->check_crl = store->check_crl; @@ -1442,6 +2094,16 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, else ctx->cert_crl = cert_crl; + if (store && store->lookup_certs) + ctx->lookup_certs = store->lookup_certs; + else + ctx->lookup_certs = X509_STORE_get1_certs; + + if (store && store->lookup_crls) + ctx->lookup_crls = store->lookup_crls; + else + ctx->lookup_crls = X509_STORE_get1_crls; + ctx->check_policy = check_policy; @@ -1474,7 +2136,8 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) if (ctx->cleanup) ctx->cleanup(ctx); if (ctx->param != NULL) { - X509_VERIFY_PARAM_free(ctx->param); + if (ctx->parent == NULL) + X509_VERIFY_PARAM_free(ctx->param); ctx->param=NULL; } if (ctx->tree != NULL) diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h index 76c76e1719..fe09b30aaa 100644 --- a/src/lib/libcrypto/x509/x509_vfy.h +++ b/src/lib/libcrypto/x509/x509_vfy.h @@ -77,6 +77,7 @@ extern "C" { #endif +#if 0 /* Outer object */ typedef struct x509_hash_dir_st { @@ -85,6 +86,7 @@ typedef struct x509_hash_dir_st int *dirs_type; int num_dirs_alloced; } X509_HASH_DIR_CTX; +#endif typedef struct x509_file_st { @@ -198,6 +200,8 @@ struct x509_store_st int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */ int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ + STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm); + STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm); int (*cleanup)(X509_STORE_CTX *ctx); CRYPTO_EX_DATA ex_data; @@ -246,6 +250,8 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ int (*check_policy)(X509_STORE_CTX *ctx); + STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm); + STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm); int (*cleanup)(X509_STORE_CTX *ctx); /* The following is built up */ @@ -263,6 +269,11 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ X509 *current_issuer; /* cert currently being tested as valid issuer */ X509_CRL *current_crl; /* current CRL */ + int current_crl_score; /* score of current CRL */ + unsigned int current_reasons; /* Reason mask */ + + X509_STORE_CTX *parent; /* For CRL path validation: parent context */ + CRYPTO_EX_DATA ex_data; } /* X509_STORE_CTX */; @@ -330,8 +341,18 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); #define X509_V_ERR_INVALID_EXTENSION 41 #define X509_V_ERR_INVALID_POLICY_EXTENSION 42 #define X509_V_ERR_NO_EXPLICIT_POLICY 43 +#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44 +#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45 + +#define X509_V_ERR_UNNESTED_RESOURCE 46 -#define X509_V_ERR_UNNESTED_RESOURCE 44 +#define X509_V_ERR_PERMITTED_VIOLATION 47 +#define X509_V_ERR_EXCLUDED_VIOLATION 48 +#define X509_V_ERR_SUBTREE_MINMAX 49 +#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51 +#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52 +#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53 +#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54 /* The application is not happy */ #define X509_V_ERR_APPLICATION_VERIFICATION 50 @@ -362,6 +383,13 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); #define X509_V_FLAG_INHIBIT_MAP 0x400 /* Notify callback that policy is OK */ #define X509_V_FLAG_NOTIFY_POLICY 0x800 +/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */ +#define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000 +/* Delta CRL support */ +#define X509_V_FLAG_USE_DELTAS 0x2000 +/* Check selfsigned CA signature */ +#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000 + #define X509_VP_FLAG_DEFAULT 0x1 #define X509_VP_FLAG_OVERWRITE 0x2 @@ -384,11 +412,16 @@ void X509_OBJECT_free_contents(X509_OBJECT *a); X509_STORE *X509_STORE_new(void ); void X509_STORE_free(X509_STORE *v); +STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm); +STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm); int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags); int X509_STORE_set_purpose(X509_STORE *ctx, int purpose); int X509_STORE_set_trust(X509_STORE *ctx, int trust); int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm); +void X509_STORE_set_verify_cb(X509_STORE *ctx, + int (*verify_cb)(int, X509_STORE_CTX *)); + X509_STORE_CTX *X509_STORE_CTX_new(void); int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); @@ -447,6 +480,9 @@ int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s); int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); +X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx); +X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx); +X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx); STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); diff --git a/src/lib/libcrypto/x509/x509cset.c b/src/lib/libcrypto/x509/x509cset.c index 7f4004b291..3109defb0b 100644 --- a/src/lib/libcrypto/x509/x509cset.c +++ b/src/lib/libcrypto/x509/x509cset.c @@ -81,7 +81,7 @@ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name) } -int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm) +int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm) { ASN1_TIME *in; @@ -99,7 +99,7 @@ int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm) return(in != NULL); } -int X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm) +int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm) { ASN1_TIME *in; diff --git a/src/lib/libcrypto/x509/x509name.c b/src/lib/libcrypto/x509/x509name.c index 068abfe5f0..27bc4dc9a3 100644 --- a/src/lib/libcrypto/x509/x509name.c +++ b/src/lib/libcrypto/x509/x509name.c @@ -356,7 +356,7 @@ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, return ASN1_STRING_set_by_NID(&ne->value, bytes, len, type, OBJ_obj2nid(ne->object)) ? 1 : 0; - if (len < 0) len=strlen((char *)bytes); + if (len < 0) len=strlen((const char *)bytes); i=ASN1_STRING_set(ne->value,bytes,len); if (!i) return(0); if (type != V_ASN1_UNDEF) diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c index 2cd994c5b0..3385ad3f67 100644 --- a/src/lib/libcrypto/x509/x509type.c +++ b/src/lib/libcrypto/x509/x509type.c @@ -91,6 +91,10 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey) break; case EVP_PKEY_DH: ret=EVP_PK_DH|EVP_PKT_EXCH; + break; + case NID_id_GostR3410_94: + case NID_id_GostR3410_2001: + ret=EVP_PKT_EXCH|EVP_PKT_SIGN; break; default: break; diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c index 9039caad60..ebae30b701 100644 --- a/src/lib/libcrypto/x509/x_all.c +++ b/src/lib/libcrypto/x509/x_all.c @@ -57,7 +57,6 @@ */ #include -#undef SSLEAY_MACROS #include #include "cryptlib.h" #include @@ -83,12 +82,6 @@ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) a->sig_alg,a->signature,a->req_info,r)); } -int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r) - { - return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO), - a->sig_alg, a->signature,a->crl,r)); - } - int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) { return(ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC), diff --git a/src/lib/libcrypto/x509v3/Makefile.ssl b/src/lib/libcrypto/x509v3/Makefile.ssl deleted file mode 100644 index 66df90c346..0000000000 --- a/src/lib/libcrypto/x509v3/Makefile.ssl +++ /dev/null @@ -1,603 +0,0 @@ -# -# SSLeay/crypto/x509v3/Makefile -# - -DIR= x509v3 -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile README -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \ -v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \ -v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \ -v3_ocsp.c v3_akeya.c -LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \ -v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \ -v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \ -v3_ocsp.o v3_akeya.o - -SRC= $(LIBSRC) - -EXHEADER= x509v3.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -v3_akey.o: ../../e_os.h ../../include/openssl/aes.h -v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_akey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_akey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_akey.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_akey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_akey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_akey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_akey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_akey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_akey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_akey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_akey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_akey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_akey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_akey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_akey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_akey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_akey.o: ../cryptlib.h v3_akey.c -v3_akeya.o: ../../e_os.h ../../include/openssl/aes.h -v3_akeya.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_akeya.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_akeya.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_akeya.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_akeya.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_akeya.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_akeya.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_akeya.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_akeya.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_akeya.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_akeya.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_akeya.o: ../../include/openssl/opensslconf.h -v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_akeya.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_akeya.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_akeya.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_akeya.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_akeya.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_akeya.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_akeya.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akeya.c -v3_alt.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_alt.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_alt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_alt.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_alt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_alt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_alt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_alt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_alt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_alt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_alt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_alt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_alt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_alt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_alt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_alt.o: ../cryptlib.h v3_alt.c -v3_bcons.o: ../../e_os.h ../../include/openssl/aes.h -v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_bcons.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_bcons.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_bcons.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_bcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_bcons.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_bcons.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_bcons.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_bcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_bcons.o: ../../include/openssl/opensslconf.h -v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_bcons.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_bcons.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_bcons.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_bcons.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_bcons.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_bcons.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_bcons.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bcons.c -v3_bitst.o: ../../e_os.h ../../include/openssl/aes.h -v3_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_bitst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -v3_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_bitst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bitst.c -v3_conf.o: ../../e_os.h ../../include/openssl/aes.h -v3_conf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_conf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_conf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_conf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_conf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_conf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_conf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_conf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -v3_conf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -v3_conf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_conf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_conf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_conf.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c -v3_cpols.o: ../../e_os.h ../../include/openssl/aes.h -v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_cpols.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_cpols.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_cpols.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_cpols.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_cpols.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_cpols.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_cpols.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_cpols.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_cpols.o: ../../include/openssl/opensslconf.h -v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_cpols.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_cpols.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_cpols.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_cpols.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_cpols.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_cpols.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_cpols.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_cpols.c -v3_crld.o: ../../e_os.h ../../include/openssl/aes.h -v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_crld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_crld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_crld.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_crld.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_crld.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_crld.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_crld.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_crld.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_crld.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_crld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_crld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_crld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_crld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_crld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_crld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_crld.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_crld.o: ../cryptlib.h v3_crld.c -v3_enum.o: ../../e_os.h ../../include/openssl/aes.h -v3_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_enum.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_enum.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_enum.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_enum.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_enum.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_enum.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_enum.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -v3_enum.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -v3_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_enum.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_enum.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_enum.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c -v3_extku.o: ../../e_os.h ../../include/openssl/aes.h -v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_extku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_extku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_extku.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_extku.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_extku.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_extku.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_extku.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_extku.o: ../../include/openssl/opensslconf.h -v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_extku.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_extku.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_extku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_extku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_extku.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_extku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_extku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_extku.c -v3_genn.o: ../../e_os.h ../../include/openssl/aes.h -v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_genn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_genn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_genn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_genn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_genn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_genn.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_genn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_genn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_genn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_genn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_genn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_genn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_genn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_genn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_genn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_genn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_genn.o: ../cryptlib.h v3_genn.c -v3_ia5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_ia5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_ia5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_ia5.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_ia5.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_ia5.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_ia5.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_ia5.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_ia5.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_ia5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_ia5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_ia5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_ia5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_ia5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_ia5.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_ia5.o: ../cryptlib.h v3_ia5.c -v3_info.o: ../../e_os.h ../../include/openssl/aes.h -v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_info.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_info.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_info.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_info.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_info.o: ../cryptlib.h v3_info.c -v3_int.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_int.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_int.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_int.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_int.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_int.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_int.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_int.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_int.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_int.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_int.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_int.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_int.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_int.o: ../cryptlib.h v3_int.c -v3_lib.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_lib.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c -v3_ocsp.o: ../../e_os.h ../../include/openssl/aes.h -v3_ocsp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_ocsp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_ocsp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -v3_ocsp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_ocsp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_ocsp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_ocsp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_ocsp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_ocsp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -v3_ocsp.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h -v3_ocsp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_ocsp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_ocsp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_ocsp.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_ocsp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_ocsp.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_ocsp.o: ../cryptlib.h v3_ocsp.c -v3_pku.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_pku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -v3_pku.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -v3_pku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_pku.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_pku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_pku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_pku.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_pku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_pku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_pku.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_pku.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_pku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_pku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_pku.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_pku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_pku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pku.c -v3_prn.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_prn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_prn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_prn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_prn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_prn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_prn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_prn.o: ../cryptlib.h v3_prn.c -v3_purp.o: ../../e_os.h ../../include/openssl/aes.h -v3_purp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_purp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_purp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_purp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_purp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_purp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_purp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_purp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -v3_purp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -v3_purp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_purp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_purp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_purp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c -v3_skey.o: ../../e_os.h ../../include/openssl/aes.h -v3_skey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_skey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_skey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_skey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_skey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_skey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_skey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -v3_skey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -v3_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_skey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_skey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_skey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c -v3_sxnet.o: ../../e_os.h ../../include/openssl/aes.h -v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_sxnet.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_sxnet.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_sxnet.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_sxnet.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_sxnet.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_sxnet.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_sxnet.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_sxnet.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_sxnet.o: ../../include/openssl/opensslconf.h -v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_sxnet.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_sxnet.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_sxnet.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_sxnet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_sxnet.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_sxnet.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_sxnet.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_sxnet.c -v3_utl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_utl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_utl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_utl.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_utl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_utl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_utl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_utl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_utl.o: ../cryptlib.h v3_utl.c -v3err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3err.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3err.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3err.o: v3err.c diff --git a/src/lib/libcrypto/x509v3/ext_dat.h b/src/lib/libcrypto/x509v3/ext_dat.h index 3eaec46f8a..76daee6fcd 100644 --- a/src/lib/libcrypto/x509v3/ext_dat.h +++ b/src/lib/libcrypto/x509v3/ext_dat.h @@ -61,21 +61,19 @@ extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku; extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info, v3_sinfo; extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id; extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate; -extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld; +extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld, v3_freshest_crl; extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff; extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc; extern X509V3_EXT_METHOD v3_crl_hold, v3_pci; extern X509V3_EXT_METHOD v3_policy_mappings, v3_policy_constraints; -extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp; -#ifndef OPENSSL_NO_RFC3779 +extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp, v3_idp; extern X509V3_EXT_METHOD v3_addr, v3_asid; -#endif /* This table will be searched using OBJ_bsearch so it *must* kept in * order of the ext_nid values. */ -static X509V3_EXT_METHOD *standard_exts[] = { +static const X509V3_EXT_METHOD *standard_exts[] = { &v3_nscert, &v3_ns_ia5_list[0], &v3_ns_ia5_list[1], @@ -122,7 +120,10 @@ static X509V3_EXT_METHOD *standard_exts[] = { &v3_pci, &v3_name_constraints, &v3_policy_mappings, -&v3_inhibit_anyp +&v3_inhibit_anyp, +&v3_idp, +&v3_alt[2], +&v3_freshest_crl, }; /* Number of standard extensions */ diff --git a/src/lib/libcrypto/x509v3/pcy_data.c b/src/lib/libcrypto/x509v3/pcy_data.c index fb392b901f..3444b03195 100644 --- a/src/lib/libcrypto/x509v3/pcy_data.c +++ b/src/lib/libcrypto/x509v3/pcy_data.c @@ -82,17 +82,21 @@ void policy_data_free(X509_POLICY_DATA *data) * another source. */ -X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id, int crit) +X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, + const ASN1_OBJECT *cid, int crit) { X509_POLICY_DATA *ret; - if (!policy && !id) + ASN1_OBJECT *id; + if (!policy && !cid) return NULL; - if (id) + if (cid) { - id = OBJ_dup(id); + id = OBJ_dup(cid); if (!id) return NULL; } + else + id = NULL; ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA)); if (!ret) return NULL; diff --git a/src/lib/libcrypto/x509v3/pcy_tree.c b/src/lib/libcrypto/x509v3/pcy_tree.c index 6c87a7f506..92f6b24556 100644 --- a/src/lib/libcrypto/x509v3/pcy_tree.c +++ b/src/lib/libcrypto/x509v3/pcy_tree.c @@ -62,6 +62,75 @@ #include "pcy_int.h" +/* Enable this to print out the complete policy tree at various point during + * evaluation. + */ + +/*#define OPENSSL_POLICY_DEBUG*/ + +#ifdef OPENSSL_POLICY_DEBUG + +static void expected_print(BIO *err, X509_POLICY_LEVEL *lev, + X509_POLICY_NODE *node, int indent) + { + if ( (lev->flags & X509_V_FLAG_INHIBIT_MAP) + || !(node->data->flags & POLICY_DATA_FLAG_MAP_MASK)) + BIO_puts(err, " Not Mapped\n"); + else + { + int i; + STACK_OF(ASN1_OBJECT) *pset = node->data->expected_policy_set; + ASN1_OBJECT *oid; + BIO_puts(err, " Expected: "); + for (i = 0; i < sk_ASN1_OBJECT_num(pset); i++) + { + oid = sk_ASN1_OBJECT_value(pset, i); + if (i) + BIO_puts(err, ", "); + i2a_ASN1_OBJECT(err, oid); + } + BIO_puts(err, "\n"); + } + } + +static void tree_print(char *str, X509_POLICY_TREE *tree, + X509_POLICY_LEVEL *curr) + { + X509_POLICY_LEVEL *plev; + X509_POLICY_NODE *node; + int i; + BIO *err; + err = BIO_new_fp(stderr, BIO_NOCLOSE); + if (!curr) + curr = tree->levels + tree->nlevel; + else + curr++; + BIO_printf(err, "Level print after %s\n", str); + BIO_printf(err, "Printing Up to Level %ld\n", curr - tree->levels); + for (plev = tree->levels; plev != curr; plev++) + { + BIO_printf(err, "Level %ld, flags = %x\n", + plev - tree->levels, plev->flags); + for (i = 0; i < sk_X509_POLICY_NODE_num(plev->nodes); i++) + { + node = sk_X509_POLICY_NODE_value(plev->nodes, i); + X509_POLICY_NODE_print(err, node, 2); + expected_print(err, plev, node, 2); + BIO_printf(err, " Flags: %x\n", node->data->flags); + } + if (plev->anyPolicy) + X509_POLICY_NODE_print(err, plev->anyPolicy, 2); + } + + BIO_free(err); + + } +#else + +#define tree_print(a,b,c) /* */ + +#endif + /* Initialize policy tree. Return values: * 0 Some internal error occured. * -1 Inconsistent or invalid extensions in certificates. @@ -87,8 +156,10 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, *ptree = NULL; n = sk_X509_num(certs); +#if 0 /* Disable policy mapping for now... */ flags |= X509_V_FLAG_INHIBIT_MAP; +#endif if (flags & X509_V_FLAG_EXPLICIT_POLICY) explicit_policy = 0; @@ -160,7 +231,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, tree->auth_policies = NULL; tree->user_policies = NULL; - if (!tree) + if (!tree->levels) { OPENSSL_free(tree); return 0; @@ -184,7 +255,6 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, level++; x = sk_X509_value(certs, i); cache = policy_cache_set(x); - CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); level->cert = x; @@ -213,13 +283,13 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, level->flags |= X509_V_FLAG_INHIBIT_MAP; else { - map_skip--; + if (!(x->ex_flags & EXFLAG_SI)) + map_skip--; if ((cache->map_skip >= 0) && (cache->map_skip < map_skip)) map_skip = cache->map_skip; } - } *ptree = tree; @@ -237,7 +307,32 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, } -/* This corresponds to RFC3280 XXXX XXXXX: +static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr, + const X509_POLICY_DATA *data) + { + X509_POLICY_LEVEL *last = curr - 1; + X509_POLICY_NODE *node; + int i, matched = 0; + /* Iterate through all in nodes linking matches */ + for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++) + { + node = sk_X509_POLICY_NODE_value(last->nodes, i); + if (policy_node_match(last, node, data->valid_policy)) + { + if (!level_add_node(curr, data, node, NULL)) + return 0; + matched = 1; + } + } + if (!matched && last->anyPolicy) + { + if (!level_add_node(curr, data, last->anyPolicy, NULL)) + return 0; + } + return 1; + } + +/* This corresponds to RFC3280 6.1.3(d)(1): * link any data from CertificatePolicies onto matching parent * or anyPolicy if no match. */ @@ -248,7 +343,6 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr, int i; X509_POLICY_LEVEL *last; X509_POLICY_DATA *data; - X509_POLICY_NODE *parent; last = curr - 1; for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) { @@ -261,40 +355,109 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr, * link because then it will have the mapping flags * right and we can prune it later. */ +#if 0 if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY) && !(curr->flags & X509_V_FLAG_INHIBIT_ANY)) continue; - /* Look for matching node in parent */ - parent = level_find_node(last, data->valid_policy); - /* If no match link to anyPolicy */ - if (!parent) - parent = last->anyPolicy; - if (parent && !level_add_node(curr, data, parent, NULL)) +#endif + /* Look for matching nodes in previous level */ + if (!tree_link_matching_nodes(curr, data)) return 0; } return 1; } -/* This corresponds to RFC3280 XXXX XXXXX: +/* This corresponds to RFC3280 6.1.3(d)(2): * Create new data for any unmatched policies in the parent and link * to anyPolicy. */ +static int tree_add_unmatched(X509_POLICY_LEVEL *curr, + const X509_POLICY_CACHE *cache, + const ASN1_OBJECT *id, + X509_POLICY_NODE *node, + X509_POLICY_TREE *tree) + { + X509_POLICY_DATA *data; + if (id == NULL) + id = node->data->valid_policy; + /* Create a new node with qualifiers from anyPolicy and + * id from unmatched node. + */ + data = policy_data_new(NULL, id, node_critical(node)); + + if (data == NULL) + return 0; + /* Curr may not have anyPolicy */ + data->qualifier_set = cache->anyPolicy->qualifier_set; + data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS; + if (!level_add_node(curr, data, node, tree)) + { + policy_data_free(data); + return 0; + } + + return 1; + } + +static int tree_link_unmatched(X509_POLICY_LEVEL *curr, + const X509_POLICY_CACHE *cache, + X509_POLICY_NODE *node, + X509_POLICY_TREE *tree) + { + const X509_POLICY_LEVEL *last = curr - 1; + int i; + + if ( (last->flags & X509_V_FLAG_INHIBIT_MAP) + || !(node->data->flags & POLICY_DATA_FLAG_MAPPED)) + { + /* If no policy mapping: matched if one child present */ + if (node->nchild) + return 1; + if (!tree_add_unmatched(curr, cache, NULL, node, tree)) + return 0; + /* Add it */ + } + else + { + /* If mapping: matched if one child per expected policy set */ + STACK_OF(ASN1_OBJECT) *expset = node->data->expected_policy_set; + if (node->nchild == sk_ASN1_OBJECT_num(expset)) + return 1; + /* Locate unmatched nodes */ + for (i = 0; i < sk_ASN1_OBJECT_num(expset); i++) + { + ASN1_OBJECT *oid = sk_ASN1_OBJECT_value(expset, i); + if (level_find_node(curr, node, oid)) + continue; + if (!tree_add_unmatched(curr, cache, oid, node, tree)) + return 0; + } + + } + + return 1; + + } + static int tree_link_any(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache, X509_POLICY_TREE *tree) { int i; - X509_POLICY_DATA *data; + /*X509_POLICY_DATA *data;*/ X509_POLICY_NODE *node; - X509_POLICY_LEVEL *last; - - last = curr - 1; + X509_POLICY_LEVEL *last = curr - 1; for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++) { node = sk_X509_POLICY_NODE_value(last->nodes, i); + if (!tree_link_unmatched(curr, cache, node, tree)) + return 0; + +#if 0 + /* Skip any node with any children: we only want unmathced * nodes. * @@ -303,6 +466,7 @@ static int tree_link_any(X509_POLICY_LEVEL *curr, */ if (node->nchild) continue; + /* Create a new node with qualifiers from anyPolicy and * id from unmatched node. */ @@ -319,6 +483,9 @@ static int tree_link_any(X509_POLICY_LEVEL *curr, policy_data_free(data); return 0; } + +#endif + } /* Finally add link to anyPolicy */ if (last->anyPolicy) @@ -337,30 +504,36 @@ static int tree_link_any(X509_POLICY_LEVEL *curr, static int tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr) { + STACK_OF(X509_POLICY_NODE) *nodes; X509_POLICY_NODE *node; int i; - for (i = sk_X509_POLICY_NODE_num(curr->nodes) - 1; i >= 0; i--) + nodes = curr->nodes; + if (curr->flags & X509_V_FLAG_INHIBIT_MAP) { - node = sk_X509_POLICY_NODE_value(curr->nodes, i); - /* Delete any mapped data: see RFC3280 XXXX */ - if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK) + for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) { - node->parent->nchild--; - OPENSSL_free(node); - (void)sk_X509_POLICY_NODE_delete(curr->nodes, i); + node = sk_X509_POLICY_NODE_value(nodes, i); + /* Delete any mapped data: see RFC3280 XXXX */ + if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK) + { + node->parent->nchild--; + OPENSSL_free(node); + (void)sk_X509_POLICY_NODE_delete(nodes,i); + } } } for(;;) { --curr; - for (i = sk_X509_POLICY_NODE_num(curr->nodes) - 1; i >= 0; i--) + nodes = curr->nodes; + for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) { - node = sk_X509_POLICY_NODE_value(curr->nodes, i); + node = sk_X509_POLICY_NODE_value(nodes, i); if (node->nchild == 0) { node->parent->nchild--; OPENSSL_free(node); - (void)sk_X509_POLICY_NODE_delete(curr->nodes, i); + (void)sk_X509_POLICY_NODE_delete(nodes, i); } } if (curr->anyPolicy && !curr->anyPolicy->nchild) @@ -536,6 +709,7 @@ static int tree_evaluate(X509_POLICY_TREE *tree) if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY) && !tree_link_any(curr, cache, tree)) return 0; + tree_print("before tree_prune()", tree, curr); ret = tree_prune(tree, curr); if (ret != 1) return ret; @@ -604,7 +778,6 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, *pexplicit_policy = 0; ret = tree_init(&tree, certs, flags); - switch (ret) { @@ -612,6 +785,10 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, case 2: return 1; + /* Some internal error */ + case -1: + return -1; + /* Some internal error */ case 0: return 0; @@ -646,6 +823,8 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, if (!tree) goto error; ret = tree_evaluate(tree); + tree_print("tree_evaluate()", tree, NULL); + if (ret <= 0) goto error; diff --git a/src/lib/libcrypto/x509v3/v3_addr.c b/src/lib/libcrypto/x509v3/v3_addr.c index efdf7c3ba7..9087d66e0a 100644 --- a/src/lib/libcrypto/x509v3/v3_addr.c +++ b/src/lib/libcrypto/x509v3/v3_addr.c @@ -236,7 +236,7 @@ static int i2r_IPAddressOrRanges(BIO *out, /* * i2r handler for an IPAddrBlocks extension. */ -static int i2r_IPAddrBlocks(X509V3_EXT_METHOD *method, +static int i2r_IPAddrBlocks(const X509V3_EXT_METHOD *method, void *ext, BIO *out, int indent) @@ -315,8 +315,7 @@ static int IPAddressOrRange_cmp(const IPAddressOrRange *a, const int length) { unsigned char addr_a[ADDR_RAW_BUF_LEN], addr_b[ADDR_RAW_BUF_LEN]; - int prefixlen_a = 0; - int prefixlen_b = 0; + int prefixlen_a = 0, prefixlen_b = 0; int r; switch (a->type) { @@ -596,10 +595,10 @@ static IPAddressOrRanges *make_prefix_or_range(IPAddrBlocks *addr, return NULL; switch (afi) { case IANA_AFI_IPV4: - (void)sk_IPAddressOrRange_set_cmp_func(aors, v4IPAddressOrRange_cmp); + sk_IPAddressOrRange_set_cmp_func(aors, v4IPAddressOrRange_cmp); break; case IANA_AFI_IPV6: - (void)sk_IPAddressOrRange_set_cmp_func(aors, v6IPAddressOrRange_cmp); + sk_IPAddressOrRange_set_cmp_func(aors, v6IPAddressOrRange_cmp); break; } f->ipAddressChoice->type = IPAddressChoice_addressesOrRanges; @@ -856,7 +855,7 @@ static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors, if (!make_addressRange(&merged, a_min, b_max, length)) return 0; sk_IPAddressOrRange_set(aors, i, merged); - (void)sk_IPAddressOrRange_delete(aors, i + 1); + sk_IPAddressOrRange_delete(aors, i + 1); IPAddressOrRange_free(a); IPAddressOrRange_free(b); --i; @@ -880,7 +879,7 @@ int v3_addr_canonize(IPAddrBlocks *addr) v3_addr_get_afi(f))) return 0; } - (void)sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp); + sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp); sk_IPAddressFamily_sort(addr); OPENSSL_assert(v3_addr_is_canonical(addr)); return 1; @@ -889,7 +888,7 @@ int v3_addr_canonize(IPAddrBlocks *addr) /* * v2i handler for the IPAddrBlocks extension. */ -static void *v2i_IPAddrBlocks(struct v3_ext_method *method, +static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values) { @@ -1125,7 +1124,7 @@ int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b) return 1; if (b == NULL || v3_addr_inherits(a) || v3_addr_inherits(b)) return 0; - (void)sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp); + sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp); for (i = 0; i < sk_IPAddressFamily_num(a); i++) { IPAddressFamily *fa = sk_IPAddressFamily_value(a, i); int j = sk_IPAddressFamily_find(b, fa); @@ -1167,7 +1166,7 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, { IPAddrBlocks *child = NULL; int i, j, ret = 1; - X509 *x = NULL; + X509 *x; OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0); OPENSSL_assert(ctx != NULL || ext != NULL); @@ -1180,6 +1179,7 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, */ if (ext != NULL) { i = -1; + x = NULL; } else { i = 0; x = sk_X509_value(chain, i); @@ -1189,7 +1189,7 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, } if (!v3_addr_is_canonical(ext)) validation_err(X509_V_ERR_INVALID_EXTENSION); - (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp); + sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp); if ((child = sk_IPAddressFamily_dup(ext)) == NULL) { X509V3err(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL, ERR_R_MALLOC_FAILURE); ret = 0; @@ -1215,7 +1215,7 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, } continue; } - (void)sk_IPAddressFamily_set_cmp_func(x->rfc3779_addr, IPAddressFamily_cmp); + sk_IPAddressFamily_set_cmp_func(x->rfc3779_addr, IPAddressFamily_cmp); for (j = 0; j < sk_IPAddressFamily_num(child); j++) { IPAddressFamily *fc = sk_IPAddressFamily_value(child, j); int k = sk_IPAddressFamily_find(x->rfc3779_addr, fc); @@ -1242,6 +1242,7 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, /* * Trust anchor can't inherit. */ + OPENSSL_assert(x != NULL); if (x->rfc3779_addr != NULL) { for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) { IPAddressFamily *fp = sk_IPAddressFamily_value(x->rfc3779_addr, j); diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c index 75fda7f268..91aefcddc1 100644 --- a/src/lib/libcrypto/x509v3/v3_alt.c +++ b/src/lib/libcrypto/x509v3/v3_alt.c @@ -82,6 +82,12 @@ NULL, NULL, NULL}, (X509V3_EXT_I2V)i2v_GENERAL_NAMES, (X509V3_EXT_V2I)v2i_issuer_alt, NULL, NULL, NULL}, + +{ NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES), +0,0,0,0, +0,0, +(X509V3_EXT_I2V)i2v_GENERAL_NAMES, +NULL, NULL, NULL, NULL}, }; STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, @@ -147,9 +153,9 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, BIO_snprintf(htmp, sizeof htmp, "%X", p[0] << 8 | p[1]); p += 2; - strlcat(oline, htmp, sizeof oline); + strlcat(oline, htmp, sizeof(oline)); if (i != 7) - strlcat(oline, ":", sizeof oline); + strlcat(oline, ":", sizeof(oline)); } } else @@ -360,6 +366,7 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) if (move_p) { X509_NAME_delete_entry(nm, i); + X509_NAME_ENTRY_free(ne); i--; } if(!email || !(gen = GENERAL_NAME_new())) { @@ -386,8 +393,8 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) } -GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) +GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { GENERAL_NAME *gen; GENERAL_NAMES *gens = NULL; @@ -408,28 +415,22 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, return NULL; } -GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - CONF_VALUE *cnf) +GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, + CONF_VALUE *cnf) { return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0); } -GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, - X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - CONF_VALUE *cnf, int is_nc) +GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, + const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, + int gen_type, char *value, int is_nc) { char is_string = 0; - int type; GENERAL_NAME *gen = NULL; - char *name, *value; - - name = cnf->name; - value = cnf->value; - if(!value) { - X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE); + X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_MISSING_VALUE); return NULL; } @@ -440,74 +441,62 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, gen = GENERAL_NAME_new(); if(gen == NULL) { - X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); return NULL; } } - if(!name_cmp(name, "email")) - { - is_string = 1; - type = GEN_EMAIL; - } - else if(!name_cmp(name, "URI")) - { - is_string = 1; - type = GEN_URI; - } - else if(!name_cmp(name, "DNS")) + switch (gen_type) { + case GEN_URI: + case GEN_EMAIL: + case GEN_DNS: is_string = 1; - type = GEN_DNS; - } - else if(!name_cmp(name, "RID")) + break; + + case GEN_RID: { ASN1_OBJECT *obj; if(!(obj = OBJ_txt2obj(value,0))) { - X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_OBJECT); + X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", value); goto err; } gen->d.rid = obj; - type = GEN_RID; } - else if(!name_cmp(name, "IP")) - { + break; + + case GEN_IPADD: if (is_nc) gen->d.ip = a2i_IPADDRESS_NC(value); else gen->d.ip = a2i_IPADDRESS(value); if(gen->d.ip == NULL) { - X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_IP_ADDRESS); + X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS); ERR_add_error_data(2, "value=", value); goto err; } - type = GEN_IPADD; - } - else if(!name_cmp(name, "dirName")) - { - type = GEN_DIRNAME; + break; + + case GEN_DIRNAME: if (!do_dirname(gen, value, ctx)) { - X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_DIRNAME_ERROR); + X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR); goto err; } - } - else if(!name_cmp(name, "otherName")) - { + break; + + case GEN_OTHERNAME: if (!do_othername(gen, value, ctx)) { - X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_OTHERNAME_ERROR); + X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_OTHERNAME_ERROR); goto err; } - type = GEN_OTHERNAME; - } - else - { - X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION); - ERR_add_error_data(2, "name=", name); + break; + default: + X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_TYPE); goto err; } @@ -517,12 +506,12 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, strlen(value))) { - X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); goto err; } } - gen->type = type; + gen->type = gen_type; return gen; @@ -532,6 +521,48 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, return NULL; } +GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, + const X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc) + { + int type; + + char *name, *value; + + name = cnf->name; + value = cnf->value; + + if(!value) + { + X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE); + return NULL; + } + + if(!name_cmp(name, "email")) + type = GEN_EMAIL; + else if(!name_cmp(name, "URI")) + type = GEN_URI; + else if(!name_cmp(name, "DNS")) + type = GEN_DNS; + else if(!name_cmp(name, "RID")) + type = GEN_RID; + else if(!name_cmp(name, "IP")) + type = GEN_IPADD; + else if(!name_cmp(name, "dirName")) + type = GEN_DIRNAME; + else if(!name_cmp(name, "otherName")) + type = GEN_OTHERNAME; + else + { + X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION); + ERR_add_error_data(2, "name=", name); + return NULL; + } + + return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc); + + } + static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) { char *objtmp = NULL, *p; @@ -577,6 +608,7 @@ static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) if (!ret) X509_NAME_free(nm); gen->d.dirn = nm; + X509V3_section_free(ctx, sk); return ret; } diff --git a/src/lib/libcrypto/x509v3/v3_asid.c b/src/lib/libcrypto/x509v3/v3_asid.c index abd497ed1f..56702f86b9 100644 --- a/src/lib/libcrypto/x509v3/v3_asid.c +++ b/src/lib/libcrypto/x509v3/v3_asid.c @@ -152,7 +152,7 @@ static int i2r_ASIdentifierChoice(BIO *out, /* * i2r method for an ASIdentifier extension. */ -static int i2r_ASIdentifiers(X509V3_EXT_METHOD *method, +static int i2r_ASIdentifiers(const X509V3_EXT_METHOD *method, void *ext, BIO *out, int indent) @@ -466,7 +466,7 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) break; } ASIdOrRange_free(b); - (void)sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1); + sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1); i--; continue; } @@ -495,7 +495,7 @@ int v3_asid_canonize(ASIdentifiers *asid) /* * v2i method for an ASIdentifier extension. */ -static void *v2i_ASIdentifiers(struct v3_ext_method *method, +static void *v2i_ASIdentifiers(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values) { @@ -707,7 +707,7 @@ static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx, { ASIdOrRanges *child_as = NULL, *child_rdi = NULL; int i, ret = 1, inherit_as = 0, inherit_rdi = 0; - X509 *x = NULL; + X509 *x; assert(chain != NULL && sk_X509_num(chain) > 0); assert(ctx != NULL || ext != NULL); @@ -720,6 +720,7 @@ static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx, */ if (ext != NULL) { i = -1; + x = NULL; } else { i = 0; x = sk_X509_value(chain, i); @@ -799,6 +800,7 @@ static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx, /* * Trust anchor can't inherit. */ + assert(x != NULL); if (x->rfc3779_asid != NULL) { if (x->rfc3779_asid->asnum != NULL && x->rfc3779_asid->asnum->type == ASIdentifierChoice_inherit) diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c index 11eb6b7fd5..6730f9a6ee 100644 --- a/src/lib/libcrypto/x509v3/v3_conf.c +++ b/src/lib/libcrypto/x509v3/v3_conf.c @@ -72,14 +72,14 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, in static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type, X509V3_CTX *ctx); static char *conf_lhash_get_string(void *db, char *section, char *value); static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section); -static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, - int crit, void *ext_struc); +static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, + int crit, void *ext_struc); static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len); /* CONF *conf: Config file */ /* char *name: Name */ /* char *value: Value */ X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, - char *value) + char *value) { int crit; int ext_type; @@ -99,7 +99,7 @@ X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, /* CONF *conf: Config file */ /* char *value: Value */ X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, - char *value) + char *value) { int crit; int ext_type; @@ -113,9 +113,9 @@ X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, /* CONF *conf: Config file */ /* char *value: Value */ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, - int crit, char *value) + int crit, char *value) { - X509V3_EXT_METHOD *method; + const X509V3_EXT_METHOD *method; X509_EXTENSION *ext; STACK_OF(CONF_VALUE) *nval; void *ext_struc; @@ -172,8 +172,8 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, } -static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, - int crit, void *ext_struc) +static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, + int crit, void *ext_struc) { unsigned char *ext_der; int ext_len; @@ -214,7 +214,7 @@ static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc) { - X509V3_EXT_METHOD *method; + const X509V3_EXT_METHOD *method; if (!(method = X509V3_EXT_get_nid(ext_nid))) { X509V3err(X509V3_F_X509V3_EXT_I2D,X509V3_R_UNKNOWN_EXTENSION); return NULL; @@ -258,7 +258,8 @@ static int v3_check_generic(char **value) /* Create a generic extension: for now just handle DER type */ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, - int crit, int gen_type, X509V3_CTX *ctx) + int crit, int gen_type, + X509V3_CTX *ctx) { unsigned char *ext_der=NULL; long ext_len; @@ -322,7 +323,7 @@ static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len) int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, - STACK_OF(X509_EXTENSION) **sk) + STACK_OF(X509_EXTENSION) **sk) { X509_EXTENSION *ext; STACK_OF(CONF_VALUE) *nval; @@ -343,7 +344,7 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, /* Convenience functions to add extensions to a certificate, CRL and request */ int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, - X509 *cert) + X509 *cert) { STACK_OF(X509_EXTENSION) **sk = NULL; if (cert) @@ -354,7 +355,7 @@ int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, /* Same as above but for a CRL */ int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, - X509_CRL *crl) + X509_CRL *crl) { STACK_OF(X509_EXTENSION) **sk = NULL; if (crl) @@ -443,7 +444,7 @@ void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf) } void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req, - X509_CRL *crl, int flags) + X509_CRL *crl, int flags) { ctx->issuer_cert = issuer; ctx->subject_cert = subj; @@ -454,8 +455,8 @@ void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req, /* Old conf compatibility functions */ -X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, - char *value) +X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, + char *name, char *value) { CONF ctmp; CONF_set_nconf(&ctmp, conf); @@ -464,8 +465,8 @@ X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, /* LHASH *conf: Config file */ /* char *value: Value */ -X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, - char *value) +X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, + int ext_nid, char *value) { CONF ctmp; CONF_set_nconf(&ctmp, conf); @@ -489,14 +490,14 @@ NULL, NULL }; -void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash) +void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash) { ctx->db_meth = &conf_lhash_method; ctx->db = lhash; } -int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, - X509 *cert) +int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, + char *section, X509 *cert) { CONF ctmp; CONF_set_nconf(&ctmp, conf); @@ -505,8 +506,8 @@ int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, /* Same as above but for a CRL */ -int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, - X509_CRL *crl) +int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, + char *section, X509_CRL *crl) { CONF ctmp; CONF_set_nconf(&ctmp, conf); @@ -515,8 +516,8 @@ int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, /* Add extensions to certificate request */ -int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, - X509_REQ *req) +int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, + char *section, X509_REQ *req) { CONF ctmp; CONF_set_nconf(&ctmp, conf); diff --git a/src/lib/libcrypto/x509v3/v3_cpols.c b/src/lib/libcrypto/x509v3/v3_cpols.c index ad0506d75c..1f0798b946 100644 --- a/src/lib/libcrypto/x509v3/v3_cpols.c +++ b/src/lib/libcrypto/x509v3/v3_cpols.c @@ -450,5 +450,8 @@ void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent) else BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, ""); } - + + IMPLEMENT_STACK_OF(X509_POLICY_NODE) +IMPLEMENT_STACK_OF(X509_POLICY_DATA) + diff --git a/src/lib/libcrypto/x509v3/v3_crld.c b/src/lib/libcrypto/x509v3/v3_crld.c index 181a8977b1..790a6dd032 100644 --- a/src/lib/libcrypto/x509v3/v3_crld.c +++ b/src/lib/libcrypto/x509v3/v3_crld.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -63,45 +63,254 @@ #include #include -static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, - STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *extlist); -static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); - -const X509V3_EXT_METHOD v3_crld = { -NID_crl_distribution_points, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(CRL_DIST_POINTS), -0,0,0,0, -0,0, -(X509V3_EXT_I2V)i2v_crld, -(X509V3_EXT_V2I)v2i_crld, -0,0, -NULL +static void *v2i_crld(const X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); +static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out, + int indent); + +const X509V3_EXT_METHOD v3_crld = + { + NID_crl_distribution_points, 0, ASN1_ITEM_ref(CRL_DIST_POINTS), + 0,0,0,0, + 0,0, + 0, + v2i_crld, + i2r_crldp,0, + NULL + }; + +const X509V3_EXT_METHOD v3_freshest_crl = + { + NID_freshest_crl, 0, ASN1_ITEM_ref(CRL_DIST_POINTS), + 0,0,0,0, + 0,0, + 0, + v2i_crld, + i2r_crldp,0, + NULL + }; + +static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx, char *sect) + { + STACK_OF(CONF_VALUE) *gnsect; + STACK_OF(GENERAL_NAME) *gens; + if (*sect == '@') + gnsect = X509V3_get_section(ctx, sect + 1); + else + gnsect = X509V3_parse_list(sect); + if (!gnsect) + { + X509V3err(X509V3_F_GNAMES_FROM_SECTNAME, + X509V3_R_SECTION_NOT_FOUND); + return NULL; + } + gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect); + if (*sect == '@') + X509V3_section_free(ctx, gnsect); + else + sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free); + return gens; + } + +static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, + CONF_VALUE *cnf) + { + STACK_OF(GENERAL_NAME) *fnm = NULL; + STACK_OF(X509_NAME_ENTRY) *rnm = NULL; + if (!strncmp(cnf->name, "fullname", 9)) + { + fnm = gnames_from_sectname(ctx, cnf->value); + if (!fnm) + goto err; + } + else if (!strcmp(cnf->name, "relativename")) + { + int ret; + STACK_OF(CONF_VALUE) *dnsect; + X509_NAME *nm; + nm = X509_NAME_new(); + if (!nm) + return -1; + dnsect = X509V3_get_section(ctx, cnf->value); + if (!dnsect) + { + X509V3err(X509V3_F_SET_DIST_POINT_NAME, + X509V3_R_SECTION_NOT_FOUND); + return -1; + } + ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC); + X509V3_section_free(ctx, dnsect); + rnm = nm->entries; + nm->entries = NULL; + X509_NAME_free(nm); + if (!ret || sk_X509_NAME_ENTRY_num(rnm) <= 0) + goto err; + /* Since its a name fragment can't have more than one + * RDNSequence + */ + if (sk_X509_NAME_ENTRY_value(rnm, + sk_X509_NAME_ENTRY_num(rnm) - 1)->set) + { + X509V3err(X509V3_F_SET_DIST_POINT_NAME, + X509V3_R_INVALID_MULTIPLE_RDNS); + goto err; + } + } + else + return 0; + + if (*pdp) + { + X509V3err(X509V3_F_SET_DIST_POINT_NAME, + X509V3_R_DISTPOINT_ALREADY_SET); + goto err; + } + + *pdp = DIST_POINT_NAME_new(); + if (!*pdp) + goto err; + if (fnm) + { + (*pdp)->type = 0; + (*pdp)->name.fullname = fnm; + } + else + { + (*pdp)->type = 1; + (*pdp)->name.relativename = rnm; + } + + return 1; + + err: + if (fnm) + sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free); + if (rnm) + sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free); + return -1; + } + +static const BIT_STRING_BITNAME reason_flags[] = { +{0, "Unused", "unused"}, +{1, "Key Compromise", "keyCompromise"}, +{2, "CA Compromise", "CACompromise"}, +{3, "Affiliation Changed", "affiliationChanged"}, +{4, "Superseded", "superseded"}, +{5, "Cessation Of Operation", "cessationOfOperation"}, +{6, "Certificate Hold", "certificateHold"}, +{7, "Privilege Withdrawn", "privilegeWithdrawn"}, +{8, "AA Compromise", "AACompromise"}, +{-1, NULL, NULL} }; -static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, - STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *exts) -{ - DIST_POINT *point; +static int set_reasons(ASN1_BIT_STRING **preas, char *value) + { + STACK_OF(CONF_VALUE) *rsk = NULL; + const BIT_STRING_BITNAME *pbn; + const char *bnam; + int i, ret = 0; + rsk = X509V3_parse_list(value); + if (!rsk) + return 0; + if (*preas) + return 0; + for (i = 0; i < sk_CONF_VALUE_num(rsk); i++) + { + bnam = sk_CONF_VALUE_value(rsk, i)->name; + if (!*preas) + { + *preas = ASN1_BIT_STRING_new(); + if (!*preas) + goto err; + } + for (pbn = reason_flags; pbn->lname; pbn++) + { + if (!strcmp(pbn->sname, bnam)) + { + if (!ASN1_BIT_STRING_set_bit(*preas, + pbn->bitnum, 1)) + goto err; + break; + } + } + if (!pbn->lname) + goto err; + } + ret = 1; + + err: + sk_CONF_VALUE_pop_free(rsk, X509V3_conf_free); + return ret; + } + +static int print_reasons(BIO *out, const char *rname, + ASN1_BIT_STRING *rflags, int indent) + { + int first = 1; + const BIT_STRING_BITNAME *pbn; + BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, ""); + for (pbn = reason_flags; pbn->lname; pbn++) + { + if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum)) + { + if (first) + first = 0; + else + BIO_puts(out, ", "); + BIO_puts(out, pbn->lname); + } + } + if (first) + BIO_puts(out, "\n"); + else + BIO_puts(out, "\n"); + return 1; + } + +static DIST_POINT *crldp_from_section(X509V3_CTX *ctx, + STACK_OF(CONF_VALUE) *nval) + { int i; - for(i = 0; i < sk_DIST_POINT_num(crld); i++) { - point = sk_DIST_POINT_value(crld, i); - if(point->distpoint) { - if(point->distpoint->type == 0) - exts = i2v_GENERAL_NAMES(NULL, - point->distpoint->name.fullname, exts); - else X509V3_add_value("RelativeName","", &exts); + CONF_VALUE *cnf; + DIST_POINT *point = NULL; + point = DIST_POINT_new(); + if (!point) + goto err; + for(i = 0; i < sk_CONF_VALUE_num(nval); i++) + { + int ret; + cnf = sk_CONF_VALUE_value(nval, i); + ret = set_dist_point_name(&point->distpoint, ctx, cnf); + if (ret > 0) + continue; + if (ret < 0) + goto err; + if (!strcmp(cnf->name, "reasons")) + { + if (!set_reasons(&point->reasons, cnf->value)) + goto err; + } + else if (!strcmp(cnf->name, "CRLissuer")) + { + point->CRLissuer = + gnames_from_sectname(ctx, cnf->value); + if (!point->CRLissuer) + goto err; + } } - if(point->reasons) - X509V3_add_value("reasons","", &exts); - if(point->CRLissuer) - X509V3_add_value("CRLissuer","", &exts); + + return point; + + + err: + if (point) + DIST_POINT_free(point); + return NULL; } - return exts; -} -static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) -{ +static void *v2i_crld(const X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) + { STACK_OF(DIST_POINT) *crld = NULL; GENERAL_NAMES *gens = NULL; GENERAL_NAME *gen = NULL; @@ -111,19 +320,44 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { DIST_POINT *point; cnf = sk_CONF_VALUE_value(nval, i); - if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; - if(!(gens = GENERAL_NAMES_new())) goto merr; - if(!sk_GENERAL_NAME_push(gens, gen)) goto merr; - gen = NULL; - if(!(point = DIST_POINT_new())) goto merr; - if(!sk_DIST_POINT_push(crld, point)) { - DIST_POINT_free(point); - goto merr; - } - if(!(point->distpoint = DIST_POINT_NAME_new())) goto merr; - point->distpoint->name.fullname = gens; - point->distpoint->type = 0; - gens = NULL; + if (!cnf->value) + { + STACK_OF(CONF_VALUE) *dpsect; + dpsect = X509V3_get_section(ctx, cnf->name); + if (!dpsect) + goto err; + point = crldp_from_section(ctx, dpsect); + X509V3_section_free(ctx, dpsect); + if (!point) + goto err; + if(!sk_DIST_POINT_push(crld, point)) + { + DIST_POINT_free(point); + goto merr; + } + } + else + { + if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) + goto err; + if(!(gens = GENERAL_NAMES_new())) + goto merr; + if(!sk_GENERAL_NAME_push(gens, gen)) + goto merr; + gen = NULL; + if(!(point = DIST_POINT_new())) + goto merr; + if(!sk_DIST_POINT_push(crld, point)) + { + DIST_POINT_free(point); + goto merr; + } + if(!(point->distpoint = DIST_POINT_NAME_new())) + goto merr; + point->distpoint->name.fullname = gens; + point->distpoint->type = 0; + gens = NULL; + } } return crld; @@ -139,11 +373,31 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, IMPLEMENT_STACK_OF(DIST_POINT) IMPLEMENT_ASN1_SET_OF(DIST_POINT) +static int dpn_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) + { + DIST_POINT_NAME *dpn = (DIST_POINT_NAME *)*pval; + + switch(operation) + { + case ASN1_OP_NEW_POST: + dpn->dpname = NULL; + break; + + case ASN1_OP_FREE_POST: + if (dpn->dpname) + X509_NAME_free(dpn->dpname); + break; + } + return 1; + } + -ASN1_CHOICE(DIST_POINT_NAME) = { +ASN1_CHOICE_cb(DIST_POINT_NAME, dpn_cb) = { ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0), ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1) -} ASN1_CHOICE_END(DIST_POINT_NAME) +} ASN1_CHOICE_END_cb(DIST_POINT_NAME, DIST_POINT_NAME, type) + IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME) @@ -160,3 +414,203 @@ ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) = ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS) IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS) + +ASN1_SEQUENCE(ISSUING_DIST_POINT) = { + ASN1_EXP_OPT(ISSUING_DIST_POINT, distpoint, DIST_POINT_NAME, 0), + ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyuser, ASN1_FBOOLEAN, 1), + ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyCA, ASN1_FBOOLEAN, 2), + ASN1_IMP_OPT(ISSUING_DIST_POINT, onlysomereasons, ASN1_BIT_STRING, 3), + ASN1_IMP_OPT(ISSUING_DIST_POINT, indirectCRL, ASN1_FBOOLEAN, 4), + ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5) +} ASN1_SEQUENCE_END(ISSUING_DIST_POINT) + +IMPLEMENT_ASN1_FUNCTIONS(ISSUING_DIST_POINT) + +static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out, + int indent); +static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, + STACK_OF(CONF_VALUE) *nval); + +const X509V3_EXT_METHOD v3_idp = + { + NID_issuing_distribution_point, X509V3_EXT_MULTILINE, + ASN1_ITEM_ref(ISSUING_DIST_POINT), + 0,0,0,0, + 0,0, + 0, + v2i_idp, + i2r_idp,0, + NULL + }; + +static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, + STACK_OF(CONF_VALUE) *nval) + { + ISSUING_DIST_POINT *idp = NULL; + CONF_VALUE *cnf; + char *name, *val; + int i, ret; + idp = ISSUING_DIST_POINT_new(); + if (!idp) + goto merr; + for(i = 0; i < sk_CONF_VALUE_num(nval); i++) + { + cnf = sk_CONF_VALUE_value(nval, i); + name = cnf->name; + val = cnf->value; + ret = set_dist_point_name(&idp->distpoint, ctx, cnf); + if (ret > 0) + continue; + if (ret < 0) + goto err; + if (!strcmp(name, "onlyuser")) + { + if (!X509V3_get_value_bool(cnf, &idp->onlyuser)) + goto err; + } + else if (!strcmp(name, "onlyCA")) + { + if (!X509V3_get_value_bool(cnf, &idp->onlyCA)) + goto err; + } + else if (!strcmp(name, "onlyAA")) + { + if (!X509V3_get_value_bool(cnf, &idp->onlyattr)) + goto err; + } + else if (!strcmp(name, "indirectCRL")) + { + if (!X509V3_get_value_bool(cnf, &idp->indirectCRL)) + goto err; + } + else if (!strcmp(name, "onlysomereasons")) + { + if (!set_reasons(&idp->onlysomereasons, val)) + goto err; + } + else + { + X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME); + X509V3_conf_err(cnf); + goto err; + } + } + return idp; + + merr: + X509V3err(X509V3_F_V2I_IDP,ERR_R_MALLOC_FAILURE); + err: + ISSUING_DIST_POINT_free(idp); + return NULL; + } + +static int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent) + { + int i; + for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) + { + BIO_printf(out, "%*s", indent + 2, ""); + GENERAL_NAME_print(out, sk_GENERAL_NAME_value(gens, i)); + BIO_puts(out, "\n"); + } + return 1; + } + +static int print_distpoint(BIO *out, DIST_POINT_NAME *dpn, int indent) + { + if (dpn->type == 0) + { + BIO_printf(out, "%*sFull Name:\n", indent, ""); + print_gens(out, dpn->name.fullname, indent); + } + else + { + X509_NAME ntmp; + ntmp.entries = dpn->name.relativename; + BIO_printf(out, "%*sRelative Name:\n%*s", + indent, "", indent + 2, ""); + X509_NAME_print_ex(out, &ntmp, 0, XN_FLAG_ONELINE); + BIO_puts(out, "\n"); + } + return 1; + } + +static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out, + int indent) + { + ISSUING_DIST_POINT *idp = pidp; + if (idp->distpoint) + print_distpoint(out, idp->distpoint, indent); + if (idp->onlyuser > 0) + BIO_printf(out, "%*sOnly User Certificates\n", indent, ""); + if (idp->onlyCA > 0) + BIO_printf(out, "%*sOnly CA Certificates\n", indent, ""); + if (idp->indirectCRL > 0) + BIO_printf(out, "%*sIndirect CRL\n", indent, ""); + if (idp->onlysomereasons) + print_reasons(out, "Only Some Reasons", + idp->onlysomereasons, indent); + if (idp->onlyattr > 0) + BIO_printf(out, "%*sOnly Attribute Certificates\n", indent, ""); + if (!idp->distpoint && (idp->onlyuser <= 0) && (idp->onlyCA <= 0) + && (idp->indirectCRL <= 0) && !idp->onlysomereasons + && (idp->onlyattr <= 0)) + BIO_printf(out, "%*s\n", indent, ""); + + return 1; + } + +static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out, + int indent) + { + STACK_OF(DIST_POINT) *crld = pcrldp; + DIST_POINT *point; + int i; + for(i = 0; i < sk_DIST_POINT_num(crld); i++) + { + BIO_puts(out, "\n"); + point = sk_DIST_POINT_value(crld, i); + if(point->distpoint) + print_distpoint(out, point->distpoint, indent); + if(point->reasons) + print_reasons(out, "Reasons", point->reasons, + indent); + if(point->CRLissuer) + { + BIO_printf(out, "%*sCRL Issuer:\n", indent, ""); + print_gens(out, point->CRLissuer, indent); + } + } + return 1; + } + +int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname) + { + int i; + STACK_OF(X509_NAME_ENTRY) *frag; + X509_NAME_ENTRY *ne; + if (!dpn || (dpn->type != 1)) + return 1; + frag = dpn->name.relativename; + dpn->dpname = X509_NAME_dup(iname); + if (!dpn->dpname) + return 0; + for (i = 0; i < sk_X509_NAME_ENTRY_num(frag); i++) + { + ne = sk_X509_NAME_ENTRY_value(frag, i); + if (!X509_NAME_add_entry(dpn->dpname, ne, -1, i ? 0 : 1)) + { + X509_NAME_free(dpn->dpname); + dpn->dpname = NULL; + return 0; + } + } + /* generate cached encoding of name */ + if (i2d_X509_NAME(dpn->dpname, NULL) < 0) + { + X509_NAME_free(dpn->dpname); + dpn->dpname = NULL; + return 0; + } + return 1; + } diff --git a/src/lib/libcrypto/x509v3/v3_enum.c b/src/lib/libcrypto/x509v3/v3_enum.c index 36576eaa4d..c0575e368d 100644 --- a/src/lib/libcrypto/x509v3/v3_enum.c +++ b/src/lib/libcrypto/x509v3/v3_enum.c @@ -61,14 +61,17 @@ #include static ENUMERATED_NAMES crl_reasons[] = { -{0, "Unspecified", "unspecified"}, -{1, "Key Compromise", "keyCompromise"}, -{2, "CA Compromise", "CACompromise"}, -{3, "Affiliation Changed", "affiliationChanged"}, -{4, "Superseded", "superseded"}, -{5, "Cessation Of Operation", "cessationOfOperation"}, -{6, "Certificate Hold", "certificateHold"}, -{8, "Remove From CRL", "removeFromCRL"}, +{CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"}, +{CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"}, +{CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"}, +{CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"}, +{CRL_REASON_SUPERSEDED, "Superseded", "superseded"}, +{CRL_REASON_CESSATION_OF_OPERATION, + "Cessation Of Operation", "cessationOfOperation"}, +{CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"}, +{CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"}, +{CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, +{CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, {-1, NULL, NULL} }; diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c index c0d14500ed..1c66532757 100644 --- a/src/lib/libcrypto/x509v3/v3_extku.c +++ b/src/lib/libcrypto/x509v3/v3_extku.c @@ -63,9 +63,10 @@ #include #include -static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, +static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, + STACK_OF(CONF_VALUE) *nval); +static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, void *eku, STACK_OF(CONF_VALUE) *extlist); const X509V3_EXT_METHOD v3_ext_ku = { @@ -97,8 +98,9 @@ ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE) IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) -static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, - void *a, STACK_OF(CONF_VALUE) *ext_list) +static STACK_OF(CONF_VALUE) * + i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, void *a, + STACK_OF(CONF_VALUE) *ext_list) { EXTENDED_KEY_USAGE *eku = a; int i; @@ -112,8 +114,8 @@ static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, return ext_list; } -static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) +static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { EXTENDED_KEY_USAGE *extku; char *extval; diff --git a/src/lib/libcrypto/x509v3/v3_genn.c b/src/lib/libcrypto/x509v3/v3_genn.c index 84b4b1c881..b628357301 100644 --- a/src/lib/libcrypto/x509v3/v3_genn.c +++ b/src/lib/libcrypto/x509v3/v3_genn.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -99,3 +99,154 @@ ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES) IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES) + +GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a) + { + return (GENERAL_NAME *) ASN1_dup((i2d_of_void *) i2d_GENERAL_NAME, + (d2i_of_void *) d2i_GENERAL_NAME, + (char *) a); + } + +/* Returns 0 if they are equal, != 0 otherwise. */ +int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) + { + int result = -1; + + if (!a || !b || a->type != b->type) return -1; + switch(a->type) + { + case GEN_X400: + case GEN_EDIPARTY: + result = ASN1_TYPE_cmp(a->d.other, b->d.other); + break; + + case GEN_OTHERNAME: + result = OTHERNAME_cmp(a->d.otherName, b->d.otherName); + break; + + case GEN_EMAIL: + case GEN_DNS: + case GEN_URI: + result = ASN1_STRING_cmp(a->d.ia5, b->d.ia5); + break; + + case GEN_DIRNAME: + result = X509_NAME_cmp(a->d.dirn, b->d.dirn); + break; + + case GEN_IPADD: + result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip); + break; + + case GEN_RID: + result = OBJ_cmp(a->d.rid, b->d.rid); + break; + } + return result; + } + +/* Returns 0 if they are equal, != 0 otherwise. */ +int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b) + { + int result = -1; + + if (!a || !b) return -1; + /* Check their type first. */ + if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0) + return result; + /* Check the value. */ + result = ASN1_TYPE_cmp(a->value, b->value); + return result; + } + +void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) + { + switch(type) + { + case GEN_X400: + case GEN_EDIPARTY: + a->d.other = value; + break; + + case GEN_OTHERNAME: + a->d.otherName = value; + break; + + case GEN_EMAIL: + case GEN_DNS: + case GEN_URI: + a->d.ia5 = value; + break; + + case GEN_DIRNAME: + a->d.dirn = value; + break; + + case GEN_IPADD: + a->d.ip = value; + break; + + case GEN_RID: + a->d.rid = value; + break; + } + a->type = type; + } + +void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype) + { + if (ptype) + *ptype = a->type; + switch(a->type) + { + case GEN_X400: + case GEN_EDIPARTY: + return a->d.other; + + case GEN_OTHERNAME: + return a->d.otherName; + + case GEN_EMAIL: + case GEN_DNS: + case GEN_URI: + return a->d.ia5; + + case GEN_DIRNAME: + return a->d.dirn; + + case GEN_IPADD: + return a->d.ip; + + case GEN_RID: + return a->d.rid; + + default: + return NULL; + } + } + +int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, + ASN1_OBJECT *oid, ASN1_TYPE *value) + { + OTHERNAME *oth; + oth = OTHERNAME_new(); + if (!oth) + return 0; + oth->type_id = oid; + oth->value = value; + GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth); + return 1; + } + +int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, + ASN1_OBJECT **poid, ASN1_TYPE **pvalue) + { + if (gen->type != GEN_OTHERNAME) + return 0; + if (poid) + *poid = gen->d.otherName->type_id; + if (pvalue) + *pvalue = gen->d.otherName->value; + return 1; + } + diff --git a/src/lib/libcrypto/x509v3/v3_lib.c b/src/lib/libcrypto/x509v3/v3_lib.c index df3a48f43e..0f1e1d4422 100644 --- a/src/lib/libcrypto/x509v3/v3_lib.c +++ b/src/lib/libcrypto/x509v3/v3_lib.c @@ -84,20 +84,24 @@ int X509V3_EXT_add(X509V3_EXT_METHOD *ext) } static int ext_cmp(const X509V3_EXT_METHOD * const *a, - const X509V3_EXT_METHOD * const *b) + const X509V3_EXT_METHOD * const *b) { return ((*a)->ext_nid - (*b)->ext_nid); } -X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid) +DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *, const X509V3_EXT_METHOD *, + ext); +IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *, + const X509V3_EXT_METHOD *, ext); + +const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid) { - X509V3_EXT_METHOD tmp, *t = &tmp, **ret; + X509V3_EXT_METHOD tmp; + const X509V3_EXT_METHOD *t = &tmp, * const *ret; int idx; if(nid < 0) return NULL; tmp.ext_nid = nid; - ret = (X509V3_EXT_METHOD **) OBJ_bsearch((char *)&t, - (char *)standard_exts, STANDARD_EXTENSION_COUNT, - sizeof(X509V3_EXT_METHOD *), (int (*)(const void *, const void *))ext_cmp); + ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT); if(ret) return *ret; if(!ext_list) return NULL; idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp); @@ -105,7 +109,7 @@ X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid) return sk_X509V3_EXT_METHOD_value(ext_list, idx); } -X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext) +const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext) { int nid; if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL; @@ -122,7 +126,9 @@ int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist) int X509V3_EXT_add_alias(int nid_to, int nid_from) { - X509V3_EXT_METHOD *ext, *tmpext; + const X509V3_EXT_METHOD *ext; + X509V3_EXT_METHOD *tmpext; + if(!(ext = X509V3_EXT_get_nid(nid_from))) { X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND); return 0; @@ -161,7 +167,7 @@ int X509V3_add_standard_extensions(void) void *X509V3_EXT_d2i(X509_EXTENSION *ext) { - X509V3_EXT_METHOD *method; + const X509V3_EXT_METHOD *method; const unsigned char *p; if(!(method = X509V3_EXT_get(ext))) return NULL; diff --git a/src/lib/libcrypto/x509v3/v3_ocsp.c b/src/lib/libcrypto/x509v3/v3_ocsp.c index e426ea930c..0c165af314 100644 --- a/src/lib/libcrypto/x509v3/v3_ocsp.c +++ b/src/lib/libcrypto/x509v3/v3_ocsp.c @@ -68,19 +68,26 @@ /* OCSP extensions and a couple of CRL entry extensions */ -static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); -static int i2r_ocsp_acutoff(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); -static int i2r_object(X509V3_EXT_METHOD *method, void *obj, BIO *out, int indent); +static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *nonce, + BIO *out, int indent); +static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *nonce, + BIO *out, int indent); +static int i2r_object(const X509V3_EXT_METHOD *method, void *obj, BIO *out, + int indent); static void *ocsp_nonce_new(void); static int i2d_ocsp_nonce(void *a, unsigned char **pp); static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length); static void ocsp_nonce_free(void *a); -static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); +static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce, + BIO *out, int indent); -static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent); -static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str); -static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind); +static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method, + void *nocheck, BIO *out, int indent); +static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, + const char *str); +static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in, + BIO *bp, int ind); const X509V3_EXT_METHOD v3_ocsp_crlid = { NID_id_pkix_OCSP_CrlID, 0, ASN1_ITEM_ref(OCSP_CRLID), @@ -148,44 +155,47 @@ const X509V3_EXT_METHOD v3_ocsp_serviceloc = { NULL }; -static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind) +static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *in, BIO *bp, + int ind) { OCSP_CRLID *a = in; if (a->crlUrl) { - if (!BIO_printf(bp, "%*scrlUrl: ", ind, "")) goto err; + if (BIO_printf(bp, "%*scrlUrl: ", ind, "") <= 0) goto err; if (!ASN1_STRING_print(bp, (ASN1_STRING*)a->crlUrl)) goto err; - if (!BIO_write(bp, "\n", 1)) goto err; + if (BIO_write(bp, "\n", 1) <= 0) goto err; } if (a->crlNum) { - if (!BIO_printf(bp, "%*scrlNum: ", ind, "")) goto err; - if (!i2a_ASN1_INTEGER(bp, a->crlNum)) goto err; - if (!BIO_write(bp, "\n", 1)) goto err; + if (BIO_printf(bp, "%*scrlNum: ", ind, "") <= 0) goto err; + if (i2a_ASN1_INTEGER(bp, a->crlNum) <= 0) goto err; + if (BIO_write(bp, "\n", 1) <= 0) goto err; } if (a->crlTime) { - if (!BIO_printf(bp, "%*scrlTime: ", ind, "")) goto err; + if (BIO_printf(bp, "%*scrlTime: ", ind, "") <= 0) goto err; if (!ASN1_GENERALIZEDTIME_print(bp, a->crlTime)) goto err; - if (!BIO_write(bp, "\n", 1)) goto err; + if (BIO_write(bp, "\n", 1) <= 0) goto err; } return 1; err: return 0; } -static int i2r_ocsp_acutoff(X509V3_EXT_METHOD *method, void *cutoff, BIO *bp, int ind) +static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *cutoff, + BIO *bp, int ind) { - if (!BIO_printf(bp, "%*s", ind, "")) return 0; + if (BIO_printf(bp, "%*s", ind, "") <= 0) return 0; if(!ASN1_GENERALIZEDTIME_print(bp, cutoff)) return 0; return 1; } -static int i2r_object(X509V3_EXT_METHOD *method, void *oid, BIO *bp, int ind) +static int i2r_object(const X509V3_EXT_METHOD *method, void *oid, BIO *bp, + int ind) { - if (!BIO_printf(bp, "%*s", ind, "")) return 0; - if(!i2a_ASN1_OBJECT(bp, oid)) return 0; + if (BIO_printf(bp, "%*s", ind, "") <= 0) return 0; + if(i2a_ASN1_OBJECT(bp, oid) <= 0) return 0; return 1; } @@ -232,7 +242,8 @@ static void ocsp_nonce_free(void *a) M_ASN1_OCTET_STRING_free(a); } -static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent) +static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce, + BIO *out, int indent) { if(BIO_printf(out, "%*s", indent, "") <= 0) return 0; if(i2a_ASN1_STRING(out, nonce, V_ASN1_OCTET_STRING) <= 0) return 0; @@ -241,17 +252,20 @@ static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int /* Nocheck is just a single NULL. Don't print anything and always set it */ -static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent) +static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method, void *nocheck, + BIO *out, int indent) { return 1; } -static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str) +static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, + const char *str) { return ASN1_NULL_new(); } -static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind) +static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in, + BIO *bp, int ind) { int i; OCSP_SERVICELOC *a = in; diff --git a/src/lib/libcrypto/x509v3/v3_prn.c b/src/lib/libcrypto/x509v3/v3_prn.c index c1bb17f105..3146218708 100644 --- a/src/lib/libcrypto/x509v3/v3_prn.c +++ b/src/lib/libcrypto/x509v3/v3_prn.c @@ -110,7 +110,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde void *ext_str = NULL; char *value = NULL; const unsigned char *p; - X509V3_EXT_METHOD *method; + const X509V3_EXT_METHOD *method; STACK_OF(CONF_VALUE) *nval = NULL; int ok = 1; diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c index e18751e01c..181bd34979 100644 --- a/src/lib/libcrypto/x509v3/v3_purp.c +++ b/src/lib/libcrypto/x509v3/v3_purp.c @@ -71,6 +71,7 @@ static int purpose_smime(const X509 *x, int ca); static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca); static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca); static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca); +static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x, int ca); static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca); static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca); @@ -87,6 +88,7 @@ static X509_PURPOSE xstandard[] = { {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL}, {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL}, {X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper, "OCSP helper", "ocsphelper", NULL}, + {X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0, check_purpose_timestamp_sign, "Time Stamp signing", "timestampsign", NULL}, }; #define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE)) @@ -265,11 +267,14 @@ int X509_PURPOSE_get_trust(X509_PURPOSE *xp) return xp->trust; } -static int nid_cmp(int *a, int *b) +static int nid_cmp(const int *a, const int *b) { return *a - *b; } +DECLARE_OBJ_BSEARCH_CMP_FN(int, int, nid); +IMPLEMENT_OBJ_BSEARCH_CMP_FN(int, int, nid); + int X509_supported_extension(X509_EXTENSION *ex) { /* This table is a list of the NIDs of supported extensions: @@ -280,7 +285,7 @@ int X509_supported_extension(X509_EXTENSION *ex) * searched using bsearch. */ - static int supported_nids[] = { + static const int supported_nids[] = { NID_netscape_cert_type, /* 71 */ NID_key_usage, /* 83 */ NID_subject_alt_name, /* 85 */ @@ -292,24 +297,62 @@ int X509_supported_extension(X509_EXTENSION *ex) NID_sbgp_autonomousSysNum, /* 291 */ #endif NID_policy_constraints, /* 401 */ - NID_proxyCertInfo, /* 661 */ + NID_proxyCertInfo, /* 663 */ + NID_name_constraints, /* 666 */ + NID_policy_mappings, /* 747 */ NID_inhibit_any_policy /* 748 */ }; - int ex_nid; - - ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex)); + int ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex)); if (ex_nid == NID_undef) return 0; - if (OBJ_bsearch((char *)&ex_nid, (char *)supported_nids, - sizeof(supported_nids)/sizeof(int), sizeof(int), - (int (*)(const void *, const void *))nid_cmp)) + if (OBJ_bsearch_nid(&ex_nid, supported_nids, + sizeof(supported_nids)/sizeof(int))) return 1; return 0; } - + +static void setup_dp(X509 *x, DIST_POINT *dp) + { + X509_NAME *iname = NULL; + int i; + if (dp->reasons) + { + if (dp->reasons->length > 0) + dp->dp_reasons = dp->reasons->data[0]; + if (dp->reasons->length > 1) + dp->dp_reasons |= (dp->reasons->data[1] << 8); + dp->dp_reasons &= CRLDP_ALL_REASONS; + } + else + dp->dp_reasons = CRLDP_ALL_REASONS; + if (!dp->distpoint || (dp->distpoint->type != 1)) + return; + for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) + { + GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i); + if (gen->type == GEN_DIRNAME) + { + iname = gen->d.directoryName; + break; + } + } + if (!iname) + iname = X509_get_issuer_name(x); + + DIST_POINT_set_dpname(dp->distpoint, iname); + + } + +static void setup_crldp(X509 *x) + { + int i; + x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL); + for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) + setup_dp(x, sk_DIST_POINT_value(x->crldp, i)); + } static void x509v3_cache_extensions(X509 *x) { @@ -417,16 +460,25 @@ static void x509v3_cache_extensions(X509 *x) } x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL); x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL); + x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); + x->nc = X509_get_ext_d2i(x, NID_name_constraints, &i, NULL); + if (!x->nc && (i != -1)) + x->ex_flags |= EXFLAG_INVALID; + setup_crldp(x); + #ifndef OPENSSL_NO_RFC3779 - x->rfc3779_addr =X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL); - x->rfc3779_asid =X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum, - NULL, NULL); + x->rfc3779_addr =X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL); + x->rfc3779_asid =X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum, + NULL, NULL); #endif for (i = 0; i < X509_get_ext_count(x); i++) { ex = X509_get_ext(x, i); if (!X509_EXTENSION_get_critical(ex)) continue; + if (OBJ_obj2nid(X509_EXTENSION_get_object(ex)) + == NID_freshest_crl) + x->ex_flags |= EXFLAG_FRESHEST; if (!X509_supported_extension(ex)) { x->ex_flags |= EXFLAG_CRITICAL; @@ -594,6 +646,41 @@ static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca) return 1; } +static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x, + int ca) +{ + int i_ext; + + /* If ca is true we must return if this is a valid CA certificate. */ + if (ca) return check_ca(x); + + /* + * Check the optional key usage field: + * if Key Usage is present, it must be one of digitalSignature + * and/or nonRepudiation (other values are not consistent and shall + * be rejected). + */ + if ((x->ex_flags & EXFLAG_KUSAGE) + && ((x->ex_kusage & ~(KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)) || + !(x->ex_kusage & (KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)))) + return 0; + + /* Only time stamp key usage is permitted and it's required. */ + if (!(x->ex_flags & EXFLAG_XKUSAGE) || x->ex_xkusage != XKU_TIMESTAMP) + return 0; + + /* Extended Key Usage MUST be critical */ + i_ext = X509_get_ext_by_NID((X509 *) x, NID_ext_key_usage, 0); + if (i_ext >= 0) + { + X509_EXTENSION *ext = X509_get_ext((X509 *) x, i_ext); + if (!X509_EXTENSION_get_critical(ext)) + return 0; + } + + return 1; +} + static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca) { return 1; @@ -618,39 +705,14 @@ int X509_check_issued(X509 *issuer, X509 *subject) return X509_V_ERR_SUBJECT_ISSUER_MISMATCH; x509v3_cache_extensions(issuer); x509v3_cache_extensions(subject); - if(subject->akid) { - /* Check key ids (if present) */ - if(subject->akid->keyid && issuer->skid && - ASN1_OCTET_STRING_cmp(subject->akid->keyid, issuer->skid) ) - return X509_V_ERR_AKID_SKID_MISMATCH; - /* Check serial number */ - if(subject->akid->serial && - ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), - subject->akid->serial)) - return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH; - /* Check issuer name */ - if(subject->akid->issuer) { - /* Ugh, for some peculiar reason AKID includes - * SEQUENCE OF GeneralName. So look for a DirName. - * There may be more than one but we only take any - * notice of the first. - */ - GENERAL_NAMES *gens; - GENERAL_NAME *gen; - X509_NAME *nm = NULL; - int i; - gens = subject->akid->issuer; - for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) { - gen = sk_GENERAL_NAME_value(gens, i); - if(gen->type == GEN_DIRNAME) { - nm = gen->d.dirn; - break; - } - } - if(nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer))) - return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH; + + if(subject->akid) + { + int ret = X509_check_akid(issuer, subject->akid); + if (ret != X509_V_OK) + return ret; } - } + if(subject->ex_flags & EXFLAG_PROXY) { if(ku_reject(issuer, KU_DIGITAL_SIGNATURE)) @@ -661,3 +723,45 @@ int X509_check_issued(X509 *issuer, X509 *subject) return X509_V_OK; } +int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid) + { + + if(!akid) + return X509_V_OK; + + /* Check key ids (if present) */ + if(akid->keyid && issuer->skid && + ASN1_OCTET_STRING_cmp(akid->keyid, issuer->skid) ) + return X509_V_ERR_AKID_SKID_MISMATCH; + /* Check serial number */ + if(akid->serial && + ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), akid->serial)) + return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH; + /* Check issuer name */ + if(akid->issuer) + { + /* Ugh, for some peculiar reason AKID includes + * SEQUENCE OF GeneralName. So look for a DirName. + * There may be more than one but we only take any + * notice of the first. + */ + GENERAL_NAMES *gens; + GENERAL_NAME *gen; + X509_NAME *nm = NULL; + int i; + gens = akid->issuer; + for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) + { + gen = sk_GENERAL_NAME_value(gens, i); + if(gen->type == GEN_DIRNAME) + { + nm = gen->d.dirn; + break; + } + } + if(nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer))) + return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH; + } + return X509_V_OK; + } + diff --git a/src/lib/libcrypto/x509v3/v3_utl.c b/src/lib/libcrypto/x509v3/v3_utl.c index 2cb53008e3..e030234540 100644 --- a/src/lib/libcrypto/x509v3/v3_utl.c +++ b/src/lib/libcrypto/x509v3/v3_utl.c @@ -67,9 +67,9 @@ static char *strip_spaces(char *name); static int sk_strcmp(const char * const *a, const char * const *b); -static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens); -static void str_free(void *str); -static int append_ia5(STACK **sk, ASN1_IA5STRING *email); +static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens); +static void str_free(OPENSSL_STRING str); +static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email); static int ipv4_from_asc(unsigned char *v4, const char *in); static int ipv6_from_asc(unsigned char *v6, const char *in); @@ -344,7 +344,7 @@ static char *strip_spaces(char *name) char *p, *q; /* Skip over leading spaces */ p = name; - while(isspace((unsigned char)*p)) p++; + while(*p && isspace((unsigned char)*p)) p++; if(!*p) return NULL; q = p + strlen(p) - 1; while((q != p) && isspace((unsigned char)*q)) q--; @@ -360,10 +360,10 @@ static char *strip_spaces(char *name) * @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines) */ -char *hex_to_string(unsigned char *buffer, long len) +char *hex_to_string(const unsigned char *buffer, long len) { char *tmp, *q; - unsigned char *p; + const unsigned char *p; int i; const static char hexdig[] = "0123456789ABCDEF"; if(!buffer || !len) return NULL; @@ -389,7 +389,7 @@ char *hex_to_string(unsigned char *buffer, long len) * a buffer */ -unsigned char *string_to_hex(char *str, long *len) +unsigned char *string_to_hex(const char *str, long *len) { unsigned char *hexbuf, *q; unsigned char ch, cl, *p; @@ -463,21 +463,23 @@ static int sk_strcmp(const char * const *a, const char * const *b) return strcmp(*a, *b); } -STACK *X509_get1_email(X509 *x) +STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x) { GENERAL_NAMES *gens; - STACK *ret; + STACK_OF(OPENSSL_STRING) *ret; + gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); ret = get_email(X509_get_subject_name(x), gens); sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); return ret; } -STACK *X509_get1_ocsp(X509 *x) +STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x) { AUTHORITY_INFO_ACCESS *info; - STACK *ret = NULL; + STACK_OF(OPENSSL_STRING) *ret = NULL; int i; + info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL); if (!info) return NULL; @@ -497,11 +499,12 @@ STACK *X509_get1_ocsp(X509 *x) return ret; } -STACK *X509_REQ_get1_email(X509_REQ *x) +STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x) { GENERAL_NAMES *gens; STACK_OF(X509_EXTENSION) *exts; - STACK *ret; + STACK_OF(OPENSSL_STRING) *ret; + exts = X509_REQ_get_extensions(x); gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL); ret = get_email(X509_REQ_get_subject_name(x), gens); @@ -511,9 +514,9 @@ STACK *X509_REQ_get1_email(X509_REQ *x) } -static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens) +static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens) { - STACK *ret = NULL; + STACK_OF(OPENSSL_STRING) *ret = NULL; X509_NAME_ENTRY *ne; ASN1_IA5STRING *email; GENERAL_NAME *gen; @@ -536,23 +539,23 @@ static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens) return ret; } -static void str_free(void *str) +static void str_free(OPENSSL_STRING str) { OPENSSL_free(str); } -static int append_ia5(STACK **sk, ASN1_IA5STRING *email) +static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email) { char *emtmp; /* First some sanity checks */ if(email->type != V_ASN1_IA5STRING) return 1; if(!email->data || !email->length) return 1; - if(!*sk) *sk = sk_new(sk_strcmp); + if(!*sk) *sk = sk_OPENSSL_STRING_new(sk_strcmp); if(!*sk) return 0; /* Don't add duplicates */ - if(sk_find(*sk, (char *)email->data) != -1) return 1; + if(sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1) return 1; emtmp = BUF_strdup((char *)email->data); - if(!emtmp || !sk_push(*sk, emtmp)) { + if(!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) { X509_email_free(*sk); *sk = NULL; return 0; @@ -560,9 +563,9 @@ static int append_ia5(STACK **sk, ASN1_IA5STRING *email) return 1; } -void X509_email_free(STACK *sk) +void X509_email_free(STACK_OF(OPENSSL_STRING) *sk) { - sk_pop_free(sk, str_free); + sk_OPENSSL_STRING_pop_free(sk, str_free); } /* Convert IP addresses both IPv4 and IPv6 into an diff --git a/src/lib/libcrypto/x509v3/v3err.c b/src/lib/libcrypto/x509v3/v3err.c index d538ad8b80..f9f6f1f91f 100644 --- a/src/lib/libcrypto/x509v3/v3err.c +++ b/src/lib/libcrypto/x509v3/v3err.c @@ -1,6 +1,6 @@ /* crypto/x509v3/v3err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,6 +70,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= { +{ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "A2I_GENERAL_NAME"}, {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"}, {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"}, {ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"}, @@ -79,6 +80,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"}, {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"}, {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"}, +{ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"}, {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"}, {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"}, {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"}, @@ -95,6 +97,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"}, {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"}, {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"}, +{ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"}, {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"}, {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"}, {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"}, @@ -110,6 +113,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"}, {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"}, {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"}, +{ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"}, {ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"}, {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"}, {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"}, @@ -141,6 +145,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) ,"bn dec2bn error"}, {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"}, {ERR_REASON(X509V3_R_DIRNAME_ERROR) ,"dirname error"}, +{ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET),"distpoint already set"}, {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) ,"duplicate zone id"}, {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"}, {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"}, @@ -154,6 +159,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION),"illegal empty extension"}, {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) ,"illegal hex digit"}, {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"}, +{ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS),"invalid multiple rdns"}, {ERR_REASON(X509V3_R_INVALID_ASNUMBER) ,"invalid asnumber"}, {ERR_REASON(X509V3_R_INVALID_ASRANGE) ,"invalid asrange"}, {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"}, @@ -187,9 +193,9 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"}, {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED),"operation not defined"}, {ERR_REASON(X509V3_R_OTHERNAME_ERROR) ,"othername error"}, -{ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED),"policy language alreadty defined"}, +{ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),"policy language already defined"}, {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"}, -{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED),"policy path length alreadty defined"}, +{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),"policy path length already defined"}, {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"}, {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"}, {ERR_REASON(X509V3_R_SECTION_NOT_FOUND) ,"section not found"}, @@ -200,6 +206,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"}, {ERR_REASON(X509V3_R_UNKNOWN_OPTION) ,"unknown option"}, {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"}, +{ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) ,"unsupported type"}, {ERR_REASON(X509V3_R_USER_TOO_LONG) ,"user too long"}, {0,NULL} }; diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h index 9ef83da755..b308abe7cd 100644 --- a/src/lib/libcrypto/x509v3/x509v3.h +++ b/src/lib/libcrypto/x509v3/x509v3.h @@ -76,12 +76,19 @@ typedef void * (*X509V3_EXT_NEW)(void); typedef void (*X509V3_EXT_FREE)(void *); typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long); typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); -typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); -typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); -typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext); -typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str); -typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent); -typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str); +typedef STACK_OF(CONF_VALUE) * + (*X509V3_EXT_I2V)(const struct v3_ext_method *method, void *ext, + STACK_OF(CONF_VALUE) *extlist); +typedef void * (*X509V3_EXT_V2I)(const struct v3_ext_method *method, + struct v3_ext_ctx *ctx, + STACK_OF(CONF_VALUE) *values); +typedef char * (*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext); +typedef void * (*X509V3_EXT_S2I)(const struct v3_ext_method *method, + struct v3_ext_ctx *ctx, const char *str); +typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext, + BIO *out, int indent); +typedef void * (*X509V3_EXT_R2I)(const struct v3_ext_method *method, + struct v3_ext_ctx *ctx, const char *str); /* V3 extension structure */ @@ -220,24 +227,41 @@ union { GENERAL_NAMES *fullname; STACK_OF(X509_NAME_ENTRY) *relativename; } name; +/* If relativename then this contains the full distribution point name */ +X509_NAME *dpname; } DIST_POINT_NAME; - -typedef struct DIST_POINT_st { +/* All existing reasons */ +#define CRLDP_ALL_REASONS 0x807f + +#define CRL_REASON_NONE -1 +#define CRL_REASON_UNSPECIFIED 0 +#define CRL_REASON_KEY_COMPROMISE 1 +#define CRL_REASON_CA_COMPROMISE 2 +#define CRL_REASON_AFFILIATION_CHANGED 3 +#define CRL_REASON_SUPERSEDED 4 +#define CRL_REASON_CESSATION_OF_OPERATION 5 +#define CRL_REASON_CERTIFICATE_HOLD 6 +#define CRL_REASON_REMOVE_FROM_CRL 8 +#define CRL_REASON_PRIVILEGE_WITHDRAWN 9 +#define CRL_REASON_AA_COMPROMISE 10 + +struct DIST_POINT_st { DIST_POINT_NAME *distpoint; ASN1_BIT_STRING *reasons; GENERAL_NAMES *CRLissuer; -} DIST_POINT; +int dp_reasons; +}; typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS; DECLARE_STACK_OF(DIST_POINT) DECLARE_ASN1_SET_OF(DIST_POINT) -typedef struct AUTHORITY_KEYID_st { +struct AUTHORITY_KEYID_st { ASN1_OCTET_STRING *keyid; GENERAL_NAMES *issuer; ASN1_INTEGER *serial; -} AUTHORITY_KEYID; +}; /* Strong extranet structures */ @@ -303,10 +327,10 @@ typedef struct GENERAL_SUBTREE_st { DECLARE_STACK_OF(GENERAL_SUBTREE) -typedef struct NAME_CONSTRAINTS_st { +struct NAME_CONSTRAINTS_st { STACK_OF(GENERAL_SUBTREE) *permittedSubtrees; STACK_OF(GENERAL_SUBTREE) *excludedSubtrees; -} NAME_CONSTRAINTS; +}; typedef struct POLICY_CONSTRAINTS_st { ASN1_INTEGER *requireExplicitPolicy; @@ -329,6 +353,31 @@ typedef struct PROXY_CERT_INFO_EXTENSION_st DECLARE_ASN1_FUNCTIONS(PROXY_POLICY) DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION) +struct ISSUING_DIST_POINT_st + { + DIST_POINT_NAME *distpoint; + int onlyuser; + int onlyCA; + ASN1_BIT_STRING *onlysomereasons; + int indirectCRL; + int onlyattr; + }; + +/* Values in idp_flags field */ +/* IDP present */ +#define IDP_PRESENT 0x1 +/* IDP values inconsistent */ +#define IDP_INVALID 0x2 +/* onlyuser true */ +#define IDP_ONLYUSER 0x4 +/* onlyCA true */ +#define IDP_ONLYCA 0x8 +/* onlyattr true */ +#define IDP_ONLYATTR 0x10 +/* indirectCRL true */ +#define IDP_INDIRECT 0x20 +/* onlysomereasons present */ +#define IDP_REASONS 0x40 #define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ ",name:", val->name, ",value:", val->value); @@ -373,6 +422,7 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION) #define EXFLAG_PROXY 0x400 #define EXFLAG_INVALID_POLICY 0x800 +#define EXFLAG_FRESHEST 0x1000 #define KU_DIGITAL_SIGNATURE 0x0080 #define KU_NON_REPUDIATION 0x0040 @@ -424,9 +474,10 @@ typedef struct x509_purpose_st { #define X509_PURPOSE_CRL_SIGN 6 #define X509_PURPOSE_ANY 7 #define X509_PURPOSE_OCSP_HELPER 8 +#define X509_PURPOSE_TIMESTAMP_SIGN 9 #define X509_PURPOSE_MIN 1 -#define X509_PURPOSE_MAX 8 +#define X509_PURPOSE_MAX 9 /* Flags for X509V3_EXT_print() */ @@ -471,6 +522,9 @@ DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID) DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) DECLARE_ASN1_FUNCTIONS(GENERAL_NAME) +GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a); +int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b); + ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, @@ -486,11 +540,18 @@ DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES) STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist); -GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); +GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); DECLARE_ASN1_FUNCTIONS(OTHERNAME) DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME) +int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b); +void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value); +void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype); +int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, + ASN1_OBJECT *oid, ASN1_TYPE *value); +int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, + ASN1_OBJECT **poid, ASN1_TYPE **pvalue); char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); @@ -507,6 +568,11 @@ DECLARE_ASN1_FUNCTIONS(NOTICEREF) DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS) DECLARE_ASN1_FUNCTIONS(DIST_POINT) DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME) +DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT) + +int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname); + +int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc); DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) @@ -524,11 +590,16 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS) DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS) DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS) +GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, + const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, + int gen_type, char *value, int is_nc); + #ifdef HEADER_CONF_H -GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - CONF_VALUE *cnf); -GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc); +GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, + CONF_VALUE *cnf); +GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, + const X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc); void X509V3_conf_free(CONF_VALUE *val); X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value); @@ -538,18 +609,23 @@ int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert) int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req); int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); -X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value); -X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value); -int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert); -int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req); -int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); +X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, + int ext_nid, char *value); +X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, + char *name, char *value); +int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, + char *section, X509 *cert); +int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, + char *section, X509_REQ *req); +int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, + char *section, X509_CRL *crl); int X509V3_add_value_bool_nf(char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist); + STACK_OF(CONF_VALUE) **extlist); int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool); int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint); void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf); -void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash); +void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash); #endif char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section); @@ -576,8 +652,8 @@ int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist); int X509V3_EXT_add_alias(int nid_to, int nid_from); void X509V3_EXT_cleanup(void); -X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); -X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); +const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); +const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); int X509V3_add_standard_extensions(void); STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line); void *X509V3_EXT_d2i(X509_EXTENSION *ext); @@ -587,8 +663,8 @@ void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx); X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags); -char *hex_to_string(unsigned char *buffer, long len); -unsigned char *string_to_hex(char *str, long *len); +char *hex_to_string(const unsigned char *buffer, long len); +unsigned char *string_to_hex(const char *str, long *len); int name_cmp(const char *name, const char *cmp); void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, @@ -603,6 +679,7 @@ int X509_check_purpose(X509 *x, int id, int ca); int X509_supported_extension(X509_EXTENSION *ex); int X509_PURPOSE_set(int *p, int purpose); int X509_check_issued(X509 *issuer, X509 *subject); +int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid); int X509_PURPOSE_get_count(void); X509_PURPOSE * X509_PURPOSE_get0(int idx); int X509_PURPOSE_get_by_sname(char *sname); @@ -616,10 +693,10 @@ int X509_PURPOSE_get_trust(X509_PURPOSE *xp); void X509_PURPOSE_cleanup(void); int X509_PURPOSE_get_id(X509_PURPOSE *); -STACK *X509_get1_email(X509 *x); -STACK *X509_REQ_get1_email(X509_REQ *x); -void X509_email_free(STACK *sk); -STACK *X509_get1_ocsp(X509 *x); +STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x); +STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x); +void X509_email_free(STACK_OF(OPENSSL_STRING) *sk); +STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x); ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc); ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc); @@ -628,6 +705,7 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, unsigned long chtype); void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent); +DECLARE_STACK_OF(X509_POLICY_NODE) #ifndef OPENSSL_NO_RFC3779 @@ -787,8 +865,9 @@ void ERR_load_X509V3_strings(void); /* Error codes for the X509V3 functions. */ /* Function codes. */ -#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 156 -#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 157 +#define X509V3_F_A2I_GENERAL_NAME 164 +#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 161 +#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 162 #define X509V3_F_COPY_EMAIL 122 #define X509V3_F_COPY_ISSUER 123 #define X509V3_F_DO_DIRNAME 144 @@ -796,6 +875,7 @@ void ERR_load_X509V3_strings(void); #define X509V3_F_DO_EXT_I2D 135 #define X509V3_F_DO_EXT_NCONF 151 #define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148 +#define X509V3_F_GNAMES_FROM_SECTNAME 156 #define X509V3_F_HEX_TO_STRING 111 #define X509V3_F_I2S_ASN1_ENUMERATED 121 #define X509V3_F_I2S_ASN1_IA5STRING 149 @@ -812,13 +892,14 @@ void ERR_load_X509V3_strings(void); #define X509V3_F_S2I_ASN1_OCTET_STRING 112 #define X509V3_F_S2I_ASN1_SKEY_ID 114 #define X509V3_F_S2I_SKEY_ID 115 +#define X509V3_F_SET_DIST_POINT_NAME 158 #define X509V3_F_STRING_TO_HEX 113 #define X509V3_F_SXNET_ADD_ID_ASC 125 #define X509V3_F_SXNET_ADD_ID_INTEGER 126 #define X509V3_F_SXNET_ADD_ID_ULONG 127 #define X509V3_F_SXNET_GET_ID_ASC 128 #define X509V3_F_SXNET_GET_ID_ULONG 129 -#define X509V3_F_V2I_ASIDENTIFIERS 158 +#define X509V3_F_V2I_ASIDENTIFIERS 163 #define X509V3_F_V2I_ASN1_BIT_STRING 101 #define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139 #define X509V3_F_V2I_AUTHORITY_KEYID 119 @@ -827,6 +908,7 @@ void ERR_load_X509V3_strings(void); #define X509V3_F_V2I_EXTENDED_KEY_USAGE 103 #define X509V3_F_V2I_GENERAL_NAMES 118 #define X509V3_F_V2I_GENERAL_NAME_EX 117 +#define X509V3_F_V2I_IDP 157 #define X509V3_F_V2I_IPADDRBLOCKS 159 #define X509V3_F_V2I_ISSUER_ALT 153 #define X509V3_F_V2I_NAME_CONSTRAINTS 147 @@ -855,6 +937,7 @@ void ERR_load_X509V3_strings(void); #define X509V3_R_BN_DEC2BN_ERROR 100 #define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 #define X509V3_R_DIRNAME_ERROR 149 +#define X509V3_R_DISTPOINT_ALREADY_SET 160 #define X509V3_R_DUPLICATE_ZONE_ID 133 #define X509V3_R_ERROR_CONVERTING_ZONE 131 #define X509V3_R_ERROR_CREATING_EXTENSION 144 @@ -868,12 +951,13 @@ void ERR_load_X509V3_strings(void); #define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151 #define X509V3_R_ILLEGAL_HEX_DIGIT 113 #define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152 -#define X509V3_R_INVALID_ASNUMBER 160 -#define X509V3_R_INVALID_ASRANGE 161 +#define X509V3_R_INVALID_MULTIPLE_RDNS 161 +#define X509V3_R_INVALID_ASNUMBER 162 +#define X509V3_R_INVALID_ASRANGE 163 #define X509V3_R_INVALID_BOOLEAN_STRING 104 #define X509V3_R_INVALID_EXTENSION_STRING 105 -#define X509V3_R_INVALID_INHERITANCE 162 -#define X509V3_R_INVALID_IPADDRESS 163 +#define X509V3_R_INVALID_INHERITANCE 165 +#define X509V3_R_INVALID_IPADDRESS 166 #define X509V3_R_INVALID_NAME 106 #define X509V3_R_INVALID_NULL_ARGUMENT 107 #define X509V3_R_INVALID_NULL_NAME 108 @@ -901,9 +985,9 @@ void ERR_load_X509V3_strings(void); #define X509V3_R_ODD_NUMBER_OF_DIGITS 112 #define X509V3_R_OPERATION_NOT_DEFINED 148 #define X509V3_R_OTHERNAME_ERROR 147 -#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 155 +#define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155 #define X509V3_R_POLICY_PATH_LENGTH 156 -#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 157 +#define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157 #define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158 #define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159 #define X509V3_R_SECTION_NOT_FOUND 150 @@ -914,6 +998,7 @@ void ERR_load_X509V3_strings(void); #define X509V3_R_UNKNOWN_EXTENSION_NAME 130 #define X509V3_R_UNKNOWN_OPTION 120 #define X509V3_R_UNSUPPORTED_OPTION 117 +#define X509V3_R_UNSUPPORTED_TYPE 167 #define X509V3_R_USER_TOO_LONG 132 #ifdef __cplusplus diff --git a/src/lib/libcrypto/x86_64cpuid.pl b/src/lib/libcrypto/x86_64cpuid.pl index 8946b464a8..b771a8539d 100644 --- a/src/lib/libcrypto/x86_64cpuid.pl +++ b/src/lib/libcrypto/x86_64cpuid.pl @@ -1,110 +1,38 @@ #!/usr/bin/env perl -$output=shift; -$masm=1 if ($output =~ /\.asm/); -open STDOUT,">$output" || die "can't open $output: $!"; - -print<<___ if(defined($masm)); -_TEXT SEGMENT -PUBLIC OPENSSL_rdtsc - -PUBLIC OPENSSL_atomic_add -ALIGN 16 -OPENSSL_atomic_add PROC - mov eax,DWORD PTR[rcx] -\$Lspin: lea r8,DWORD PTR[rdx+rax] -lock cmpxchg DWORD PTR[rcx],r8d - jne \$Lspin - mov eax,r8d - cdqe - ret -OPENSSL_atomic_add ENDP - -PUBLIC OPENSSL_wipe_cpu -ALIGN 16 -OPENSSL_wipe_cpu PROC - pxor xmm0,xmm0 - pxor xmm1,xmm1 - pxor xmm2,xmm2 - pxor xmm3,xmm3 - pxor xmm4,xmm4 - pxor xmm5,xmm5 - xor rcx,rcx - xor rdx,rdx - xor r8,r8 - xor r9,r9 - xor r10,r10 - xor r11,r11 - lea rax,QWORD PTR[rsp+8] - ret -OPENSSL_wipe_cpu ENDP -_TEXT ENDS +$flavour = shift; +$output = shift; +if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } -CRT\$XIU SEGMENT -EXTRN OPENSSL_cpuid_setup:PROC -DQ OPENSSL_cpuid_setup -CRT\$XIU ENDS +$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); -___ -print<<___ if(!defined($masm)); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +open STDOUT,"| $^X ${dir}perlasm/x86_64-xlate.pl $flavour $output"; + +if ($win64) { $arg1="%rcx"; $arg2="%rdx"; } +else { $arg1="%rdi"; $arg2="%rsi"; } +print<<___; #include +.extern OPENSSL_cpuid_setup +.section .init + call PIC_PLT(OPENSSL_cpuid_setup) .text .globl OPENSSL_atomic_add -.type OPENSSL_atomic_add,\@function +.type OPENSSL_atomic_add,\@abi-omnipotent .align 16 OPENSSL_atomic_add: - movl (%rdi),%eax -.Lspin: leaq (%rsi,%rax),%r8 -lock; cmpxchgl %r8d,(%rdi) + movl ($arg1),%eax +.Lspin: leaq ($arg2,%rax),%r8 + .byte 0xf0 # lock + cmpxchgl %r8d,($arg1) jne .Lspin movl %r8d,%eax - .byte 0x48,0x98 + .byte 0x48,0x98 # cltq/cdqe ret .size OPENSSL_atomic_add,.-OPENSSL_atomic_add -.globl OPENSSL_wipe_cpu -.type OPENSSL_wipe_cpu,\@function -.align 16 -OPENSSL_wipe_cpu: - pxor %xmm0,%xmm0 - pxor %xmm1,%xmm1 - pxor %xmm2,%xmm2 - pxor %xmm3,%xmm3 - pxor %xmm4,%xmm4 - pxor %xmm5,%xmm5 - pxor %xmm6,%xmm6 - pxor %xmm7,%xmm7 - pxor %xmm8,%xmm8 - pxor %xmm9,%xmm9 - pxor %xmm10,%xmm10 - pxor %xmm11,%xmm11 - pxor %xmm12,%xmm12 - pxor %xmm13,%xmm13 - pxor %xmm14,%xmm14 - pxor %xmm15,%xmm15 - xorq %rcx,%rcx - xorq %rdx,%rdx - xorq %rsi,%rsi - xorq %rdi,%rdi - xorq %r8,%r8 - xorq %r9,%r9 - xorq %r10,%r10 - xorq %r11,%r11 - leaq 8(%rsp),%rax - ret -.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu - -.section .init - call PIC_PLT(OPENSSL_cpuid_setup) - -___ - -open STDOUT,"| $^X perlasm/x86_64-xlate.pl $output"; -print<<___; -.text - .globl OPENSSL_rdtsc .type OPENSSL_rdtsc,\@abi-omnipotent .align 16 @@ -123,6 +51,8 @@ OPENSSL_ia32_cpuid: xor %eax,%eax cpuid + mov %eax,%r11d # max value for standard query level + xor %eax,%eax cmp \$0x756e6547,%ebx # "Genu" setne %al @@ -132,8 +62,54 @@ OPENSSL_ia32_cpuid: or %eax,%r9d cmp \$0x6c65746e,%ecx # "ntel" setne %al - or %eax,%r9d + or %eax,%r9d # 0 indicates Intel CPU + jz .Lintel + + cmp \$0x68747541,%ebx # "Auth" + setne %al + mov %eax,%r10d + cmp \$0x69746E65,%edx # "enti" + setne %al + or %eax,%r10d + cmp \$0x444D4163,%ecx # "cAMD" + setne %al + or %eax,%r10d # 0 indicates AMD CPU + jnz .Lintel + + # AMD specific + mov \$0x80000000,%eax + cpuid + cmp \$0x80000008,%eax + jb .Lintel + + mov \$0x80000008,%eax + cpuid + movzb %cl,%r10 # number of cores - 1 + inc %r10 # number of cores + + mov \$1,%eax + cpuid + bt \$28,%edx # test hyper-threading bit + jnc .Ldone + shr \$16,%ebx # number of logical processors + cmp %r10b,%bl + ja .Ldone + and \$0xefffffff,%edx # ~(1<<28) + jmp .Ldone + +.Lintel: + cmp \$4,%r11d + mov \$-1,%r10d + jb .Lnocacheinfo + + mov \$4,%eax + mov \$0,%ecx # query L1D + cpuid + mov %eax,%r10d + shr \$14,%r10d + and \$0xfff,%r10d # number of cores -1 per L1D +.Lnocacheinfo: mov \$1,%eax cpuid cmp \$0,%r9d @@ -146,6 +122,11 @@ OPENSSL_ia32_cpuid: .Lnotintel: bt \$28,%edx # test hyper-threading bit jnc .Ldone + and \$0xefffffff,%edx # ~(1<<28) + cmp \$0,%r10d + je .Ldone + + or \$0x10000000,%edx # 1<<28 shr \$16,%ebx cmp \$1,%bl # see if cache is shared ja .Ldone @@ -157,5 +138,96 @@ OPENSSL_ia32_cpuid: or %rcx,%rax ret .size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid + +.globl OPENSSL_cleanse +.type OPENSSL_cleanse,\@abi-omnipotent +.align 16 +OPENSSL_cleanse: + xor %rax,%rax + cmp \$15,$arg2 + jae .Lot + cmp \$0,$arg2 + je .Lret +.Little: + mov %al,($arg1) + sub \$1,$arg2 + lea 1($arg1),$arg1 + jnz .Little +.Lret: + ret +.align 16 +.Lot: + test \$7,$arg1 + jz .Laligned + mov %al,($arg1) + lea -1($arg2),$arg2 + lea 1($arg1),$arg1 + jmp .Lot +.Laligned: + mov %rax,($arg1) + lea -8($arg2),$arg2 + test \$-8,$arg2 + lea 8($arg1),$arg1 + jnz .Laligned + cmp \$0,$arg2 + jne .Little + ret +.size OPENSSL_cleanse,.-OPENSSL_cleanse +___ + +print<<___ if (!$win64); +.globl OPENSSL_wipe_cpu +.type OPENSSL_wipe_cpu,\@abi-omnipotent +.align 16 +OPENSSL_wipe_cpu: + pxor %xmm0,%xmm0 + pxor %xmm1,%xmm1 + pxor %xmm2,%xmm2 + pxor %xmm3,%xmm3 + pxor %xmm4,%xmm4 + pxor %xmm5,%xmm5 + pxor %xmm6,%xmm6 + pxor %xmm7,%xmm7 + pxor %xmm8,%xmm8 + pxor %xmm9,%xmm9 + pxor %xmm10,%xmm10 + pxor %xmm11,%xmm11 + pxor %xmm12,%xmm12 + pxor %xmm13,%xmm13 + pxor %xmm14,%xmm14 + pxor %xmm15,%xmm15 + xorq %rcx,%rcx + xorq %rdx,%rdx + xorq %rsi,%rsi + xorq %rdi,%rdi + xorq %r8,%r8 + xorq %r9,%r9 + xorq %r10,%r10 + xorq %r11,%r11 + leaq 8(%rsp),%rax + ret +.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu ___ +print<<___ if ($win64); +.globl OPENSSL_wipe_cpu +.type OPENSSL_wipe_cpu,\@abi-omnipotent +.align 16 +OPENSSL_wipe_cpu: + pxor %xmm0,%xmm0 + pxor %xmm1,%xmm1 + pxor %xmm2,%xmm2 + pxor %xmm3,%xmm3 + pxor %xmm4,%xmm4 + pxor %xmm5,%xmm5 + xorq %rcx,%rcx + xorq %rdx,%rdx + xorq %r8,%r8 + xorq %r9,%r9 + xorq %r10,%r10 + xorq %r11,%r11 + leaq 8(%rsp),%rax + ret +.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu +___ + close STDOUT; # flush -- cgit v1.2.3-55-g6feb